x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev, @in6=@dev}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000005c0)={<r6=>0x0}, &(0x7f0000000600)=0xc)
ptrace$poke(0x4, r6, &(0x7f0000000780), 0xc9)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000380)={"6272696467653000800000000040f400"})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/mcfilter\x00')
alarm(0x7fffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r8=>0x0, 0x1, 0x81}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={r8, 0x7}, &(0x7f0000000840)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f00003b9fdc)={0xfffffffffffffffe, 0x1000, 0x400000, 0x4, 0x49f, 0xf687, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x200, 0x1})
r10 = accept(r3, &(0x7f0000000880)=@in={0x0, 0x0, @multicast2}, &(0x7f0000000900)=0x80)
syz_open_pts(r9, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @dev, <r11=>0x0}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_IPV6_PKTINFO(r10, 0x29, 0x32, &(0x7f00000003c0)={@local={0xfe, 0x80, [], 0xaa}, r11}, 0x14)
ioctl$FIONREAD(r7, 0x541b, &(0x7f0000000040))
accept4(r4, &(0x7f0000000940)=@hci, &(0x7f0000000700)=0x80, 0x20080000)
getsockopt$inet6_int(r3, 0x29, 0x50, &(0x7f0000000000), &(0x7f0000000040)=0x4)
kcmp(r1, r2, 0x0, r0, r0)
ioctl$sock_SIOCBRDELBR(r7, 0x89a1, &(0x7f00000002c0)='gre0\x00')

03:40:37 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = gettid()
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f00000000c0)=r2)

[ 1298.258212] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1298.265104] bridge0: port 1(bridge_slave_0) entered disabled state
03:40:37 executing program 4:
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000100)={0x6ffffffc}, 0x8, 0x0)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000200)=""/162, 0xa2}], 0x167)
timer_create(0x3, &(0x7f000004c000)={0x0, 0x15}, &(0x7f0000000080))
timer_settime(0x0, 0x100000001, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x7}}, &(0x7f000004afe0))

[ 1298.439417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1298.446069] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1298.595577] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1298.602189] bridge0: port 1(bridge_slave_0) entered disabled state
03:40:37 executing program 0:
open(&(0x7f000000cff8)='./file0\x00', 0x80040, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0)
r1 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000340)={0x206, &(0x7f0000000300)=[{0x40, 0x81, 0xe864, 0x5}, {0xfffffffffffff804, 0x0, 0xdb, 0x8000}, {0x8, 0x10001, 0x100000001, 0xfffffffffffeffff}]}, 0xfffffeca)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev, @in6=@dev}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000005c0)={<r6=>0x0}, &(0x7f0000000600)=0xc)
ptrace$poke(0x4, r6, &(0x7f0000000780), 0xc9)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000380)={"6272696467653000800000000040f400"})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/mcfilter\x00')
alarm(0x7fffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r8=>0x0, 0x1, 0x81}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={r8, 0x7}, &(0x7f0000000840)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f00003b9fdc)={0xfffffffffffffffe, 0x1000, 0x400000, 0x4, 0x49f, 0xf687, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x200, 0x1})
r10 = accept(r3, &(0x7f0000000880)=@in={0x0, 0x0, @multicast2}, &(0x7f0000000900)=0x80)
syz_open_pts(r9, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @dev, <r11=>0x0}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_IPV6_PKTINFO(r10, 0x29, 0x32, &(0x7f00000003c0)={@local={0xfe, 0x80, [], 0xaa}, r11}, 0x14)
ioctl$FIONREAD(r7, 0x541b, &(0x7f0000000040))
accept4(r4, &(0x7f0000000940)=@hci, &(0x7f0000000700)=0x80, 0x20080000)
getsockopt$inet6_int(r3, 0x29, 0x50, &(0x7f0000000000), &(0x7f0000000040)=0x4)
kcmp(r1, r2, 0x0, r0, r0)
ioctl$sock_SIOCBRDELBR(r7, 0x89a1, &(0x7f00000002c0)='gre0\x00')

[ 1298.767848] device bridge_slave_1 left promiscuous mode
[ 1298.773501] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1298.791408] device bridge_slave_0 left promiscuous mode
[ 1298.797243] bridge0: port 1(bridge_slave_0) entered disabled state
03:40:37 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = gettid()
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f00000000c0)=r2)

[ 1298.836278] device bridge_slave_1 left promiscuous mode
[ 1298.842080] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1298.863982] device bridge_slave_0 left promiscuous mode
[ 1298.869630] bridge0: port 1(bridge_slave_0) entered disabled state
03:40:37 executing program 2:
open(&(0x7f000000cff8)='./file0\x00', 0x80040, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0)
r1 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000340)={0x206, &(0x7f0000000300)=[{0x40, 0x81, 0xe864, 0x5}, {0xfffffffffffff804, 0x0, 0xdb, 0x8000}, {0x8, 0x10001, 0x100000001, 0xfffffffffffeffff}]}, 0xfffffeca)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev, @in6=@dev}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000005c0)={<r6=>0x0}, &(0x7f0000000600)=0xc)
ptrace$poke(0x4, r6, &(0x7f0000000780), 0xc9)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000380)={"6272696467653000800000000040f400"})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/mcfilter\x00')
alarm(0x7fffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r8=>0x0, 0x1, 0x81}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={r8, 0x7}, &(0x7f0000000840)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f00003b9fdc)={0xfffffffffffffffe, 0x1000, 0x400000, 0x4, 0x49f, 0xf687, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x200, 0x1})
r10 = accept(r3, &(0x7f0000000880)=@in={0x0, 0x0, @multicast2}, &(0x7f0000000900)=0x80)
syz_open_pts(r9, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @dev, <r11=>0x0}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_IPV6_PKTINFO(r10, 0x29, 0x32, &(0x7f00000003c0)={@local={0xfe, 0x80, [], 0xaa}, r11}, 0x14)
ioctl$FIONREAD(r7, 0x541b, &(0x7f0000000040))
accept4(r4, &(0x7f0000000940)=@hci, &(0x7f0000000700)=0x80, 0x20080000)
getsockopt$inet6_int(r3, 0x29, 0x50, &(0x7f0000000000), &(0x7f0000000040)=0x4)
kcmp(r1, r2, 0x0, r0, r0)
ioctl$sock_SIOCBRDELBR(r7, 0x89a1, &(0x7f00000002c0)='gre0\x00')

03:40:37 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = gettid()
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f00000000c0)=r2)

03:40:38 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xff7000)=nil, 0xff7000, 0x2000002, 0x32, 0xffffffffffffffff, 0x0)
ioctl$BLKROGET(r1, 0x125e, &(0x7f00000000c0))

[ 1298.896750] device bridge_slave_1 left promiscuous mode
[ 1298.902341] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1298.932884] device bridge_slave_0 left promiscuous mode
[ 1298.938453] bridge0: port 1(bridge_slave_0) entered disabled state
03:40:38 executing program 6:
open(&(0x7f000000cff8)='./file0\x00', 0x80040, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0)
r1 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000340)={0x206, &(0x7f0000000300)=[{0x40, 0x81, 0xe864, 0x5}, {0xfffffffffffff804, 0x0, 0xdb, 0x8000}, {0x8, 0x10001, 0x100000001, 0xfffffffffffeffff}]}, 0xfffffeca)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev, @in6=@dev}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000005c0)={<r6=>0x0}, &(0x7f0000000600)=0xc)
ptrace$poke(0x4, r6, &(0x7f0000000780), 0xc9)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000380)={"6272696467653000800000000040f400"})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/mcfilter\x00')
alarm(0x7fffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r8=>0x0, 0x1, 0x81}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={r8, 0x7}, &(0x7f0000000840)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f00003b9fdc)={0xfffffffffffffffe, 0x1000, 0x400000, 0x4, 0x49f, 0xf687, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x200, 0x1})
r10 = accept(r3, &(0x7f0000000880)=@in={0x0, 0x0, @multicast2}, &(0x7f0000000900)=0x80)
syz_open_pts(r9, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @dev, <r11=>0x0}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_IPV6_PKTINFO(r10, 0x29, 0x32, &(0x7f00000003c0)={@local={0xfe, 0x80, [], 0xaa}, r11}, 0x14)
ioctl$FIONREAD(r7, 0x541b, &(0x7f0000000040))
accept4(r4, &(0x7f0000000940)=@hci, &(0x7f0000000700)=0x80, 0x20080000)
getsockopt$inet6_int(r3, 0x29, 0x50, &(0x7f0000000000), &(0x7f0000000040)=0x4)
kcmp(r1, r2, 0x0, r0, r0)
ioctl$sock_SIOCBRDELBR(r7, 0x89a1, &(0x7f00000002c0)='gre0\x00')

03:40:38 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = gettid()
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f00000000c0)=r2)

[ 1298.976233] device bridge_slave_1 left promiscuous mode
[ 1298.981851] bridge0: port 2(bridge_slave_1) entered disabled state
03:40:38 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000f61000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
fcntl$setstatus(r0, 0x408, 0x6000)

03:40:38 executing program 1:
open(&(0x7f000000cff8)='./file0\x00', 0x80040, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0)
r1 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000340)={0x206, &(0x7f0000000300)=[{0x40, 0x81, 0xe864, 0x5}, {0xfffffffffffff804, 0x0, 0xdb, 0x8000}, {0x8, 0x10001, 0x100000001, 0xfffffffffffeffff}]}, 0xfffffeca)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev, @in6=@dev}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000005c0)={<r6=>0x0}, &(0x7f0000000600)=0xc)
ptrace$poke(0x4, r6, &(0x7f0000000780), 0xc9)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000380)={"6272696467653000800000000040f400"})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/mcfilter\x00')
alarm(0x7fffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r8=>0x0, 0x1, 0x81}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={r8, 0x7}, &(0x7f0000000840)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f00003b9fdc)={0xfffffffffffffffe, 0x1000, 0x400000, 0x4, 0x49f, 0xf687, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x200, 0x1})
r10 = accept(r3, &(0x7f0000000880)=@in={0x0, 0x0, @multicast2}, &(0x7f0000000900)=0x80)
syz_open_pts(r9, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @dev, <r11=>0x0}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_IPV6_PKTINFO(r10, 0x29, 0x32, &(0x7f00000003c0)={@local={0xfe, 0x80, [], 0xaa}, r11}, 0x14)
ioctl$FIONREAD(r7, 0x541b, &(0x7f0000000040))
accept4(r4, &(0x7f0000000940)=@hci, &(0x7f0000000700)=0x80, 0x20080000)
getsockopt$inet6_int(r3, 0x29, 0x50, &(0x7f0000000000), &(0x7f0000000040)=0x4)
kcmp(r1, r2, 0x0, r0, r0)
ioctl$sock_SIOCBRDELBR(r7, 0x89a1, &(0x7f00000002c0)='gre0\x00')

[ 1299.017412] device bridge_slave_0 left promiscuous mode
[ 1299.023152] bridge0: port 1(bridge_slave_0) entered disabled state
03:40:38 executing program 3:
sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
socketpair$unix(0x1, 0x400000002, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$lock(r1, 0x8000000000000007, &(0x7f0000000000))
fcntl$lock(r1, 0x26, &(0x7f000001d000)={0x8000000000000001})
dup3(r0, r1, 0x0)

03:40:38 executing program 2:
open(&(0x7f000000cff8)='./file0\x00', 0x80040, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0)
r1 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000340)={0x206, &(0x7f0000000300)=[{0x40, 0x81, 0xe864, 0x5}, {0xfffffffffffff804, 0x0, 0xdb, 0x8000}, {0x8, 0x10001, 0x100000001, 0xfffffffffffeffff}]}, 0xfffffeca)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev, @in6=@dev}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000005c0)={<r6=>0x0}, &(0x7f0000000600)=0xc)
ptrace$poke(0x4, r6, &(0x7f0000000780), 0xc9)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000380)={"6272696467653000800000000040f400"})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/mcfilter\x00')
alarm(0x7fffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r8=>0x0, 0x1, 0x81}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={r8, 0x7}, &(0x7f0000000840)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f00003b9fdc)={0xfffffffffffffffe, 0x1000, 0x400000, 0x4, 0x49f, 0xf687, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x200, 0x1})
r10 = accept(r3, &(0x7f0000000880)=@in={0x0, 0x0, @multicast2}, &(0x7f0000000900)=0x80)
syz_open_pts(r9, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @dev, <r11=>0x0}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_IPV6_PKTINFO(r10, 0x29, 0x32, &(0x7f00000003c0)={@local={0xfe, 0x80, [], 0xaa}, r11}, 0x14)
ioctl$FIONREAD(r7, 0x541b, &(0x7f0000000040))
accept4(r4, &(0x7f0000000940)=@hci, &(0x7f0000000700)=0x80, 0x20080000)
getsockopt$inet6_int(r3, 0x29, 0x50, &(0x7f0000000000), &(0x7f0000000040)=0x4)
kcmp(r1, r2, 0x0, r0, r0)
ioctl$sock_SIOCBRDELBR(r7, 0x89a1, &(0x7f00000002c0)='gre0\x00')

03:40:38 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000f61000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
fcntl$setstatus(r0, 0x408, 0x6000)

03:40:38 executing program 6:
open(&(0x7f000000cff8)='./file0\x00', 0x80040, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0)
r1 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000340)={0x206, &(0x7f0000000300)=[{0x40, 0x81, 0xe864, 0x5}, {0xfffffffffffff804, 0x0, 0xdb, 0x8000}, {0x8, 0x10001, 0x100000001, 0xfffffffffffeffff}]}, 0xfffffeca)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev, @in6=@dev}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000005c0)={<r6=>0x0}, &(0x7f0000000600)=0xc)
ptrace$poke(0x4, r6, &(0x7f0000000780), 0xc9)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000380)={"6272696467653000800000000040f400"})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/mcfilter\x00')
alarm(0x7fffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r8=>0x0, 0x1, 0x81}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={r8, 0x7}, &(0x7f0000000840)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f00003b9fdc)={0xfffffffffffffffe, 0x1000, 0x400000, 0x4, 0x49f, 0xf687, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x200, 0x1})
r10 = accept(r3, &(0x7f0000000880)=@in={0x0, 0x0, @multicast2}, &(0x7f0000000900)=0x80)
syz_open_pts(r9, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @dev, <r11=>0x0}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_IPV6_PKTINFO(r10, 0x29, 0x32, &(0x7f00000003c0)={@local={0xfe, 0x80, [], 0xaa}, r11}, 0x14)
ioctl$FIONREAD(r7, 0x541b, &(0x7f0000000040))
accept4(r4, &(0x7f0000000940)=@hci, &(0x7f0000000700)=0x80, 0x20080000)
getsockopt$inet6_int(r3, 0x29, 0x50, &(0x7f0000000000), &(0x7f0000000040)=0x4)
kcmp(r1, r2, 0x0, r0, r0)
ioctl$sock_SIOCBRDELBR(r7, 0x89a1, &(0x7f00000002c0)='gre0\x00')

03:40:38 executing program 7:
open(&(0x7f000000cff8)='./file0\x00', 0x80040, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0)
r1 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000340)={0x206, &(0x7f0000000300)=[{0x40, 0x81, 0xe864, 0x5}, {0xfffffffffffff804, 0x0, 0xdb, 0x8000}, {0x8, 0x10001, 0x100000001, 0xfffffffffffeffff}]}, 0xfffffeca)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev, @in6=@dev}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000005c0)={<r6=>0x0}, &(0x7f0000000600)=0xc)
ptrace$poke(0x4, r6, &(0x7f0000000780), 0xc9)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000380)={"6272696467653000800000000040f400"})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/mcfilter\x00')
alarm(0x7fffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r8=>0x0, 0x1, 0x81}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={r8, 0x7}, &(0x7f0000000840)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f00003b9fdc)={0xfffffffffffffffe, 0x1000, 0x400000, 0x4, 0x49f, 0xf687, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x200, 0x1})
r10 = accept(r3, &(0x7f0000000880)=@in={0x0, 0x0, @multicast2}, &(0x7f0000000900)=0x80)
syz_open_pts(r9, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @dev, <r11=>0x0}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_IPV6_PKTINFO(r10, 0x29, 0x32, &(0x7f00000003c0)={@local={0xfe, 0x80, [], 0xaa}, r11}, 0x14)
ioctl$FIONREAD(r7, 0x541b, &(0x7f0000000040))
accept4(r4, &(0x7f0000000940)=@hci, &(0x7f0000000700)=0x80, 0x20080000)
getsockopt$inet6_int(r3, 0x29, 0x50, &(0x7f0000000000), &(0x7f0000000040)=0x4)
kcmp(r1, r2, 0x0, r0, r0)
ioctl$sock_SIOCBRDELBR(r7, 0x89a1, &(0x7f00000002c0)='gre0\x00')

03:40:38 executing program 0:
r0 = socket$l2tp(0x18, 0x1, 0x1)
fcntl$lock(r0, 0x5, &(0x7f0000000000)={0x0, 0x2})

03:40:38 executing program 4:
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000100)={0x6ffffffc}, 0x8, 0x0)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000200)=""/162, 0xa2}], 0x167)
timer_create(0x3, &(0x7f000004c000)={0x0, 0x15}, &(0x7f0000000080))
timer_settime(0x0, 0x100000001, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x7}}, &(0x7f000004afe0))

03:40:38 executing program 1:
open(&(0x7f000000cff8)='./file0\x00', 0x80040, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0)
r1 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000340)={0x206, &(0x7f0000000300)=[{0x40, 0x81, 0xe864, 0x5}, {0xfffffffffffff804, 0x0, 0xdb, 0x8000}, {0x8, 0x10001, 0x100000001, 0xfffffffffffeffff}]}, 0xfffffeca)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev, @in6=@dev}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000005c0)={<r6=>0x0}, &(0x7f0000000600)=0xc)
ptrace$poke(0x4, r6, &(0x7f0000000780), 0xc9)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000380)={"6272696467653000800000000040f400"})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/mcfilter\x00')
alarm(0x7fffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r8=>0x0, 0x1, 0x81}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={r8, 0x7}, &(0x7f0000000840)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f00003b9fdc)={0xfffffffffffffffe, 0x1000, 0x400000, 0x4, 0x49f, 0xf687, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x200, 0x1})
r10 = accept(r3, &(0x7f0000000880)=@in={0x0, 0x0, @multicast2}, &(0x7f0000000900)=0x80)
syz_open_pts(r9, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @dev, <r11=>0x0}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_IPV6_PKTINFO(r10, 0x29, 0x32, &(0x7f00000003c0)={@local={0xfe, 0x80, [], 0xaa}, r11}, 0x14)
ioctl$FIONREAD(r7, 0x541b, &(0x7f0000000040))
accept4(r4, &(0x7f0000000940)=@hci, &(0x7f0000000700)=0x80, 0x20080000)
getsockopt$inet6_int(r3, 0x29, 0x50, &(0x7f0000000000), &(0x7f0000000040)=0x4)
kcmp(r1, r2, 0x0, r0, r0)
ioctl$sock_SIOCBRDELBR(r7, 0x89a1, &(0x7f00000002c0)='gre0\x00')

03:40:38 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000f61000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
fcntl$setstatus(r0, 0x408, 0x6000)

03:40:38 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil})
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000580)={0x0, 0xa7a, "af5d2c426093c388d6bc076c9ee98e5a11c2fb3322e5b4dd05f0d9aae72ea5f77b3abfae5b9a94d20816ed293ad8ad61093008d5b98e71aede686f2bace222f28a3df977ab3c8ef16c3326239d0268cce296e4fabbacb74b6147ef8bc19dfba4387e2b5304d46c3af86190095831d8a6ad4e5807833c728ca6fbdf0d3161bde950e3a740c7422ba45a1c8fb2f2855f2779d6e59aa9d0e09840395e8361aa6c87e3efb45e1650000a164a363902b7f9561af2041375332d024cc8704aa6751081a2dc57ba6c36cf54647407c245970c1fd399f6bffc9e0878bb68570a37ddb88c2c5cd415180318ab03b100b6fbc6971c4307362ef0ad86649c89afabcb2a8bfef072dafff6b9213b4c7839e529972407c76017f89e0df4314fec4628bd9d4e37e7f0ce16f5f9c93eeb43c601d997f23a23d316324c84b6de811f561ba0dd8ae041876e797830f08be8ba40ab07ff6c7a40711d4331560c21eaddd1cda9e0d532f0f4f33440deaba168dd68a433476b9bbe75761c2bb8b3b04cafcced030654dd0d149e2a0d8688500167e6bce00518b44ed260f049cbd4e8e72b935a0a2a74a314e9bf8bdeb138e80eeccb588bb69b622d083a6f4d208140dad6a6cd8664aa738318946737898197f647b13d5382e8c3c67991c80393278dfb542abdccc8c1197f41937bfb83593d14c6d898f728f1050e9b7b0a301aa2f4638f581b2d044740bf1164440ac6a0f8e7d01471556e5ecd8b06f8a7410f79d556c9b3bd6ab7a3bb96249a0000feaac01704b116538c54c830a75dbfc2ab79ef2a7630499a077b5782cbef6060e076960f819eb3c8e0d018b9b57054d0de21ab19b8fab9448d7d1cd86cb47dd6f5dfe3def14a70b7383be7f5eb27161af4bbb09142874fd2d83fe6d57e24d1b7bf8bbcc739d907c6b1675e0e15ea57b87f3466b97092939e02f7a2f1484a0c2dd7bc411c0d4e315c73f75639f9e47b3796fd9a30fd788df6865bd4e1585b3f44ba5a7aa16adfffff5e0a57c2dc2017a4aa152893d654e39e116b38a76db9590b2f3882aa8a071d422bef3af065dc3c4bdb1b9977724a3a4264b0d5f4c3fa925b3025b83e99c85ad3275a6132c425da7838c9ecc0571bbbe666f001a9e3c064de1163dd495d8cf95577d677558ce3979e087666296f0ee8f40b18802505bc76c2db567da12a2d2c0f3123be5eb9fadf0ee745131fbe2d69dd54dfc18a94b4660df11a6e24529e24516895457def64528acb262ed0241a070d057022d7c3011c10e333a7f4584360e7c51363baecb171556d9e0ddc1d5579e45092a9e67c8f6288a90a1d20f91c99920b7d37140f8b7c6239f9a71feedbf81132a6e74a2d2e2459e237667798a1abd461221a49577587f7f86ba72a6e58e305543c176c60062d9d2cfa178f799235e8b6c5ba0b075e0224df171fad3ee51248b6cf0424aff0bbee84c4298643cbd6f0dec6dddd2f3347b2dc71ff8ee5674fbf7d9bde7ac62b5c63facfc03472956f3ecf2ab67a3bacc4f8069f5f32741a58c1179156b8e807de1af7468a2c01070611e510271ca10fed9065cfba0cf9465a305672e3d0c3fe05a6aedf2de3343082d83c226bc7833bf67587c77038d81008dcf4242b6917ef6550358b3e33823b6d9462cea0ca3582c4c88ad25e1d25a1dd67621c962faa4c1251cc04ad8f7ad11e5ab5684b5e57d15f41aa5524d51bb26027102755a4c88c6171411dd799695e92304c199bd3714448191593c9a8ffe874841448f8986e282c4783b432e103751e956db34a2c56b8bfadd192b387210d3038e059b70356138bdae121342cfc6f4186400c09fe082b2851ec1ef527fed0c15d4bb2a736396e77010d57136a6ee466adc9d55dba9addcf067922639689553380aa08d1243494b7f3308849ea3a925c84b15181bb942553ba3591bdfd773b496ac2ba05ea16336a1eb51d0e53d5541a828bb8a4a7f69d773d6f9ba085fff016e9c83ecb4e88e81a07d96510cdc4d16680b36b79b84dae8e6dc79bb5ad426a2f79ade2f3a587ab459f1f0773884a51b10f8b217b4f298a5bf997df236cbce3af723976f3df12bdde515b187a77734004c9bc56a445091b172c9870eefcb3716c98a06ff05fd48e552b4cbc8822ec5fcf39977803e449df7e9ae5909050367c596f271699c7bbb94068b7efb3aca4bba03bb5176dc68ed276c5d388402207f481732c2756372c2d840b8953968dc9aaa5237f66fcfeabc0656f6cb58181c252eabbeae141bdc1c87afc0190b2dd29be3de9466414d98236b9970b4f3587cf4cda1353b57631ac5014d87e5f1800c94d2c2731a098341d5ee6478fb5acf3bb2413971e69326bd35201710c2fcf121a6e2ee6137eb906fa4ce020a7399885e81d927d11092462c02bc886b451c8b7b4487c158ad4ff94b5743cab6fd9146dcfa58108816ef13f4e2e3009d8c4c3589c3fbbeb94a43e771b08336619cb5052877c1df8eee8c0bc346e6b4cb8d7a370372105ce66413926e29956dffeaad9adc3c9c732562da7ad315c314a9e921f0b2154d60fd87275f0981bfbeabedcc5cf5f04e3b0630bbc3553f044b7e2ab21a9819a24ce8dc8fac87c7547999e53fc95763d2eba6c78fe6a27d707e9249f9684f6e1e7576e350e987580754c8fb418d4ea59f61e43fd676aed0d119ab83f7c31f710d21a1f5db47f5cd4a201f7738717d18baa78dad9d6d2a29560f49fa21f1bd822d2dd6d7b24cc49a3597b9370c658674defd8eee4a3ed9bb23f11a8f023d21745a144cf93c5b98814e5fe18714f3ff3feb33fd090bf16c82092f2c97e2de9c1e9270dc02616e7ddc56ca0a57849c249b328832a60f3c65f36100dcb2a991523eefdd06468a00d6ac3dc32e86e85e5db679bb2b15ae7c1d1283975e6713323fe75d85353d27dd0378c55c82ac2fedbeed0c71085cb5287ae776d56033853380f63cea0070850c5506b1cdc28d0a7d41bed32c53d7e28cf56d1a194552776e8f54577c6326f5c484aa572ed79b4efcd0150510f6e08fcca52b6e92d3c4260bc8f8a95ac35b0c4f63c63d2e523f86184267884ff427694e0ade1df2c548d0150c276af2aded6d881930804cda92123e26dc2ddbcbeaf39e695c49f5b0b464def16a537353d02be252455494b61de78f21ef258f5fa45c471099cec645e3172198d1f26e4df69c4dd74af6822a77572e80ed5814677f391e93ade3679d0748a643177993b02e367ee124056b74664af8232b66b0eda88ca603933499084b125392e577d2587b0ee9d350dd3a94efbdf03c8807d5ac24411ccff68962d8ded1a9b1aaabc5cb4c4426d90e2dd8722548adbb52c5cbc88c7c48534bcb8d5b3cb40dff621bb990777a40a68acb09f3f2fd43ab1bd77cef4d91c8ea47bf0107f99bf1022d85f2982e3f995e54da1a8090111c0c1733bf8b7f2e618e6811bb59044a2e31e4b4611c83c3e1056f47a7e7f5023778ef1301ba2dd41ff599bf2286c40a619c355194cf2cc48af670a112e0f241a37490dc37a33a56cab3335ef028add106f03f10d7852aec42046ab9de3d8e54843a4379800bdb53b6772d4a308c4c6914a0ae0b2eec19cc0db8d9459cae997cdf2b221508720a5d103a05251ffa86a36c7c7d3fa3ba19f4153741f316201d4f01838e1974db546c7b7bec8009c277ce4a0ecf08e3e80d92cee916b093ba6d7b0634e422ee6bda88aa2a3a1efa9b1bc69aec9b2fdc12529d52e4910efa04338b01c4691d46df3ee387532a22297117252d3af8a10caa071a9541af9441ad27e74aee1"}, &(0x7f00000000c0)=0xa82)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:40:38 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={"6c6f00aeabd1cd0000000000f9ff00", <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000240)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=@ipv4_newaddr={0x44, 0x14, 0x9, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r1}, [@IFA_FLAGS={0x8, 0x8}, @IFA_LABEL={0x14, 0x3, 'vlan0\x00'}, @IFA_LOCAL={0x8, 0x2, @multicast2=0xe0000002}, @IFA_BROADCAST={0x8, 0x4, @broadcast=0xffffffff}]}, 0x44}, 0x1}, 0x0)

03:40:38 executing program 7:
open(&(0x7f000000cff8)='./file0\x00', 0x80040, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0)
r1 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000340)={0x206, &(0x7f0000000300)=[{0x40, 0x81, 0xe864, 0x5}, {0xfffffffffffff804, 0x0, 0xdb, 0x8000}, {0x8, 0x10001, 0x100000001, 0xfffffffffffeffff}]}, 0xfffffeca)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev, @in6=@dev}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f00000005c0)={<r6=>0x0}, &(0x7f0000000600)=0xc)
ptrace$poke(0x4, r6, &(0x7f0000000780), 0xc9)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000380)={"6272696467653000800000000040f400"})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/mcfilter\x00')
alarm(0x7fffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r8=>0x0, 0x1, 0x81}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r7, 0x84, 0x7b, &(0x7f0000000280)={r8, 0x7}, &(0x7f0000000840)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f00003b9fdc)={0xfffffffffffffffe, 0x1000, 0x400000, 0x4, 0x49f, 0xf687, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x200, 0x1})
r10 = accept(r3, &(0x7f0000000880)=@in={0x0, 0x0, @multicast2}, &(0x7f0000000900)=0x80)
syz_open_pts(r9, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @dev, <r11=>0x0}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_IPV6_PKTINFO(r10, 0x29, 0x32, &(0x7f00000003c0)={@local={0xfe, 0x80, [], 0xaa}, r11}, 0x14)
ioctl$FIONREAD(r7, 0x541b, &(0x7f0000000040))
accept4(r4, &(0x7f0000000940)=@hci, &(0x7f0000000700)=0x80, 0x20080000)
getsockopt$inet6_int(r3, 0x29, 0x50, &(0x7f0000000000), &(0x7f0000000040)=0x4)
kcmp(r1, r2, 0x0, r0, r0)
ioctl$sock_SIOCBRDELBR(r7, 0x89a1, &(0x7f00000002c0)='gre0\x00')

03:40:38 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200000000010000b90200000001000084811f4ce10000001e000000000000000050ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900))

03:40:38 executing program 5:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000f61000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
fcntl$setstatus(r0, 0x408, 0x6000)

03:40:38 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000001280)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(cfb(twofish-asm),ghash-clmulni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000002d40)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)='X', 0x1}], 0x1, &(0x7f0000001200)=[@assoc={0x18, 0x117, 0x4}, @op={0x18, 0x117, 0x3}], 0x30}, {0x0, 0x0, &(0x7f0000002ac0), 0x0, &(0x7f0000002b40)}], 0x2, 0x0)

03:40:38 executing program 2:
socket$packet(0x11, 0x3, 0x300)
r0 = socket$netlink(0x10, 0x3, 0x4)
write(r0, &(0x7f0000000080)="2700000014000707030e0000120f0a0011000100f51d060000c98c11aebaf9c40414ce0080401f", 0x27)

[ 1299.519582] REISERFS warning (device loop0): sh-2011 read_super_block: can't find a reiserfs filesystem on (dev loop0, block 16, size 4096)
[ 1299.532485] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0
[ 1299.635199] REISERFS warning (device loop0): sh-2011 read_super_block: can't find a reiserfs filesystem on (dev loop0, block 16, size 4096)
[ 1299.648121] REISERFS warning (device loop0): sh-2021 reiserfs_fill_super: can not find reiserfs on loop0
03:40:39 executing program 3:
sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
socketpair$unix(0x1, 0x400000002, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$lock(r1, 0x8000000000000007, &(0x7f0000000000))
fcntl$lock(r1, 0x26, &(0x7f000001d000)={0x8000000000000001})
dup3(r0, r1, 0x0)

03:40:39 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r1, 0x10d, 0x10, &(0x7f000079bffc), &(0x7f0000000000)=0x4)

03:40:39 executing program 1:
r0 = syz_open_dev$sndseq(&(0x7f0000ff0ff3)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85321, &(0x7f0000000280)={{0x80}, 'port0\x00'})

03:40:39 executing program 5:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fallocate(r0, 0x0, 0x0, 0x8000011)
fallocate(r0, 0x8, 0x0, 0x10000)

03:40:39 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xda0}]})

03:40:39 executing program 7:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x101, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x3305, &(0x7f00000001c0))

[ 1300.013769] Restarting kernel threads ... done.
03:40:39 executing program 6:
r0 = syz_open_dev$sg(&(0x7f00000002c0)='/dev/sg#\x00', 0x0, 0x200000000000001)
capset(&(0x7f0000000140)={0x20071026}, &(0x7f0000000180))
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x97, &(0x7f0000000080)=""/151}, &(0x7f0000000340)="bffdc7f9a05d", &(0x7f0000000300)=""/62, 0x0, 0x0, 0x0, &(0x7f0000000040)})

03:40:39 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xda0}]})

03:40:39 executing program 7:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x101, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x3305, &(0x7f00000001c0))

03:40:39 executing program 5:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fallocate(r0, 0x0, 0x0, 0x8000011)
fallocate(r0, 0x8, 0x0, 0x10000)

03:40:39 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x2)
ioctl(r0, 0x4000008912, &(0x7f0000000040)="295ee1311f16f477671070")
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070")
r2 = inotify_init1(0xfffffffffffffffe)
r3 = getpgrp(0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000340))
fcntl$getown(r0, 0x9)
getpgrp(0x0)
r4 = getpgrp(0xffffffffffffffff)
getpgrp(r3)
r5 = getpgid(r4)
fcntl$setown(r1, 0x8, r5)
fcntl$getownex(r2, 0x10, &(0x7f0000000040))
socketpair(0x202000, 0x400080808, 0xff, &(0x7f0000000300)={<r6=>0xffffffffffffffff})
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f0000000600)={0x0, 0x200000, 0x401, 0x9, 0x0, 0x2})
r7 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
socket$inet6_udplite(0xa, 0x2, 0x88)
r8 = epoll_create(0x20)
syz_genetlink_get_family_id$ipvs(&(0x7f00000004c0)='IPVS\x00')
ioctl$void(r0, 0x5451)
sendmsg$IPVS_CMD_GET_DAEMON(r6, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x802}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB="b0000000"], 0x1}, 0x1, 0x0, 0x0, 0x20000040}, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000080))
mq_timedsend(r7, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000e0b000))
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000500)={0x81, 0x0, [0x8, 0x0, 0x8, 0x908]})
ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000580)=ANY=[@ANYBLOB="3368000000000000ffffffffffffffff0200000000000000"])
ppoll(&(0x7f0000000180)=[{r8, 0x8000}, {r8}, {r7, 0x200}, {r8, 0x24d0}], 0x4, &(0x7f00000000c0)={0x0, 0x1c9c380}, &(0x7f0000000100)={0x3063}, 0x8)
socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000140))
semget$private(0x0, 0x7, 0x2)

03:40:39 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x0, 0x0)
sendfile(r0, r1, &(0x7f00000001c0), 0x8f)

03:40:39 executing program 4:
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000100)={0x6ffffffc}, 0x8, 0x0)
readv(r0, &(0x7f0000000140)=[{&(0x7f0000000200)=""/162, 0xa2}], 0x167)
timer_create(0x3, &(0x7f000004c000)={0x0, 0x15}, &(0x7f0000000080))
timer_settime(0x0, 0x100000001, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x7}}, &(0x7f000004afe0))

03:40:39 executing program 5:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fallocate(r0, 0x0, 0x0, 0x8000011)
fallocate(r0, 0x8, 0x0, 0x10000)

03:40:39 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x0, 0x0)
sendfile(r0, r1, &(0x7f00000001c0), 0x8f)

03:40:39 executing program 6:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x101, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x3305, &(0x7f00000001c0))

[ 1300.202502] Restarting kernel threads ... done.
03:40:39 executing program 7:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x101, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x3305, &(0x7f00000001c0))

03:40:39 executing program 3:
sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
socketpair$unix(0x1, 0x400000002, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$lock(r1, 0x8000000000000007, &(0x7f0000000000))
fcntl$lock(r1, 0x26, &(0x7f000001d000)={0x8000000000000001})
dup3(r0, r1, 0x0)

03:40:39 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xda0}]})

03:40:39 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x0, 0x0)
sendfile(r0, r1, &(0x7f00000001c0), 0x8f)

03:40:39 executing program 6:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x101, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x3305, &(0x7f00000001c0))

03:40:39 executing program 5:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fallocate(r0, 0x0, 0x0, 0x8000011)
fallocate(r0, 0x8, 0x0, 0x10000)

03:40:39 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x2)
ioctl(r0, 0x4000008912, &(0x7f0000000040)="295ee1311f16f477671070")
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070")
r2 = inotify_init1(0xfffffffffffffffe)
r3 = getpgrp(0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000340))
fcntl$getown(r0, 0x9)
getpgrp(0x0)
r4 = getpgrp(0xffffffffffffffff)
getpgrp(r3)
r5 = getpgid(r4)
fcntl$setown(r1, 0x8, r5)
fcntl$getownex(r2, 0x10, &(0x7f0000000040))
socketpair(0x202000, 0x400080808, 0xff, &(0x7f0000000300)={<r6=>0xffffffffffffffff})
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f0000000600)={0x0, 0x200000, 0x401, 0x9, 0x0, 0x2})
r7 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
socket$inet6_udplite(0xa, 0x2, 0x88)
r8 = epoll_create(0x20)
syz_genetlink_get_family_id$ipvs(&(0x7f00000004c0)='IPVS\x00')
ioctl$void(r0, 0x5451)
sendmsg$IPVS_CMD_GET_DAEMON(r6, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x802}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB="b0000000"], 0x1}, 0x1, 0x0, 0x0, 0x20000040}, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000080))
mq_timedsend(r7, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000e0b000))
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000500)={0x81, 0x0, [0x8, 0x0, 0x8, 0x908]})
ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000580)=ANY=[@ANYBLOB="3368000000000000ffffffffffffffff0200000000000000"])
ppoll(&(0x7f0000000180)=[{r8, 0x8000}, {r8}, {r7, 0x200}, {r8, 0x24d0}], 0x4, &(0x7f00000000c0)={0x0, 0x1c9c380}, &(0x7f0000000100)={0x3063}, 0x8)
socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000140))
semget$private(0x0, 0x7, 0x2)

[ 1300.886748] Restarting kernel threads ... done.
03:40:40 executing program 5:
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$SG_GET_NUM_WAITING(r0, 0x2286, &(0x7f0000000000))

03:40:40 executing program 7:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x101, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x3305, &(0x7f00000001c0))

03:40:40 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x0, 0x0)
sendfile(r0, r1, &(0x7f00000001c0), 0x8f)

03:40:40 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x2)
ioctl(r0, 0x4000008912, &(0x7f0000000040)="295ee1311f16f477671070")
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070")
r2 = inotify_init1(0xfffffffffffffffe)
r3 = getpgrp(0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000340))
fcntl$getown(r0, 0x9)
getpgrp(0x0)
r4 = getpgrp(0xffffffffffffffff)
getpgrp(r3)
r5 = getpgid(r4)
fcntl$setown(r1, 0x8, r5)
fcntl$getownex(r2, 0x10, &(0x7f0000000040))
socketpair(0x202000, 0x400080808, 0xff, &(0x7f0000000300)={<r6=>0xffffffffffffffff})
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f0000000600)={0x0, 0x200000, 0x401, 0x9, 0x0, 0x2})
r7 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
socket$inet6_udplite(0xa, 0x2, 0x88)
r8 = epoll_create(0x20)
syz_genetlink_get_family_id$ipvs(&(0x7f00000004c0)='IPVS\x00')
ioctl$void(r0, 0x5451)
sendmsg$IPVS_CMD_GET_DAEMON(r6, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x802}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB="b0000000"], 0x1}, 0x1, 0x0, 0x0, 0x20000040}, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000080))
mq_timedsend(r7, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000e0b000))
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000500)={0x81, 0x0, [0x8, 0x0, 0x8, 0x908]})
ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000580)=ANY=[@ANYBLOB="3368000000000000ffffffffffffffff0200000000000000"])
ppoll(&(0x7f0000000180)=[{r8, 0x8000}, {r8}, {r7, 0x200}, {r8, 0x24d0}], 0x4, &(0x7f00000000c0)={0x0, 0x1c9c380}, &(0x7f0000000100)={0x3063}, 0x8)
socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000140))
semget$private(0x0, 0x7, 0x2)

03:40:40 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xda0}]})

03:40:40 executing program 4:
perf_event_open(&(0x7f0000014f88)={0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000454000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, &(0x7f0000aed000), &(0x7f0000922ffc), &(0x7f0000291000), &(0x7f0000c12000))
time(&(0x7f0000000040))

03:40:40 executing program 6:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x101, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x3305, &(0x7f00000001c0))

03:40:40 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000003080)={<r0=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f000000d8c0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)='#', 0x1}], 0x1}}], 0x1, 0x0)

03:40:40 executing program 5:
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$SG_GET_NUM_WAITING(r0, 0x2286, &(0x7f0000000000))

03:40:40 executing program 2:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
read(r0, &(0x7f0000000380)=""/47, 0x2f)

[ 1301.143710] Restarting kernel threads ... done.
03:40:40 executing program 3:
sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
socketpair$unix(0x1, 0x400000002, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$lock(r1, 0x8000000000000007, &(0x7f0000000000))
fcntl$lock(r1, 0x26, &(0x7f000001d000)={0x8000000000000001})
dup3(r0, r1, 0x0)

03:40:40 executing program 6:
keyctl$update(0x2, 0x0, &(0x7f0000371000)="96d51d924cf956a6d75bd948c1f7fe61d4cdd393b4dbe4ef9fc4e2406b4112f468aa2c6e8d7a4b3af334f4fbc128d0e2278e0a597c680ab47e2bc8bde1ba30211cf99b03ec994458eebf68688ece7ef17fb835bedc73c7363dee3bebd2000000274c1f6a64370c6fd08ae90e9537b95cb87b58fb2db7d58da79c474f4ead3c97d74b4d783d3a1a75910142a1ba299f75f4ea3bba48514e8a12df0b90b0f6b49280f62a7000420fee1f00c9ae8cdbe0fea16b1900353fc8340c39d1c1b4c3f96d6241aa4e2c7b33abbd6518f85c7ca6c9704f66b85bb397cb643bee0aece2e5dd20430c4e62c98a2cec074d9214bc3492ad332f0515ba1bd44806eb4b82b4970ffe583cb3a5d373e264c5f86031a4891fa1c77bd56de569e3e116978f11974873a7d17e74c9206121d998039ee33d0ee419a2b877e624150eac35020b84e4d3be2493184414947b739a57a12be35b465d8bdbd0e1bc1ddace003dc32ebfe6d31fe2e3d08b989da5a1715065cc0c4f3fbc59034e134e75e5bc566a79bb4ed2509e5ddf3e57b5d7b36d1ed2db55e218f965dfcfd1bded451b36fe4fe651989f9a34f36b6959ed2283dc78c32933ada4cd1e6da9755e19148b594c79d10d8fe518ad762d24d1b01a2f82021397bfb81067dabf405a9c6244396db8b00de2656ae5d74258b568aa7c04999baf23fe8dc229627cc026dbbf17bcf5b38b4eddae63e4924891dcd3716a9a9bb0a5a4c76fe7bb68d22ef7ebbab8a13cfe92d34595e04b76c309427fa25a42d9e81c93c50b43905e6684f9a638fd2684d128b606d42da8eb086fae1273ecee369423959ff5465937709f23efca5bec3fc2b9b413867d4add32a96d1cda12c3b129da868426bd48a8ecb57785667c8d45655391d10e1f44a7668572db8e9aafd9f14b653ae31fb5782d6838bbbfc08c3299e78fbc0f1239165e7bd3bd56319e0af666b7751f179019ed282946cdb558c0cab3aefbf47a38966b8c13d99651845ce3368766444931d028ce29518885a7d61e4963e66df4a83e250db898d77dbaca6efa52c70b05dfdac27e12febaf1071779a640d4f44155aa58a631271dcf06dbf67d39dbb98f6185fd62911113399fa7d48167588a69541da97c7d2466ed645fa1178a2fc23baabcc62ac19e323925a715d62780a7f021b0a173d25c6fc229138b1ebacac308bf561e3875c3cd8fc0363d7f6e17548d55588fac52c8c33e3e5104ba1ae6b7109deba4ad7fda0244f5a4c8c169971b6e31ef7a6b2a41a5c89e66dd68f1740e1c035e4a1ffd5800a4a95c0ef356ea1fb6ded90b45ac4d503b33268a3a1373185570c5f12f5c8fda30ff9e47ba95775bf33673fdbdb4c1e37256c9103080bb4b3336919996a0624f7b0ddac65df1d63995e88fb06726df293cf3c5a8fa9f45fe675a870ef6caa5ddf2b4b81a554cea67a63ad3452cd700203dce7fdaa2daed78c260c353ce05763ca9285355c78ac9afd13cd8b32233422c42bca1ba6c412069f143145e0419df699f5b1d0faff9f09aa813ec147b92641b37d3c05738d5b443d1529e71c84e91732cb8dd9fdafc692ea79a08e8fb0ce62e682b70dce147deff0ff5278687970d81647b3de3d800afc6028661f5e72d2134451edec15b8675dbabcc97747312623ecc4c6f8f936fc6a2b6080ccef8317144eeda3e7fa4934c3078ee4e792e3577a93d7af6df3e4e99f16232a26e5f4b37a19ee22978cd3ebb35a49b232875421a3e70b8bb1da1018eda90db9c170b952ffdff55fe262c97d4f6ee0d15f7e823e69fb56e8cad38b7ae57387eb803e1b321d77bfdab1fd1cb6b01f8c027fc6f72a5b578fd9832899ece68b158cb4f67a89bc7c1060c89dd2ecf59e1a265a6dd73bbc8d319daeb1d52ae1411306921169cf05d236aca17617604f67a82d56a277a4d55224e4c67970ccaf6987cab44a3f06c617a07ae5bd9b6b5f8902c986a790d1f20cd0f00f1443ad147542c9ea403abfefbe6c31d556e07c2eb70bf4d8cb786605b5aec33b5e8db2e65fd5c6e0a47d0812568e0d88e4a5e32ce620d264543bcff00052517beedbce7d985d17dfbcbf7f8b6e78e7fb0f92505a98f4ed750ee394e7c9742aaeae265592a6693168e53b6e8e2ddd795240f160fabdeee25bb146395d3a75b64f27c16b78bd4c7185aa4357322d3dcf8c7c0accf04c8fd6fe85f708e52d71a4465b448275e386bbde4b03155170b420ec9b244ea019e43f184f0c9f817d59bcd697ab36764fb7052cccdbc9df7bb98c2d48b6251156e993e60ecbc79e312dc8420644bdeab304dc80142279a8a23a129ef4185858c565bcf794a192d1689cd5c75e5a365873468e0bb9dbc3962dc6fca6c3364a3c38b688ba2bde3159e5603d3cc4e5fa26bfe5dd3c91f1ba1972e1a446c8a9d1e00b89bce37591944addd467fb28ab48dd9696af521512aea672c7502f905ccbbf6cead570493d9785d31257257b0a9eb0830f143bf7e0f6e939a7604065d574105f7fd078aa0b6f5b42f4c672993d5b8c6b4eabd1ded85a784ade5db0985c84630792340478f1bdfb09cc9bc3715599e31376b6ccf3397122c35009312a3707dcbfa5b943327cb70c6d0c760afcb411e7bdc3a5afc191fc7046dd4c1f9014faa557110673bf0b45b53664846fb8b39ba8a93279c1f140d94f5e0bdfc56ebcf4dd66b574a3773e7dc1388bcd4b28e0fed37e421ab3622e5e1ee1d965639a3b5b647299a0fbd2e59840c7bb75be7bfe179b5f3f48aa23eae413809211b344353551cedd3c8fa436c71c3e67b81db795593b67c64e07128c63abeb58ca658683fad1d0602d56f2f714ab7772c674733d7130f236d515bb092d55f214f7ae15f73945cc77d7dfa45de6ac87fce2bede19fbd3e6265084f5a22db5d9407dbb288c6a41ad3da2f00d9ec86aca9c5a3c9c56ca2cc01f61f0c3e88d1c63f1c79b65c1a032e800fbb5a088213aa6fe0eb7578fd9ae35f11eae8e90fae4d9e65ec6fc6daedfc6a02f66f5faff26e53d2c63e0fb8da7f1d8a6b0b7163d62f305f1006a75b3e8287030ffc90a2606b0f2522b09f132e8642283cfa68c9ffe855968687f778118b7ad5a69b001afdb68aeaffd0ed0b19b2b77c67dc7acc5140a53e8be64a11f7e74e3254765eb89153148e417f8021fe8569b6d50a21ddf69465106ac36178e1ea124bde2b8b56ddc38b120287fbcec6e285e7bd732b68d3272741999aabd69a9e78ae100f3ec5302c62f41bc94001de92b99a469c16e67599e3c33bb68a009f75da309d62289ed0b9a414ba6566159f0d85c9fc812ac354b322acbea8958163707959fbb2e6b7e503ecb1742a5f4822341fc3ce396a7715ae2073e65dccb90291e1679b8a9edec4dd9a068f7f457ea1a1e7271fe3f50733a0532edb4b0656e953a35ed1fb27501473f8ec962660468c75edf4d34393a2ce956ca338c6211cde29e2d75c64c5d890cfafb64651c915f3eec6d5d2c0bbc8126a8b4ce3002098608bc31eb75790d61fb788eb391720059b8b0feb516884f2ae711010e42d4ecdf869dcb4ed48f2fef17f513ac2f8d34f36c60bbd8200106c44fa13e14ba63cb215f07c94a4ecccb0744fde8229597c248b8e9302504fbd7ffe394d7d285f1c951ecc6681958a0987aa5c14659fb40b1eb71bd9baa2c528625c8545456c23a51332a6105a382cf2757bccdf8af3f17fa99086decbb4ac44bb1607526792d49df4a4eab19dbe1418d53f957c4b60c8fc8af864f7eab6f5ac793c59e575b81845e999757c1727f9d07cb4dd65f7f8a0b8a922ea4ac26a1083f817539072a3f34064740c85a94fdcc5a74d3e765718b0c3bc003e3accbf457473262e359c250c2cb7125df0bc44316fad36653c518af3b9fa177d152e2a29bb6705501799f2e1725e88238f1fe7e20be45ebe9733c183407d543b9219ae5612f2e64615d7c2b971e4dbb19cb259831b0e23cfe559b239b15664cc6ce3701fb81ef01a8d6a69736b730cdac0e878af074fd213c78efca8811a1a88823b8cb768001c106c7f2800b4ed08c967b7e52d1b0526e79748cc68f26cf5b88dcdcd6494c69ca30e79249fc81a480835eedbf27275e779fb6e30d2d57c875e84f83ad5fb8e6e2358b801ebc99cffd295944cde937c32e06d9fdb1f2ee5f71e3e799851bd252fd68a24a08d211b1a9c43467551c869fc0304049c023b639894d054e3ba53db556db15cb5e56ac64de2a5d5565d243851c035c51c6b8bcd58fa8510a03a39a24e8a94189d9149a24ebadbe72a5179cfdafd3cadbf5227ffd4761862627b85da7aca61cff9e3a01fa73612ee7d742fa2c296fd5b288bcf65d3a1866e72144b2d79ae1bc95ad2d111e227eb243a01f5d8d67905c781897906ff1cc51250fda2b6c0e324acbc4b767983f73c70847fb559096d4a2f78fb50eab31487eab8f699600080c9e3ee091a075c714c32ba9a1409167a2637d2a1c354a8db0b853e997270ae34f624cd4c68f348ede01a83435ca5ea8388f86d0d0980b8d98d375a7441ef027826dac38032608b087877a58bc639f20f617d151f36b2a1f867f7f2b90cdf704f6a97d83af7e04e4a318f68fb8f9370d2b81225b16f622b45cc5cca03d661923635eddd62552443d511ac0a71b6ed80b3828cb9553a6b8d987c46f8ad4a90236a70dfa100b69c0c591f680500000018f0227a80bd9fa15de102d134f1e855d1f83223685442e2c3c45ecb9fe1c18293b6ffa6bc14cde98ff856154df669fa28ed12f8a8f3e7012a8f3bacf45ce100745816e62ffcc8cab51610eac696729ba094440ce9e9e02b9b50c6e06dd305bc2fe6d97b1d9f6074d4c955bd5173b80423a4e58fab3e15d02f69c3843446e8458476c3f2cd4f67837cca296dd1eb4379b65703b0f921fa124a1f917365767a67d799c1f342b5ec281818d646db395263dc0089851cde3a7ebbd7e743ea642ff4586cbd9b6aaeb67e3fd2436b646389feb6c98abafeee4d6f35c0d9183a5e800942ffd6110c0b474c42814eaafec897e6c40ad7221adb715407d1def198c0174694286f0ce2dd644f30dcad03229203ff3fc94dd760ea84ed8303b7582e582a391606be4e8ef3229bdc48d5ff05d8840f0d27ce9d3705b61ba36bdf8067c7c543f8659bd24ad0f2bc7743f1032879365ccad52710c9d01c6f01c7048e5ff63935329df06d98b84eb3cc22be38f5b9007e6b4baf344eefb142a7c0ee8fbf464c8e7e296b6618244414ecf47c1481d7fca928a8227f3e43c9eb7ab83aaded8644c2e700877bab490cae26d109496affd77be7a07daffc5dbd499a654b90e0ef4268de03375b27e033e35ac65c25dc5dd5de294e908be7d2a2fe6b20edc6aec10974823fc1f7c7086e0649c3f8348d7b4e828268d999913f6cd355bbf9f336c50189f52587ed41508d134d6fc9d1aba49f8895ffbf4746d9beb299616b16feb225734af8dc7289d04db032505f825c05babc704cf49cb0e3176570eef4df70bcc604c38fb487f3727144b420b1d72eb157e9ae68453cd2016cfe1697ab30c64a4c4e4cec4fa7ce69717a510398387f474b0a2d64c058c1db9b11772bed5e1ab73b93346af16b481bd8403afdd63c852841747b9021145a00266fa327a1707063d770013f8e527c060e7e018ba201445f22e4572b0d70658b74a8feedb2771d6fbc0661c11c9a4e5cdc9212ef229c0398f4660cc392e3993cb1624c1d4a916bc4a25954ec415dda4f55ffc9948dbeb1f13abfcb85efbb18c21ab925da365eab08e3251c435b1c4f7e6885ec2b01d42df2", 0x1001)

03:40:40 executing program 5:
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$SG_GET_NUM_WAITING(r0, 0x2286, &(0x7f0000000000))

03:40:40 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000003080)={<r0=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f000000d8c0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)='#', 0x1}], 0x1}}], 0x1, 0x0)

03:40:40 executing program 7:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(ecb-camellia-asm)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001300)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0)=ANY=[@ANYPTR], 0x8)
recvmsg(r1, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000002c0)=""/4096, 0x34000}], 0x1, &(0x7f0000001400)=""/123, 0x7b}, 0x0)

03:40:40 executing program 2:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
read(r0, &(0x7f0000000380)=""/47, 0x2f)

03:40:40 executing program 0:
r0 = socket$inet6(0xa, 0x1, 0x2)
ioctl(r0, 0x4000008912, &(0x7f0000000040)="295ee1311f16f477671070")
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f760070")
r2 = inotify_init1(0xfffffffffffffffe)
r3 = getpgrp(0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000340))
fcntl$getown(r0, 0x9)
getpgrp(0x0)
r4 = getpgrp(0xffffffffffffffff)
getpgrp(r3)
r5 = getpgid(r4)
fcntl$setown(r1, 0x8, r5)
fcntl$getownex(r2, 0x10, &(0x7f0000000040))
socketpair(0x202000, 0x400080808, 0xff, &(0x7f0000000300)={<r6=>0xffffffffffffffff})
ioctl$VT_RESIZEX(r6, 0x560a, &(0x7f0000000600)={0x0, 0x200000, 0x401, 0x9, 0x0, 0x2})
r7 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
socket$inet6_udplite(0xa, 0x2, 0x88)
r8 = epoll_create(0x20)
syz_genetlink_get_family_id$ipvs(&(0x7f00000004c0)='IPVS\x00')
ioctl$void(r0, 0x5451)
sendmsg$IPVS_CMD_GET_DAEMON(r6, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x802}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB="b0000000"], 0x1}, 0x1, 0x0, 0x0, 0x20000040}, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000080))
mq_timedsend(r7, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000e0b000))
ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000500)={0x81, 0x0, [0x8, 0x0, 0x8, 0x908]})
ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000580)=ANY=[@ANYBLOB="3368000000000000ffffffffffffffff0200000000000000"])
ppoll(&(0x7f0000000180)=[{r8, 0x8000}, {r8}, {r7, 0x200}, {r8, 0x24d0}], 0x4, &(0x7f00000000c0)={0x0, 0x1c9c380}, &(0x7f0000000100)={0x3063}, 0x8)
socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000140))
semget$private(0x0, 0x7, 0x2)

03:40:40 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x1, 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000030, &(0x7f0000013ff4)={@rand_addr, @rand_addr, @multicast1=0xe0000001}, 0x221)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x0, 0x48a, &(0x7f0000000080)={0xf8, 0x1, 0x5bc}, 0xc)
close(r3)
dup3(r1, r2, 0x0)

03:40:40 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000640)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000600)={&(0x7f00000003c0)=@delpolicy={0x5c, 0x14, 0x131, 0x0, 0x0, {{@in6=@mcast2={0xff, 0x2, [], 0x1}, @in6=@local={0xfe, 0x80, [], 0xaa}}}, [@sec_ctx={0xc, 0x8, {0x8, 0x8}}]}, 0x5c}, 0x1}, 0x0)

03:40:40 executing program 2:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
read(r0, &(0x7f0000000380)=""/47, 0x2f)

03:40:40 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000003080)={<r0=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f000000d8c0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)='#', 0x1}], 0x1}}], 0x1, 0x0)

03:40:40 executing program 5:
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$SG_GET_NUM_WAITING(r0, 0x2286, &(0x7f0000000000))

03:40:40 executing program 7:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(ecb-camellia-asm)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001300)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0)=ANY=[@ANYPTR], 0x8)
recvmsg(r1, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000002c0)=""/4096, 0x34000}], 0x1, &(0x7f0000001400)=""/123, 0x7b}, 0x0)

03:40:40 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000640)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000600)={&(0x7f00000003c0)=@delpolicy={0x5c, 0x14, 0x131, 0x0, 0x0, {{@in6=@mcast2={0xff, 0x2, [], 0x1}, @in6=@local={0xfe, 0x80, [], 0xaa}}}, [@sec_ctx={0xc, 0x8, {0x8, 0x8}}]}, 0x5c}, 0x1}, 0x0)

03:40:40 executing program 2:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
read(r0, &(0x7f0000000380)=""/47, 0x2f)

03:40:40 executing program 7:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(ecb-camellia-asm)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001300)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0)=ANY=[@ANYPTR], 0x8)
recvmsg(r1, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000002c0)=""/4096, 0x34000}], 0x1, &(0x7f0000001400)=""/123, 0x7b}, 0x0)

03:40:41 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x1, 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000030, &(0x7f0000013ff4)={@rand_addr, @rand_addr, @multicast1=0xe0000001}, 0x221)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x0, 0x48a, &(0x7f0000000080)={0xf8, 0x1, 0x5bc}, 0xc)
close(r3)
dup3(r1, r2, 0x0)

03:40:41 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000003080)={<r0=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f000000d8c0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)='#', 0x1}], 0x1}}], 0x1, 0x0)

03:40:41 executing program 5:
r0 = socket$pppoe(0x18, 0x1, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x4, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000000000))
sendmmsg(r0, &(0x7f00000000c0)=[{{&(0x7f0000000440)=@ethernet={0x0, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x80, &(0x7f00000016c0)=[{&(0x7f00000015c0)="64f3", 0x2}], 0x1, &(0x7f0000001700)}}], 0x1, 0x0)

03:40:41 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000640)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000600)={&(0x7f00000003c0)=@delpolicy={0x5c, 0x14, 0x131, 0x0, 0x0, {{@in6=@mcast2={0xff, 0x2, [], 0x1}, @in6=@local={0xfe, 0x80, [], 0xaa}}}, [@sec_ctx={0xc, 0x8, {0x8, 0x8}}]}, 0x5c}, 0x1}, 0x0)

03:40:41 executing program 2:
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r0, &(0x7f0000000840)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)
sendto$inet(r0, &(0x7f0000000000)="ba", 0x1, 0x0, &(0x7f000069affb)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)
recvfrom$inet(r0, &(0x7f0000000600)=""/208, 0xd0, 0x0, &(0x7f0000000700)={0x2, 0x0, @multicast1=0xe0000001}, 0x701000)

03:40:41 executing program 3:
r0 = socket(0x11, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'bridge0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000100), 0x0, 0x0, &(0x7f00000001c0)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x1c}}, 0x14)

03:40:41 executing program 7:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(ecb-camellia-asm)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000012c0), 0x0, &(0x7f0000001300)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0)=ANY=[@ANYPTR], 0x8)
recvmsg(r1, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000002c0)=""/4096, 0x34000}], 0x1, &(0x7f0000001400)=""/123, 0x7b}, 0x0)

03:40:41 executing program 0:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x400000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000449fd0)={0x0, 0x0, &(0x7f00004f1f94), 0x1, 0x0, &(0x7f0000901000)="05"})
close(r0)

03:40:41 executing program 7:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0x5)
setresuid(r1, 0x0, 0x0)
setreuid(0x0, 0x0)

03:40:41 executing program 6:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000640)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000600)={&(0x7f00000003c0)=@delpolicy={0x5c, 0x14, 0x131, 0x0, 0x0, {{@in6=@mcast2={0xff, 0x2, [], 0x1}, @in6=@local={0xfe, 0x80, [], 0xaa}}}, [@sec_ctx={0xc, 0x8, {0x8, 0x8}}]}, 0x5c}, 0x1}, 0x0)

03:40:41 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x167, &(0x7f0000000100)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r2, &(0x7f00000015c0)={&(0x7f0000000040)=@pppol2tpin6, 0x80, &(0x7f00000014c0)=[{&(0x7f0000003ec0)=""/4096, 0x1000}], 0x1, &(0x7f0000001580)=""/32, 0x20}, 0x0)

03:40:41 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_S390_UCAS_MAP(0xffffffffffffffff, 0x4018ae50, &(0x7f0000000000)={0x0, 0x2552c84b})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:40:41 executing program 2:
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x15)

03:40:41 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000500)='cgroup.procs\x00', 0x2, 0x0)
sendfile(r1, r1, &(0x7f0000000140)=0x15, 0x10001)

03:40:41 executing program 3:
r0 = socket(0x1e, 0x1000000000005, 0x0)
sendmsg(r0, &(0x7f0000db5fc8)={&(0x7f00004aeb5c)=@generic={0x10000001001e, "030000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48007be61ffe06d79f00000000000000076c3f010039d8f986ff01000000000000af06d5fe32c419d67bcbc7e3ad316a198356edb9b7341c1fd45624281e27800ece70b076c3979ac40000bd767e2e78a1dfd300881a1565b3b16d7436"}, 0x80, &(0x7f00000003c0), 0x0, &(0x7f000016cf61)}, 0x0)
recvmsg$kcm(r0, &(0x7f0000008000)={&(0x7f0000c1d000)=@ax25, 0x10, &(0x7f0000241ff0)=[{&(0x7f00009a9fff)=""/1, 0x1}], 0x1, &(0x7f0000c21000)}, 0x0)
recvmsg(r0, &(0x7f0000a97000)={&(0x7f0000a25ff0)=@ax25, 0x10, &(0x7f00000b6000)=[{&(0x7f0000121000)=""/123, 0x7b}], 0x1, &(0x7f0000e08000)=""/248, 0xf8}, 0x0)

03:40:41 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000356000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000080)={@in6={{0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}, 0x0, 0x5, 0x0, "dcbd7013560987c90ebd84b6e984c7242a057f7f7f8b85f0aba26dc45e69c2db87180107eba9f36e22ba7df5228e6a97e954627eb3966137d05054d92ff0e25078b35ba8d6f9e3ab5b89afb667676ae0"}, 0xd8)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
sendto$inet6(r0, &(0x7f0000000200)='\x00', 0x1, 0x200408d6, &(0x7f0000000180)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}}, 0x1c)

03:40:42 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x1, 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000030, &(0x7f0000013ff4)={@rand_addr, @rand_addr, @multicast1=0xe0000001}, 0x221)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x0, 0x48a, &(0x7f0000000080)={0xf8, 0x1, 0x5bc}, 0xc)
close(r3)
dup3(r1, r2, 0x0)

03:40:42 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6_sctp(0xa, 0x200000000000005, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x3, &(0x7f0000ad2000), &(0x7f0000000080)=0x4)

03:40:42 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0xe})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000909000/0x4000)=nil, 0x4000}, 0x1})
madvise(&(0x7f0000908000/0x4000)=nil, 0x4000, 0x4)
read(r0, &(0x7f000060df9c)=""/100, 0x64)

03:40:42 executing program 6:
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000029000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
poll(&(0x7f0000000240)=[{r2}], 0x20000000000001f7, 0xfffffffffffffff8)
r3 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r3, 0x1000000000016)
dup2(r1, r2)
tkill(r0, 0x16)

03:40:42 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x5}, 0xfc94)
bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x8, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x201a7f1b, 0x85ffffff, 0x201a7fd7, 0xa, 0xab01, 0xffffffc0}], {0x95}}, &(0x7f0000000000)="47504cc000", 0x8, 0x1ac, &(0x7f00001a7f05)=""/251}, 0x48)

03:40:42 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_S390_UCAS_MAP(0xffffffffffffffff, 0x4018ae50, &(0x7f0000000000)={0x0, 0x2552c84b})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:40:42 executing program 0:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x400000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000449fd0)={0x0, 0x0, &(0x7f00004f1f94), 0x1, 0x0, &(0x7f0000901000)="05"})
close(r0)

03:40:42 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000880)="24000000210007031dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0)

03:40:42 executing program 7:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x1bc}, 0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=<r1=>0x0, &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000000240)=0x10)

03:40:42 executing program 7:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x1bc}, 0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=<r1=>0x0, &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000000240)=0x10)

03:40:42 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_S390_UCAS_MAP(0xffffffffffffffff, 0x4018ae50, &(0x7f0000000000)={0x0, 0x2552c84b})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1303.539910] sctp: [Deprecated]: syz-executor7 (pid 12895) Use of int in maxseg socket option.
[ 1303.539910] Use struct sctp_assoc_value instead
[ 1303.558308] sctp: [Deprecated]: syz-executor7 (pid 12898) Use of int in maxseg socket option.
[ 1303.558308] Use struct sctp_assoc_value instead
03:40:42 executing program 7:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x1bc}, 0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=<r1=>0x0, &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000000240)=0x10)

[ 1303.605477] sctp: [Deprecated]: syz-executor7 (pid 12902) Use of int in maxseg socket option.
[ 1303.605477] Use struct sctp_assoc_value instead
03:40:42 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_S390_UCAS_MAP(0xffffffffffffffff, 0x4018ae50, &(0x7f0000000000)={0x0, 0x2552c84b})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:40:42 executing program 7:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x1bc}, 0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=<r1=>0x0, &(0x7f0000000040)=0x4)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000000240)=0x10)

[ 1303.666178] sctp: [Deprecated]: syz-executor7 (pid 12907) Use of int in maxseg socket option.
[ 1303.666178] Use struct sctp_assoc_value instead
03:40:42 executing program 7:
pipe2(&(0x7f00008df000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000040)="ae", 0x1)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000080)='h', 0x1}], 0x1, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r2, 0x1000000000016)
readv(r0, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1)

03:40:42 executing program 5:
r0 = socket(0x10, 0x2, 0x0)
setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000000)=0x80000000, 0x4)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0x5)
setresuid(r1, 0x0, 0x0)
keyctl$session_to_parent(0x12)

[ 1303.733268] sctp: [Deprecated]: syz-executor7 (pid 12913) Use of int in maxseg socket option.
[ 1303.733268] Use struct sctp_assoc_value instead
03:40:43 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x1, 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000030, &(0x7f0000013ff4)={@rand_addr, @rand_addr, @multicast1=0xe0000001}, 0x221)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x0, 0x48a, &(0x7f0000000080)={0xf8, 0x1, 0x5bc}, 0xc)
close(r3)
dup3(r1, r2, 0x0)

03:40:43 executing program 5:
r0 = socket(0x10, 0x2, 0x0)
setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000000)=0x80000000, 0x4)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0x5)
setresuid(r1, 0x0, 0x0)
keyctl$session_to_parent(0x12)

03:40:43 executing program 0:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x400000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000449fd0)={0x0, 0x0, &(0x7f00004f1f94), 0x1, 0x0, &(0x7f0000901000)="05"})
close(r0)

03:40:43 executing program 6:
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000029000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
poll(&(0x7f0000000240)=[{r2}], 0x20000000000001f7, 0xfffffffffffffff8)
r3 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r3, 0x1000000000016)
dup2(r1, r2)
tkill(r0, 0x16)

03:40:43 executing program 3:
r0 = socket$inet6(0xa, 0x1200000000000002, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)
connect(r0, &(0x7f0000000180)=@un=@abs, 0x80)
syz_emit_ethernet(0x437, &(0x7f0000000700)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "c22df7", 0x401, 0x11, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [], 0xaa}, {[], @dccp={{0x0, 0x4e20, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "0087ae", 0x0, "ca8345"}, "2b00b32def4f1142b6793bb530f9b20e90aa25d5c2b9431efd840a07c1922833b2c789aefbbaee9f63cbab38a8acfb8dba0595ecb683e74ea2bc44a7aee9c52e18ca01c06a5c354712b8b1ff75f45ba55a3487c83849023d37e037d2d3e3e842e9ba099e9ed8775d1173d8e78335aa65d58f54c1d78d4fce897cfefa24b7f268f90be76c7f4e1bfe4d84a869353e931c3732afea55697618a1318ecb657b34172b93fd59d7988d43630cf81e976a0ea01fd8b2547ab593bc605c985f56664b84ed3c9f90ffb666e030c794e2d2d5070af38d83dc275da88cfe6910b2ded59f6c418af5d247237eceb14857c1d7c3ee32e729d9793040f8f4e432eb875a89fe31cbed117f0e76643797169fba3dac3f377d145ce97980ba626da7a279e698a9e040a22d63c535f0ee06adb59e9e06ad7295e6601f3a5fe9b581975993c6c775734212bccb26288d42a672c965d40e80d0e1908f04425a60a08241378ec7ff88315de073b64c5f9647e51732be34988e0948f12e6c560bedbece811bca501d4389dbfe20e4df5160cd7324c0670c7b3e8980b061e31b1c8461d6f7a63f9e9fd24326924c076e01631a0b9703a6106accfaa064075fa1f16e16c5171b6a324e8642b2ab76618b824110c312ab12d9f65d6a980634a6a7cba8bf89e01a91259f446232476a1c490982636b78d1300befab1a2f6e8261e07336c5692db37bb7d3cebf4a942b62f2fa6cceb7e488aa02b2e52c6f82bd3792845fff41cce52e0469d14821ce11491864860c11421a92dae3152eb23106a0c679d2b1f0a9809b56abdcf893f9531508f24e64ec911fd8e8b3c8fd2291f1a7b910222c38533d4caadac9acd194be7e53549c1719bdf668887a0e19db83b5356f8f7d93cbef1ef3505dcc40d0d2a02a2745ab518979b9c3774babfe8e70ead767c7a00289b8cc6e51d1a957548270cb3f5064961a88f61b34f9442d78ae5a8551713f9afb4269d689f9adb6b4a902a637184f7f899efe9fa0ddb45cd1076c4eeeda51ca8dc20dcfc9cc5f56768073b3f4c2c9f543324a4fd0b8bc7b95e232bf85bf222394fa4336ab4007d7ad2dc85afa6eb79ad2624c4be6c674ee98fce9a51786b7cc2b5044de114d36d2690e13bcedf96590c7d5aeb8040b74c4d6a5aa38a7c1f0857522f4f968795056b9a7034dc3444784f9486b575e44dec3216d72845500e63297d7197961e7e593ea3411001d1d47ba42d70e7af8e91246c02d7e37ff0eb60abebc37dd00315b4fbb09e77a6b5f7e8441818ebcfafecf622731f1db8a11fa2de8e30d808bedbfee104b3b1100f5094675521da07dd2a28be7e486b325a0f0e6d75116be1bbc2aa20deb64a6e4e7b824b12d009e6f1802f5a8e31559b125d71d00a5684fbde4668f5af1eb4ca04fa7c4ef4d2a194b0856e007"}}}}}}, &(0x7f0000001780))

03:40:43 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0xe})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000909000/0x4000)=nil, 0x4000}, 0x1})
madvise(&(0x7f0000908000/0x4000)=nil, 0x4000, 0x4)
read(r0, &(0x7f000060df9c)=""/100, 0x64)

03:40:43 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000880)="24000000210007031dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0)

[ 1304.311772] netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'.
03:40:43 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000880)="24000000210007031dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0)

03:40:43 executing program 3:
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000006000)={0x7fffffff}, 0x8, 0x0)
clock_adjtime(0x0, &(0x7f0000000000))
readv(r0, &(0x7f0000000040)=[{&(0x7f000004f000)=""/128, 0x80}], 0x266)
timer_create(0x0, &(0x7f000004c000)={0x0, 0x16}, &(0x7f000004cffc))
timer_settime(0x0, 0x0, &(0x7f000004a000)={{0x0, 0x989680}, {0x0, 0x7}}, &(0x7f000004afe0))

03:40:43 executing program 5:
r0 = socket(0x10, 0x2, 0x0)
setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000000)=0x80000000, 0x4)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0x5)
setresuid(r1, 0x0, 0x0)
keyctl$session_to_parent(0x12)

[ 1304.376552] netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'.
03:40:43 executing program 5:
r0 = socket(0x10, 0x2, 0x0)
setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000000)=0x80000000, 0x4)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0x5)
setresuid(r1, 0x0, 0x0)
keyctl$session_to_parent(0x12)

03:40:43 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syslog(0x3, &(0x7f0000000100)=""/86, 0x56)

03:40:43 executing program 7:
pipe2(&(0x7f00008df000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000040)="ae", 0x1)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000080)='h', 0x1}], 0x1, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r2, 0x1000000000016)
readv(r0, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1)

03:40:44 executing program 0:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x400000)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000449fd0)={0x0, 0x0, &(0x7f00004f1f94), 0x1, 0x0, &(0x7f0000901000)="05"})
close(r0)

03:40:44 executing program 6:
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000029000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
poll(&(0x7f0000000240)=[{r2}], 0x20000000000001f7, 0xfffffffffffffff8)
r3 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r3, 0x1000000000016)
dup2(r1, r2)
tkill(r0, 0x16)

03:40:44 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0xe})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000909000/0x4000)=nil, 0x4000}, 0x1})
madvise(&(0x7f0000908000/0x4000)=nil, 0x4000, 0x4)
read(r0, &(0x7f000060df9c)=""/100, 0x64)

03:40:44 executing program 4:
pipe2(&(0x7f00008df000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000040)="ae", 0x1)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000080)='h', 0x1}], 0x1, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r2, 0x1000000000016)
readv(r0, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1)

[ 1305.221256] netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'.
03:40:44 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000880)="24000000210007031dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0)

03:40:44 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syslog(0x3, &(0x7f0000000100)=""/86, 0x56)

03:40:44 executing program 1:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
syz_mount_image$xfs(&(0x7f00000002c0)='xfs\x00', &(0x7f0000000400)='./file0/file0/file0\x00', 0x0, 0x0, &(0x7f0000000740), 0x0, &(0x7f00000007c0)={[{@swidth={'swidth', 0x3d}, 0x2c}, {@sunit={'sunit', 0x3d}, 0x2c}]})

[ 1305.305452] netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'.
03:40:44 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syslog(0x3, &(0x7f0000000100)=""/86, 0x56)

[ 1305.383549] XFS (loop1): Invalid superblock magic number
03:40:44 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syslog(0x3, &(0x7f0000000100)=""/86, 0x56)

03:40:44 executing program 7:
pipe2(&(0x7f00008df000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000040)="ae", 0x1)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000080)='h', 0x1}], 0x1, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r2, 0x1000000000016)
readv(r0, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1)

[ 1305.447589] XFS (loop1): Invalid superblock magic number
03:40:44 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000000)="b9800000c00f3235004000000f30b805000000b90d0000000f01c10f01d12e0f01cfb826cb45ab0f23c80f21f8350800c0000f23f8b8010000000f01c1b9800000c00f3235002000000f30debd350000003e0f01c9b9140200000f32", 0x5c}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000140), &(0x7f0000000080)={0x77359400}, 0x1)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

03:40:46 executing program 3:
r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000040)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
r1 = getpid()
sched_setattr(r1, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000340)={0xc1, @time})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0x80045301, &(0x7f00000005c0)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc0a85322, &(0x7f0000000100)={0x0, 0x0, 0x0, 'queue0\x00'})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000fdbff0)='/dev/sequencer2\x00', 0x0, 0x0)

03:40:46 executing program 5:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000556ff0)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40085112, &(0x7f0000000100)={{0x5}})

03:40:46 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000000)="b9800000c00f3235004000000f30b805000000b90d0000000f01c10f01d12e0f01cfb826cb45ab0f23c80f21f8350800c0000f23f8b8010000000f01c1b9800000c00f3235002000000f30debd350000003e0f01c9b9140200000f32", 0x5c}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000140), &(0x7f0000000080)={0x77359400}, 0x1)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

03:40:46 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047"}], 0x0, 0x0, &(0x7f0000000080), 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000001e00fb034d564b0000000001"])
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x0, [0x40000073]})

03:40:46 executing program 6:
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000029000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
poll(&(0x7f0000000240)=[{r2}], 0x20000000000001f7, 0xfffffffffffffff8)
r3 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r3, 0x1000000000016)
dup2(r1, r2)
tkill(r0, 0x16)

03:40:46 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0xe})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000909000/0x4000)=nil, 0x4000}, 0x1})
madvise(&(0x7f0000908000/0x4000)=nil, 0x4000, 0x4)
read(r0, &(0x7f000060df9c)=""/100, 0x64)

03:40:46 executing program 4:
pipe2(&(0x7f00008df000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000040)="ae", 0x1)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000080)='h', 0x1}], 0x1, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r2, 0x1000000000016)
readv(r0, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1)

03:40:46 executing program 7:
pipe2(&(0x7f00008df000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000040)="ae", 0x1)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000080)='h', 0x1}], 0x1, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r2, 0x1000000000016)
readv(r0, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1)

03:40:46 executing program 5:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000556ff0)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40085112, &(0x7f0000000100)={{0x5}})

03:40:46 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
fcntl$dupfd(r0, 0x0, r0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x2)
dup3(r1, r0, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
write(r0, &(0x7f0000c34fff), 0xffffff0b)
ioctl$TCXONC(r0, 0x5437, 0x0)

03:40:46 executing program 5:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000556ff0)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40085112, &(0x7f0000000100)={{0x5}})

03:40:46 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x18, 0x1d, 0xffffffffffffffff, 0x0, 0x0, {0x20000000005}, [@nested={0x4, 0x1}]}, 0x18}, 0x1}, 0x0)

03:40:46 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070")
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x47}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0xd, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0xffffff85, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x1, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)

03:40:46 executing program 5:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000556ff0)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40085112, &(0x7f0000000100)={{0x5}})

03:40:46 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x40000003}]})

[ 1307.628715] netlink: 'syz-executor0': attribute type 1 has an invalid length.
03:40:46 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000000)="b9800000c00f3235004000000f30b805000000b90d0000000f01c10f01d12e0f01cfb826cb45ab0f23c80f21f8350800c0000f23f8b8010000000f01c1b9800000c00f3235002000000f30debd350000003e0f01c9b9140200000f32", 0x5c}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000140), &(0x7f0000000080)={0x77359400}, 0x1)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

03:40:46 executing program 3:
r0 = memfd_create(&(0x7f0000049000)='\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000050000)='/dev/snd/seq\x00', 0x0, 0x2)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f000002b000)={0x0, 0x0, 0x0, "9ede7a8c5ae95ec8672c93340f643a664f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa8faf8fb574dbcfa6dc4d"})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(0xffffffffffffffff, 0x40bc5311, &(0x7f000004d000)={0x0, 0x0, "636c69656e0000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000008000", 0x0, "00000000ff0300", "88e70000a3f4e011ae06633d18a3d918e0ab00"})
write$sndseq(r0, &(0x7f0000042f70)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x17344ace)

03:40:46 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x80001, 0x0)
ioctl$TCSETSF(r1, 0x80045104, &(0x7f0000000000))

03:40:46 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4)
sendto$inet6(r0, &(0x7f00000003c0)="0403000000c000ddb846", 0xa, 0x0, &(0x7f0000000080)={0xa, 0x100200000800, 0x8000000000008, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c)

03:40:46 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x80001, 0x0)
ioctl$TCSETSF(r1, 0x80045104, &(0x7f0000000000))

03:40:47 executing program 2:
syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1c4, &(0x7f0000000340), 0x0, &(0x7f0000000700)={[{@utf8='utf8', 0x2c}, {@uid={'uid', 0x3d}, 0x2c}]})

03:40:47 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x80001, 0x0)
ioctl$TCSETSF(r1, 0x80045104, &(0x7f0000000000))

03:40:47 executing program 0:
r0 = add_key$keyring(&(0x7f00000005c0)='keyring\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0)
add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, &(0x7f0000000180)="c6a34e987940ea478d9bd365b9e4621e334652733324b7773a3df8a7504d9e18e2e4a839fcd9030000000000000028945d12a9caae603ff81c4dc32ed3d70fb5d4c5b866305249060000005277822d0e0616a2e5b74c48e38b9936f298c6feec95ad327c724ec507bd34b94e99623f014bf81ea54900ac54a99aa04e1a7f000000e8d3bfa2f3abce9736aac3e0b19d5a697bc438cd49bc1cf3af72c2180bbee78e9a7237c02e10ac77e3a4fd8a6e2bdca6a9a1d7da1a3e559fdafb6703c73b3c4c10865302fb324f16327996273625d9f0a54ef16bdb08f22ed11fd80b74eb861aebe51b0912c0f79486c25c49524ffe4f00", 0xf2, r1)

03:40:47 executing program 4:
pipe2(&(0x7f00008df000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000040)="ae", 0x1)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000080)='h', 0x1}], 0x1, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r2, 0x1000000000016)
readv(r0, &(0x7f0000c9e000)=[{&(0x7f0000c25f19)=""/231, 0xe7}], 0x1)

03:40:47 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x0, &(0x7f0000000400), &(0x7f0000000180), &(0x7f0000000000), &(0x7f0000000280))

03:40:47 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000000)="b9800000c00f3235004000000f30b805000000b90d0000000f01c10f01d12e0f01cfb826cb45ab0f23c80f21f8350800c0000f23f8b8010000000f01c1b9800000c00f3235002000000f30debd350000003e0f01c9b9140200000f32", 0x5c}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
rt_sigtimedwait(&(0x7f0000000000), &(0x7f0000000140), &(0x7f0000000080)={0x77359400}, 0x1)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

03:40:47 executing program 6:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
rt_sigprocmask(0x0, &(0x7f0000686ff8)={0xfffffffffffffffd}, 0x0, 0x8)
setrlimit(0x1, &(0x7f0000011000))
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, &(0x7f00000000c0)="e49d3a49e27b51ab5ca04eecf864c546d9b328f71c6f03825f0c0bbfc43e2825f06757518152d0426420b48dc2d77ea8466334961dd69645cd5d8df929835058f24d19d01dd22b152664bccbfe07c13d9fb7a2e2f9746b9fa4ad4cd311031586d6e27b1ce315a27cd5ac870291b26c0852055002a50471df1405b7e0b1f282b5cc9d9d6d2d889234b408f035bb61f04bf6b937b27b5cd0c72aeb7ec5fc8b44c6760906f5df2d651a16989eb11c5b9feafddd4ada6952546c187b246f70715daa5c7e200a63ec649c364cf20e88c23870461d10e9d09d9010da644b0d51807ac6f802e0c2f71e19087eb009da980f66a14ebccae5992f5ee96df41b5d7e479e079406691485990d78149f4a466f08f11577ebd436e9bb695089f87dbe0a9b04b23be1a76637b1e9369185b10beb53b5354b6a9215bc45e5782e923f69c8d575bfe07375ad16112dd102bdb01ae0fe7fa317aaf99ba7b7216a5dbe3944703ec528040ca6fbc97da671079d97db0292f578953416960651748673fe85464af6ce8e7bbba28d19808e41ece979b39b029b8bb51e4229cdeb8d656ed9327aff9fe90ed8f93f4552ae88343a2b8902e206543b0d11dd5abe90409ce867b83c4221c5a0b9eb102fb7f1d58c2e269735dbf07495d7e94715955c7b3460be05f3e3bd328dada07824006ef27f7c4698cc0035837137f7d2aa880fd05b5e86e89db93c08994df7bbe1658bdc8f0b3050f9a53b9031c0ed29b60d4a182002f06900eea6bfa1c8608b4d076be29878ec37dcce0b005082a6859ce760473acab8408e444ac4ecd187bedd393eec03f8e4a2c774ff9593d9105e07be7394344352c2606a0008634052f4db17f8627e0aabaa32a835849edc2d03c26accff057e125d5b192bb7e5e0ed8597e8d693d8a6278c481dc99f14f1b052bf64afc65b9e79e3a336ec5a8dd9cfef60fcf900b3c92ba53082c0dd88c57adb38babd4d2de286fe9a06f78d2a1e882dc16f610d1548706a4aefaf2918a609edb63428d1ea92e50648285da541337456749d2891303c51f3c154d4082847e553f381d0351c6bfb0b955845fbf97b3eedb2d8ee29e6f4fd3704f85927067698d22533b9f7f50b2f9fc16b03e6ecb0e1f78ca372e74e6df4fff1c2271706bed84a5ceb987bbcfcc3fa895d49d1f95363687dbb0068c6ead492d99dabeb13a89b6c580c982759f71441200f1207299a4224e3a0cceca8d48e9932685b15804e1588dd978049ec76876ab5cdace7c08083943a745303908b2f1d48afcf61034f720242ddcd4fc26be690551d93897f88675d69d19281c9194f94c3a2b58f7237d26b96171e635d72036f156e47e8e2956c75a5b5612f54cb7961012dfb70235f341f3312e3e88014cdb6b540bd3ea5d348970636c36abed30b99a24bc3e95b60759e245f2b8dff0a6fcbf2603ee2e022862aa5a109056f48f4feed9bac81090b5898ab43188a124dad397a26befae0f187c889170946261ba2657ab2e098bdd5f7f68de91fa7470d72e7e2aff5b4c4a736fd4acadd17f8029590fbbee0ba09f0260df18d8b5bc74cd2724b16a544390a647dd2e3e8283289480ee75c9f44c717c3f8322db9edee993d8f88d928fcdde1da628f487919c2d9ae6338c0cefd6a6606207b9bbc8dce48ccbd629373bc328a0e503b80c9d147a60dae0554b326628fe66e1cdc65c7c41cdbaffec4ab18d0c42bae828f7a9c6d09", 0x4c9, 0xfffffffffffffffe)

03:40:47 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000080)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000100)="3fd5d6abb95e66ec4327779a37027502699acacc65507d2c0ff7803721c0ac1ca07e95b09df57a5c66c45a97e398fae49c35f9cfbe0c7658cb2eeab775f6352ff2668a11d687fbf560f5a0701f1673028273869c2cad67ab1e888890658111bc1b3335ff6795437ed3581d11b99dfd0942ca831c34", 0x75}], 0x1, &(0x7f0000001800)}, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f0000001640)={0x1d, r2}, 0x10)
setsockopt(r1, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
dup3(r0, r1, 0x0)

03:40:47 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r1, &(0x7f0000498000)={&(0x7f0000d55000)={0x10}, 0xc, &(0x7f0000c8d000)={&(0x7f0000bfdfdc)={0x24, 0x3, 0x1, 0x800000001, 0x0, 0x0, {}, [@nested={0x4, 0x0, [@typed={0xc, 0x1, @ipv4=@multicast2=0xe0000002}]}]}, 0x24}, 0x1}, 0x0)

03:40:47 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={[{@statfs_quantum={'statfs_quantum', 0x3d}, 0x2c}, {@ignore_local_fs='ignore_local_fs', 0x2c}]})

03:40:47 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x80001, 0x0)
ioctl$TCSETSF(r1, 0x80045104, &(0x7f0000000000))

[ 1308.380542] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[ 1308.400391] ntfs: (device loop2): parse_options(): The uid option requires an argument.
03:40:47 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000080)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000100)="3fd5d6abb95e66ec4327779a37027502699acacc65507d2c0ff7803721c0ac1ca07e95b09df57a5c66c45a97e398fae49c35f9cfbe0c7658cb2eeab775f6352ff2668a11d687fbf560f5a0701f1673028273869c2cad67ab1e888890658111bc1b3335ff6795437ed3581d11b99dfd0942ca831c34", 0x75}], 0x1, &(0x7f0000001800)}, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f0000001640)={0x1d, r2}, 0x10)
setsockopt(r1, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
dup3(r0, r1, 0x0)

[ 1308.471113] netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'.
[ 1308.501634] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
03:40:47 executing program 6:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
rt_sigprocmask(0x0, &(0x7f0000686ff8)={0xfffffffffffffffd}, 0x0, 0x8)
setrlimit(0x1, &(0x7f0000011000))
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, &(0x7f00000000c0)="e49d3a49e27b51ab5ca04eecf864c546d9b328f71c6f03825f0c0bbfc43e2825f06757518152d0426420b48dc2d77ea8466334961dd69645cd5d8df929835058f24d19d01dd22b152664bccbfe07c13d9fb7a2e2f9746b9fa4ad4cd311031586d6e27b1ce315a27cd5ac870291b26c0852055002a50471df1405b7e0b1f282b5cc9d9d6d2d889234b408f035bb61f04bf6b937b27b5cd0c72aeb7ec5fc8b44c6760906f5df2d651a16989eb11c5b9feafddd4ada6952546c187b246f70715daa5c7e200a63ec649c364cf20e88c23870461d10e9d09d9010da644b0d51807ac6f802e0c2f71e19087eb009da980f66a14ebccae5992f5ee96df41b5d7e479e079406691485990d78149f4a466f08f11577ebd436e9bb695089f87dbe0a9b04b23be1a76637b1e9369185b10beb53b5354b6a9215bc45e5782e923f69c8d575bfe07375ad16112dd102bdb01ae0fe7fa317aaf99ba7b7216a5dbe3944703ec528040ca6fbc97da671079d97db0292f578953416960651748673fe85464af6ce8e7bbba28d19808e41ece979b39b029b8bb51e4229cdeb8d656ed9327aff9fe90ed8f93f4552ae88343a2b8902e206543b0d11dd5abe90409ce867b83c4221c5a0b9eb102fb7f1d58c2e269735dbf07495d7e94715955c7b3460be05f3e3bd328dada07824006ef27f7c4698cc0035837137f7d2aa880fd05b5e86e89db93c08994df7bbe1658bdc8f0b3050f9a53b9031c0ed29b60d4a182002f06900eea6bfa1c8608b4d076be29878ec37dcce0b005082a6859ce760473acab8408e444ac4ecd187bedd393eec03f8e4a2c774ff9593d9105e07be7394344352c2606a0008634052f4db17f8627e0aabaa32a835849edc2d03c26accff057e125d5b192bb7e5e0ed8597e8d693d8a6278c481dc99f14f1b052bf64afc65b9e79e3a336ec5a8dd9cfef60fcf900b3c92ba53082c0dd88c57adb38babd4d2de286fe9a06f78d2a1e882dc16f610d1548706a4aefaf2918a609edb63428d1ea92e50648285da541337456749d2891303c51f3c154d4082847e553f381d0351c6bfb0b955845fbf97b3eedb2d8ee29e6f4fd3704f85927067698d22533b9f7f50b2f9fc16b03e6ecb0e1f78ca372e74e6df4fff1c2271706bed84a5ceb987bbcfcc3fa895d49d1f95363687dbb0068c6ead492d99dabeb13a89b6c580c982759f71441200f1207299a4224e3a0cceca8d48e9932685b15804e1588dd978049ec76876ab5cdace7c08083943a745303908b2f1d48afcf61034f720242ddcd4fc26be690551d93897f88675d69d19281c9194f94c3a2b58f7237d26b96171e635d72036f156e47e8e2956c75a5b5612f54cb7961012dfb70235f341f3312e3e88014cdb6b540bd3ea5d348970636c36abed30b99a24bc3e95b60759e245f2b8dff0a6fcbf2603ee2e022862aa5a109056f48f4feed9bac81090b5898ab43188a124dad397a26befae0f187c889170946261ba2657ab2e098bdd5f7f68de91fa7470d72e7e2aff5b4c4a736fd4acadd17f8029590fbbee0ba09f0260df18d8b5bc74cd2724b16a544390a647dd2e3e8283289480ee75c9f44c717c3f8322db9edee993d8f88d928fcdde1da628f487919c2d9ae6338c0cefd6a6606207b9bbc8dce48ccbd629373bc328a0e503b80c9d147a60dae0554b326628fe66e1cdc65c7c41cdbaffec4ab18d0c42bae828f7a9c6d09", 0x4c9, 0xfffffffffffffffe)

[ 1308.521502] ntfs: (device loop2): parse_options(): The uid option requires an argument.
03:40:47 executing program 5:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000100)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000040))
timerfd_gettime(r0, &(0x7f00000000c0))

[ 1308.567132] gfs2: not a GFS2 filesystem
03:40:47 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=@gettaction={0x28, 0x32, 0x801, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, @TCA_ACT_INDEX={0x8, 0x3}}]}]}, 0x28}, 0x1}, 0x0)

03:40:47 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000080)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000100)="3fd5d6abb95e66ec4327779a37027502699acacc65507d2c0ff7803721c0ac1ca07e95b09df57a5c66c45a97e398fae49c35f9cfbe0c7658cb2eeab775f6352ff2668a11d687fbf560f5a0701f1673028273869c2cad67ab1e888890658111bc1b3335ff6795437ed3581d11b99dfd0942ca831c34", 0x75}], 0x1, &(0x7f0000001800)}, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f0000001640)={0x1d, r2}, 0x10)
setsockopt(r1, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
dup3(r0, r1, 0x0)

[ 1308.635582] gfs2: not a GFS2 filesystem
03:40:47 executing program 2:
syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1c4, &(0x7f0000000340), 0x0, &(0x7f0000000700)={[{@utf8='utf8', 0x2c}, {@uid={'uid', 0x3d}, 0x2c}]})

03:40:47 executing program 6:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
rt_sigprocmask(0x0, &(0x7f0000686ff8)={0xfffffffffffffffd}, 0x0, 0x8)
setrlimit(0x1, &(0x7f0000011000))
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, &(0x7f00000000c0)="e49d3a49e27b51ab5ca04eecf864c546d9b328f71c6f03825f0c0bbfc43e2825f06757518152d0426420b48dc2d77ea8466334961dd69645cd5d8df929835058f24d19d01dd22b152664bccbfe07c13d9fb7a2e2f9746b9fa4ad4cd311031586d6e27b1ce315a27cd5ac870291b26c0852055002a50471df1405b7e0b1f282b5cc9d9d6d2d889234b408f035bb61f04bf6b937b27b5cd0c72aeb7ec5fc8b44c6760906f5df2d651a16989eb11c5b9feafddd4ada6952546c187b246f70715daa5c7e200a63ec649c364cf20e88c23870461d10e9d09d9010da644b0d51807ac6f802e0c2f71e19087eb009da980f66a14ebccae5992f5ee96df41b5d7e479e079406691485990d78149f4a466f08f11577ebd436e9bb695089f87dbe0a9b04b23be1a76637b1e9369185b10beb53b5354b6a9215bc45e5782e923f69c8d575bfe07375ad16112dd102bdb01ae0fe7fa317aaf99ba7b7216a5dbe3944703ec528040ca6fbc97da671079d97db0292f578953416960651748673fe85464af6ce8e7bbba28d19808e41ece979b39b029b8bb51e4229cdeb8d656ed9327aff9fe90ed8f93f4552ae88343a2b8902e206543b0d11dd5abe90409ce867b83c4221c5a0b9eb102fb7f1d58c2e269735dbf07495d7e94715955c7b3460be05f3e3bd328dada07824006ef27f7c4698cc0035837137f7d2aa880fd05b5e86e89db93c08994df7bbe1658bdc8f0b3050f9a53b9031c0ed29b60d4a182002f06900eea6bfa1c8608b4d076be29878ec37dcce0b005082a6859ce760473acab8408e444ac4ecd187bedd393eec03f8e4a2c774ff9593d9105e07be7394344352c2606a0008634052f4db17f8627e0aabaa32a835849edc2d03c26accff057e125d5b192bb7e5e0ed8597e8d693d8a6278c481dc99f14f1b052bf64afc65b9e79e3a336ec5a8dd9cfef60fcf900b3c92ba53082c0dd88c57adb38babd4d2de286fe9a06f78d2a1e882dc16f610d1548706a4aefaf2918a609edb63428d1ea92e50648285da541337456749d2891303c51f3c154d4082847e553f381d0351c6bfb0b955845fbf97b3eedb2d8ee29e6f4fd3704f85927067698d22533b9f7f50b2f9fc16b03e6ecb0e1f78ca372e74e6df4fff1c2271706bed84a5ceb987bbcfcc3fa895d49d1f95363687dbb0068c6ead492d99dabeb13a89b6c580c982759f71441200f1207299a4224e3a0cceca8d48e9932685b15804e1588dd978049ec76876ab5cdace7c08083943a745303908b2f1d48afcf61034f720242ddcd4fc26be690551d93897f88675d69d19281c9194f94c3a2b58f7237d26b96171e635d72036f156e47e8e2956c75a5b5612f54cb7961012dfb70235f341f3312e3e88014cdb6b540bd3ea5d348970636c36abed30b99a24bc3e95b60759e245f2b8dff0a6fcbf2603ee2e022862aa5a109056f48f4feed9bac81090b5898ab43188a124dad397a26befae0f187c889170946261ba2657ab2e098bdd5f7f68de91fa7470d72e7e2aff5b4c4a736fd4acadd17f8029590fbbee0ba09f0260df18d8b5bc74cd2724b16a544390a647dd2e3e8283289480ee75c9f44c717c3f8322db9edee993d8f88d928fcdde1da628f487919c2d9ae6338c0cefd6a6606207b9bbc8dce48ccbd629373bc328a0e503b80c9d147a60dae0554b326628fe66e1cdc65c7c41cdbaffec4ab18d0c42bae828f7a9c6d09", 0x4c9, 0xfffffffffffffffe)

[ 1308.660703] netlink: 12 bytes leftover after parsing attributes in process `syz-executor3'.
03:40:47 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={[{@statfs_quantum={'statfs_quantum', 0x3d}, 0x2c}, {@ignore_local_fs='ignore_local_fs', 0x2c}]})

[ 1308.741982] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[ 1308.761857] ntfs: (device loop2): parse_options(): The uid option requires an argument.
[ 1308.827568] gfs2: not a GFS2 filesystem
03:40:48 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={[{@statfs_quantum={'statfs_quantum', 0x3d}, 0x2c}, {@ignore_local_fs='ignore_local_fs', 0x2c}]})

03:40:48 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
io_setup(0x7, &(0x7f0000000000)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)}])

03:40:48 executing program 6:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
rt_sigprocmask(0x0, &(0x7f0000686ff8)={0xfffffffffffffffd}, 0x0, 0x8)
setrlimit(0x1, &(0x7f0000011000))
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, &(0x7f00000000c0)="e49d3a49e27b51ab5ca04eecf864c546d9b328f71c6f03825f0c0bbfc43e2825f06757518152d0426420b48dc2d77ea8466334961dd69645cd5d8df929835058f24d19d01dd22b152664bccbfe07c13d9fb7a2e2f9746b9fa4ad4cd311031586d6e27b1ce315a27cd5ac870291b26c0852055002a50471df1405b7e0b1f282b5cc9d9d6d2d889234b408f035bb61f04bf6b937b27b5cd0c72aeb7ec5fc8b44c6760906f5df2d651a16989eb11c5b9feafddd4ada6952546c187b246f70715daa5c7e200a63ec649c364cf20e88c23870461d10e9d09d9010da644b0d51807ac6f802e0c2f71e19087eb009da980f66a14ebccae5992f5ee96df41b5d7e479e079406691485990d78149f4a466f08f11577ebd436e9bb695089f87dbe0a9b04b23be1a76637b1e9369185b10beb53b5354b6a9215bc45e5782e923f69c8d575bfe07375ad16112dd102bdb01ae0fe7fa317aaf99ba7b7216a5dbe3944703ec528040ca6fbc97da671079d97db0292f578953416960651748673fe85464af6ce8e7bbba28d19808e41ece979b39b029b8bb51e4229cdeb8d656ed9327aff9fe90ed8f93f4552ae88343a2b8902e206543b0d11dd5abe90409ce867b83c4221c5a0b9eb102fb7f1d58c2e269735dbf07495d7e94715955c7b3460be05f3e3bd328dada07824006ef27f7c4698cc0035837137f7d2aa880fd05b5e86e89db93c08994df7bbe1658bdc8f0b3050f9a53b9031c0ed29b60d4a182002f06900eea6bfa1c8608b4d076be29878ec37dcce0b005082a6859ce760473acab8408e444ac4ecd187bedd393eec03f8e4a2c774ff9593d9105e07be7394344352c2606a0008634052f4db17f8627e0aabaa32a835849edc2d03c26accff057e125d5b192bb7e5e0ed8597e8d693d8a6278c481dc99f14f1b052bf64afc65b9e79e3a336ec5a8dd9cfef60fcf900b3c92ba53082c0dd88c57adb38babd4d2de286fe9a06f78d2a1e882dc16f610d1548706a4aefaf2918a609edb63428d1ea92e50648285da541337456749d2891303c51f3c154d4082847e553f381d0351c6bfb0b955845fbf97b3eedb2d8ee29e6f4fd3704f85927067698d22533b9f7f50b2f9fc16b03e6ecb0e1f78ca372e74e6df4fff1c2271706bed84a5ceb987bbcfcc3fa895d49d1f95363687dbb0068c6ead492d99dabeb13a89b6c580c982759f71441200f1207299a4224e3a0cceca8d48e9932685b15804e1588dd978049ec76876ab5cdace7c08083943a745303908b2f1d48afcf61034f720242ddcd4fc26be690551d93897f88675d69d19281c9194f94c3a2b58f7237d26b96171e635d72036f156e47e8e2956c75a5b5612f54cb7961012dfb70235f341f3312e3e88014cdb6b540bd3ea5d348970636c36abed30b99a24bc3e95b60759e245f2b8dff0a6fcbf2603ee2e022862aa5a109056f48f4feed9bac81090b5898ab43188a124dad397a26befae0f187c889170946261ba2657ab2e098bdd5f7f68de91fa7470d72e7e2aff5b4c4a736fd4acadd17f8029590fbbee0ba09f0260df18d8b5bc74cd2724b16a544390a647dd2e3e8283289480ee75c9f44c717c3f8322db9edee993d8f88d928fcdde1da628f487919c2d9ae6338c0cefd6a6606207b9bbc8dce48ccbd629373bc328a0e503b80c9d147a60dae0554b326628fe66e1cdc65c7c41cdbaffec4ab18d0c42bae828f7a9c6d09", 0x4c9, 0xfffffffffffffffe)

03:40:48 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000080)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000100)="3fd5d6abb95e66ec4327779a37027502699acacc65507d2c0ff7803721c0ac1ca07e95b09df57a5c66c45a97e398fae49c35f9cfbe0c7658cb2eeab775f6352ff2668a11d687fbf560f5a0701f1673028273869c2cad67ab1e888890658111bc1b3335ff6795437ed3581d11b99dfd0942ca831c34", 0x75}], 0x1, &(0x7f0000001800)}, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f0000001640)={0x1d, r2}, 0x10)
setsockopt(r1, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
dup3(r0, r1, 0x0)

03:40:48 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=@gettaction={0x28, 0x32, 0x801, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, @TCA_ACT_INDEX={0x8, 0x3}}]}]}, 0x28}, 0x1}, 0x0)

03:40:48 executing program 1:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000e8000)='/dev/cuse\x00', 0x2, 0x0)
write$fuse(r0, &(0x7f00009eb000)={0x30, 0x6, 0x0, @fuse_notify_retrieve_out={0x0, 0x0, 0x7}}, 0x30)

03:40:48 executing program 2:
syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1c4, &(0x7f0000000340), 0x0, &(0x7f0000000700)={[{@utf8='utf8', 0x2c}, {@uid={'uid', 0x3d}, 0x2c}]})

03:40:48 executing program 4:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="23000000240007031dfffd946fa2830020200a000900000006000000000000000d00ff", 0x23}], 0x1}, 0x0)

[ 1309.192408] netlink: 12 bytes leftover after parsing attributes in process `syz-executor3'.
[ 1309.210655] gfs2: not a GFS2 filesystem
03:40:48 executing program 1:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000e8000)='/dev/cuse\x00', 0x2, 0x0)
write$fuse(r0, &(0x7f00009eb000)={0x30, 0x6, 0x0, @fuse_notify_retrieve_out={0x0, 0x0, 0x7}}, 0x30)

03:40:48 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=@gettaction={0x28, 0x32, 0x801, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, @TCA_ACT_INDEX={0x8, 0x3}}]}]}, 0x28}, 0x1}, 0x0)

03:40:48 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000003, 0x100000003)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket(0xa, 0x802, 0x0)
setsockopt$inet_int(r1, 0x0, 0x13, &(0x7f0000e49000)=0x4, 0x4)
sendmsg(r1, &(0x7f0000eeefc8)={&(0x7f0000fef000)=@in6={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x80, &(0x7f0000437000), 0x0, &(0x7f000056cda0)=[{0x28, 0x29, 0x2, "1d1a2d4ba2f2fffffffffffffffd060000"}], 0x28}, 0x0)

[ 1309.223515] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[ 1309.243348] ntfs: (device loop2): parse_options(): The uid option requires an argument.
03:40:48 executing program 6:
r0 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xd3, &(0x7f0000000040)={{0xa, 0x0, 0x0, @loopback={0x100000000000000, 0x1}}, {0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, 0x5c)

03:40:48 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
io_setup(0x7, &(0x7f0000000000)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)}])

03:40:48 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={[{@statfs_quantum={'statfs_quantum', 0x3d}, 0x2c}, {@ignore_local_fs='ignore_local_fs', 0x2c}]})

03:40:48 executing program 4:
recvmmsg(0xffffffffffffff9c, &(0x7f0000003b00)=[{{&(0x7f0000000f40)=@in6={0x0, 0x0, 0x0, @mcast1}, 0x80, &(0x7f00000012c0), 0x0, &(0x7f0000001300)=""/96, 0x60}}], 0x1, 0x0, &(0x7f0000003bc0))
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x800000018, &(0x7f0000001280)=0x800, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x800}]}, 0x10)
sendmsg(r0, &(0x7f0000001440)={&(0x7f0000000140)=@in6={0xa, 0x4e21}, 0x42f, &(0x7f0000001200), 0x322}, 0x8000)
sendmsg(r0, &(0x7f00000001c0)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x80, &(0x7f0000000200), 0x3e8, &(0x7f00000036c0)}, 0x0)

[ 1309.319801] netlink: 12 bytes leftover after parsing attributes in process `syz-executor3'.
03:40:48 executing program 2:
syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1c4, &(0x7f0000000340), 0x0, &(0x7f0000000700)={[{@utf8='utf8', 0x2c}, {@uid={'uid', 0x3d}, 0x2c}]})

03:40:48 executing program 1:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000e8000)='/dev/cuse\x00', 0x2, 0x0)
write$fuse(r0, &(0x7f00009eb000)={0x30, 0x6, 0x0, @fuse_notify_retrieve_out={0x0, 0x0, 0x7}}, 0x30)

03:40:48 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=@gettaction={0x28, 0x32, 0x801, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, @TCA_ACT_INDEX={0x8, 0x3}}]}]}, 0x28}, 0x1}, 0x0)

03:40:48 executing program 7:
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0)
fcntl$setsig(r0, 0xa, 0x3)
fcntl$setlease(r0, 0x400, 0x0)
rt_sigtimedwait(&(0x7f00005a1000)={0xfffffffffffffffd}, &(0x7f0000d31ff0), &(0x7f00007adff0)={0x77359400}, 0x8)
truncate(&(0x7f000037eff8)='./file0\x00', 0x0)
fcntl$getflags(r0, 0x401)

[ 1309.418363] gfs2: not a GFS2 filesystem
03:40:48 executing program 6:
r0 = memfd_create(&(0x7f0000000080)='8securitvtrusted\x00', 0x3)
ftruncate(r0, 0x94d)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = dup(r0)
fcntl$addseals(r0, 0x409, 0x4)
write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x9)

03:40:48 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
io_setup(0x7, &(0x7f0000000000)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)}])

[ 1309.453538] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[ 1309.473464] ntfs: (device loop2): parse_options(): The uid option requires an argument.
03:40:48 executing program 1:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000e8000)='/dev/cuse\x00', 0x2, 0x0)
write$fuse(r0, &(0x7f00009eb000)={0x30, 0x6, 0x0, @fuse_notify_retrieve_out={0x0, 0x0, 0x7}}, 0x30)

03:40:48 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x2}, 0x1c)
setsockopt$inet_tcp_int(r0, 0x6, 0xc, &(0x7f00000001c0), 0x4)
listen(r1, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x2, @loopback=0x7f000001}, 0x10)

03:40:48 executing program 4:
recvmmsg(0xffffffffffffff9c, &(0x7f0000003b00)=[{{&(0x7f0000000f40)=@in6={0x0, 0x0, 0x0, @mcast1}, 0x80, &(0x7f00000012c0), 0x0, &(0x7f0000001300)=""/96, 0x60}}], 0x1, 0x0, &(0x7f0000003bc0))
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x800000018, &(0x7f0000001280)=0x800, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x800}]}, 0x10)
sendmsg(r0, &(0x7f0000001440)={&(0x7f0000000140)=@in6={0xa, 0x4e21}, 0x42f, &(0x7f0000001200), 0x322}, 0x8000)
sendmsg(r0, &(0x7f00000001c0)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x80, &(0x7f0000000200), 0x3e8, &(0x7f00000036c0)}, 0x0)

[ 1309.540070] netlink: 12 bytes leftover after parsing attributes in process `syz-executor3'.
03:40:48 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1000002, 0x31, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000001480)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75c01f0200f58d26d7a071fb35331ce39c5aeeff5083cf07dd46455c914d4aff1e7cf7ed57c0c2056f5ca933f03cbf82bd13534737339245d31b0041be6281d7e1b4b7099114c571872298dd7f2120e2b6fa2a2e2a2c9c6e0034750b7961fa2c1584c0b5a500ae0ac39bc76a78d9158266759f766a3e8c84c09cf35a214a200421dcbc4cb6ee55476d8ead8882947ffa1fb4c050727beb12c57e06ff59")
ioctl$SG_GET_NUM_WAITING(r1, 0x80086601, &(0x7f0000000000))

[ 1309.591677] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
03:40:48 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
io_setup(0x7, &(0x7f0000000000)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)}])

03:40:48 executing program 2:
add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, &(0x7f0000000080)='\r', 0x1, 0xfffffffffffffffb)

03:40:48 executing program 3:
syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x100000000000e000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb64c86d6b66732e66617400020441000500077008f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000000080)='./file0/file0\x00', 0x3fffa, 0x0)
write$cgroup_type(r0, &(0x7f0000000180)='threaded\x00', 0xffffff43)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)='./file0/file1\x00')
write$fuse(r0, &(0x7f0000000000)={0x18, 0x0, 0x0, @fuse_bmap_out}, 0x18)
truncate(&(0x7f0000000b00)='./file0/file1\x00', 0x201f)

03:40:48 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000012000)={0x10, 0x4, 0x4, 0x8}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f000000e000)={r0, &(0x7f0000000000), &(0x7f000000c000)="02"}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000003fe8)={r0, &(0x7f0000013000), &(0x7f0000002000)=""/104}, 0x18)

03:40:48 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x2}, 0x1c)
setsockopt$inet_tcp_int(r0, 0x6, 0xc, &(0x7f00000001c0), 0x4)
listen(r1, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x2, @loopback=0x7f000001}, 0x10)

03:40:48 executing program 2:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_RESET(r0, 0x2405, 0x0)

03:40:48 executing program 4:
recvmmsg(0xffffffffffffff9c, &(0x7f0000003b00)=[{{&(0x7f0000000f40)=@in6={0x0, 0x0, 0x0, @mcast1}, 0x80, &(0x7f00000012c0), 0x0, &(0x7f0000001300)=""/96, 0x60}}], 0x1, 0x0, &(0x7f0000003bc0))
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x800000018, &(0x7f0000001280)=0x800, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x800}]}, 0x10)
sendmsg(r0, &(0x7f0000001440)={&(0x7f0000000140)=@in6={0xa, 0x4e21}, 0x42f, &(0x7f0000001200), 0x322}, 0x8000)
sendmsg(r0, &(0x7f00000001c0)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x80, &(0x7f0000000200), 0x3e8, &(0x7f00000036c0)}, 0x0)

03:40:48 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1000002, 0x31, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000001480)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75c01f0200f58d26d7a071fb35331ce39c5aeeff5083cf07dd46455c914d4aff1e7cf7ed57c0c2056f5ca933f03cbf82bd13534737339245d31b0041be6281d7e1b4b7099114c571872298dd7f2120e2b6fa2a2e2a2c9c6e0034750b7961fa2c1584c0b5a500ae0ac39bc76a78d9158266759f766a3e8c84c09cf35a214a200421dcbc4cb6ee55476d8ead8882947ffa1fb4c050727beb12c57e06ff59")
ioctl$SG_GET_NUM_WAITING(r1, 0x80086601, &(0x7f0000000000))

03:40:48 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
syz_open_procfs(0x0, &(0x7f0000000040)="0465742f737444d28d026215a047d755b9bd52d6c15e9ef6ead4636b73")
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/.group\x00')

[ 1309.778050] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
03:40:49 executing program 7:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(anubis))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000), 0x18)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000001940)=[{0x0, 0x0, &(0x7f00000012c0), 0x211, &(0x7f0000001300)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r1, &(0x7f0000001200)={&(0x7f0000000000)=@vsock={0x0, 0x0, 0x0, @hyper}, 0x80, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/78, 0x4e}], 0x1}, 0x0)

03:40:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000180)={0x2, 0x0, [0x1d9, 0x1]})

03:40:49 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x2}, 0x1c)
setsockopt$inet_tcp_int(r0, 0x6, 0xc, &(0x7f00000001c0), 0x4)
listen(r1, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x2, @loopback=0x7f000001}, 0x10)

03:40:49 executing program 2:
request_key(&(0x7f0000000040)='encrypted\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, &(0x7f00000001c0)='/dev/kvm\x00', 0x0)

03:40:49 executing program 3:
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f00000005c0)={[{@dir_umask={'dir_umask', 0x3d}, 0x2c}]})

03:40:49 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
syz_open_procfs(0x0, &(0x7f0000000040)="0465742f737444d28d026215a047d755b9bd52d6c15e9ef6ead4636b73")
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/.group\x00')

03:40:49 executing program 4:
recvmmsg(0xffffffffffffff9c, &(0x7f0000003b00)=[{{&(0x7f0000000f40)=@in6={0x0, 0x0, 0x0, @mcast1}, 0x80, &(0x7f00000012c0), 0x0, &(0x7f0000001300)=""/96, 0x60}}], 0x1, 0x0, &(0x7f0000003bc0))
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x800000018, &(0x7f0000001280)=0x800, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x800}]}, 0x10)
sendmsg(r0, &(0x7f0000001440)={&(0x7f0000000140)=@in6={0xa, 0x4e21}, 0x42f, &(0x7f0000001200), 0x322}, 0x8000)
sendmsg(r0, &(0x7f00000001c0)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x80, &(0x7f0000000200), 0x3e8, &(0x7f00000036c0)}, 0x0)

03:40:49 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1000002, 0x31, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000001480)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75c01f0200f58d26d7a071fb35331ce39c5aeeff5083cf07dd46455c914d4aff1e7cf7ed57c0c2056f5ca933f03cbf82bd13534737339245d31b0041be6281d7e1b4b7099114c571872298dd7f2120e2b6fa2a2e2a2c9c6e0034750b7961fa2c1584c0b5a500ae0ac39bc76a78d9158266759f766a3e8c84c09cf35a214a200421dcbc4cb6ee55476d8ead8882947ffa1fb4c050727beb12c57e06ff59")
ioctl$SG_GET_NUM_WAITING(r1, 0x80086601, &(0x7f0000000000))

[ 1310.494822] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[ 1310.511872] hfs: can't find a HFS filesystem on dev loop3
[ 1310.534826] *** Guest State ***
[ 1310.538198] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[ 1310.547155] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1310.556076] CR3 = 0x0000000000000000
[ 1310.559828] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[ 1310.565853] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[ 1310.571957] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1310.578677] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[ 1310.586706] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1310.594908] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1310.602951] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1310.610974] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1310.619047] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1310.627071] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[ 1310.635103] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
03:40:49 executing program 7:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(anubis))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000), 0x18)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000001940)=[{0x0, 0x0, &(0x7f00000012c0), 0x211, &(0x7f0000001300)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r1, &(0x7f0000001200)={&(0x7f0000000000)=@vsock={0x0, 0x0, 0x0, @hyper}, 0x80, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/78, 0x4e}], 0x1}, 0x0)

03:40:49 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
syz_open_procfs(0x0, &(0x7f0000000040)="0465742f737444d28d026215a047d755b9bd52d6c15e9ef6ead4636b73")
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/.group\x00')

03:40:49 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x2}, 0x1c)
setsockopt$inet_tcp_int(r0, 0x6, 0xc, &(0x7f00000001c0), 0x4)
listen(r1, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x2, @loopback=0x7f000001}, 0x10)

03:40:49 executing program 7:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(anubis))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000), 0x18)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000001940)=[{0x0, 0x0, &(0x7f00000012c0), 0x211, &(0x7f0000001300)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r1, &(0x7f0000001200)={&(0x7f0000000000)=@vsock={0x0, 0x0, 0x0, @hyper}, 0x80, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/78, 0x4e}], 0x1}, 0x0)

03:40:49 executing program 2:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/dev\x00')
preadv(r0, &(0x7f0000001480)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1, 0x0)

[ 1310.643195] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[ 1310.651228] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[ 1310.659275] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1310.665752] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1310.673260] Interruptibility = 00000000  ActivityState = 00000000
[ 1310.679548] *** Host State ***
[ 1310.682783] RIP = 0xffffffff811f4fc4  RSP = 0xffff8801a6be7350
[ 1310.688952] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1310.695448] FSBase=00007f5d4df98700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1310.703384] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1310.709339] CR0=0000000080050033 CR3=00000001c3fd5000 CR4=00000000001426f0
[ 1310.716411] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87a01380
[ 1310.723139] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[ 1310.729237] *** Control State ***
[ 1310.732757] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[ 1310.739477] EntryControls=0000d1ff ExitControls=0023efff
03:40:49 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x1000002, 0x31, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000001480)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75c01f0200f58d26d7a071fb35331ce39c5aeeff5083cf07dd46455c914d4aff1e7cf7ed57c0c2056f5ca933f03cbf82bd13534737339245d31b0041be6281d7e1b4b7099114c571872298dd7f2120e2b6fa2a2e2a2c9c6e0034750b7961fa2c1584c0b5a500ae0ac39bc76a78d9158266759f766a3e8c84c09cf35a214a200421dcbc4cb6ee55476d8ead8882947ffa1fb4c050727beb12c57e06ff59")
ioctl$SG_GET_NUM_WAITING(r1, 0x80086601, &(0x7f0000000000))

03:40:49 executing program 7:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(anubis))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000), 0x18)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000001940)=[{0x0, 0x0, &(0x7f00000012c0), 0x211, &(0x7f0000001300)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r1, &(0x7f0000001200)={&(0x7f0000000000)=@vsock={0x0, 0x0, 0x0, @hyper}, 0x80, &(0x7f00000011c0)=[{&(0x7f00000000c0)=""/78, 0x4e}], 0x1}, 0x0)

[ 1310.744998] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1310.751978] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1310.758739] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1310.765447]         reason=80000021 qualification=0000000000000000
[ 1310.771808] IDTVectoring: info=00000000 errcode=00000000
[ 1310.777316] TSC Offset = 0xfffffd3edc130cf7
[ 1310.781674] TPR Threshold = 0x00
[ 1310.785074] EPT pointer = 0x00000001b4f1901e
03:40:49 executing program 4:
ioctl$sock_inet_SIOCGARP(0xffffffffffffffff, 0x8954, &(0x7f00000001c0)={{0x2, 0x0, @loopback=0x7f000001}, {0x0, @random="a278189800f4"}, 0x0, {0x2, 0x0, @broadcast=0xffffffff}, 'bcsh0\x00'})
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f0000000200)={0x0, @in={{0x2, 0x0, @loopback=0x7f000001}}}, &(0x7f00000002c0)=0x98)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r2, 0x4000008912, &(0x7f00000000c0)="295ee1311f16f477671070")
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000001c0)=[@acquire_done={0x40486311}], 0x0, 0x0, &(0x7f0000000200)})

03:40:49 executing program 2:
r0 = syz_open_dev$sndpcmc(&(0x7f0000004fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
ioctl(r0, 0x4122, &(0x7f0000001f64))

[ 1310.810047] hfs: can't find a HFS filesystem on dev loop3
[ 1310.817581] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[ 1310.928917] kvm [13319]: vcpu0, guest rIP: 0x0 kvm_set_msr_common: MSR_IA32_DEBUGCTLMSR 0x1, nop
03:40:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000180)={0x2, 0x0, [0x1d9, 0x1]})

03:40:50 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
syz_open_procfs(0x0, &(0x7f0000000040)="0465742f737444d28d026215a047d755b9bd52d6c15e9ef6ead4636b73")
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/.group\x00')

03:40:50 executing program 3:
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f00000005c0)={[{@dir_umask={'dir_umask', 0x3d}, 0x2c}]})

03:40:50 executing program 0:
r0 = socket$inet(0x2, 0x200000002, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@random="c9b6adf3fe7b", @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac14140b, @multicast1=0xe0000001}, @udp={0x3, 0x4e21, 0x8}}}}}, 0x0)

03:40:50 executing program 2:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000000080)="0f", 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10)
sendto$inet(r0, &(0x7f0000029000)="c6", 0x1, 0x0, &(0x7f0000007ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10)
shutdown(r0, 0x1)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7d, &(0x7f0000018000)={0x0, @in6={{0xa}}}, &(0x7f0000000000)=0x8c)

03:40:50 executing program 6:
socketpair(0x0, 0x0, 0x0, &(0x7f0000000140))
socket$kcm(0xa, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x12, 0x4, 0x4, 0x1}, 0xc0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r0, &(0x7f0000000000), &(0x7f0000000140)}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000000)='o', &(0x7f0000000040)=""/250}, 0x18)

03:40:50 executing program 7:
setrlimit(0x7, &(0x7f0000000000)={0x14, 0x87})
pipe2(&(0x7f0000000080), 0x0)

03:40:50 executing program 4:
r0 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000000)={0x2, {{0x2, 0x0, @rand_addr=0xffffffffedddb9a5}}}, 0x88)
close(r0)

[ 1310.972840] kvm [13319]: vcpu0, guest rIP: 0x0 kvm_set_msr_common: MSR_IA32_DEBUGCTLMSR 0x1, nop
03:40:50 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000040)='/dev/md0\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f0000000080))

03:40:50 executing program 0:
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000006000)={0xaa})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000040)={{&(0x7f0000009000/0x4000)=nil, 0x4000}, 0x2})

03:40:50 executing program 4:
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000000)=')')
msgrcv(0x0, &(0x7f0000000240)={0x0, ""/181}, 0xbd, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)
msgsnd(0x0, &(0x7f0000000000)=ANY=[], 0x0, 0x0)

03:40:50 executing program 7:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup\x00', 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000000)='io.max\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f0000000040)=ANY=[@ANYBLOB='8:0\r'], 0x4)

[ 1311.034135] hfs: can't find a HFS filesystem on dev loop3
03:40:50 executing program 3:
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f00000005c0)={[{@dir_umask={'dir_umask', 0x3d}, 0x2c}]})

[ 1311.115207] *** Guest State ***
[ 1311.118591] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[ 1311.127510] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1311.136386] CR3 = 0x0000000000000000
[ 1311.140166] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[ 1311.146177] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[ 1311.152226] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:40:50 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}}}, 0x0, 0x7, 0x0, "4877bb1f56d48eb1fa5fac76a792a929a57f6062b013ec6b7a9ee231ea85a1c7f5c8fdf3bcaf6c5bb203dab4011d7c6096609012d3e979295204ae936681b23832f302a5020f3f6af0b1d2fb5a00eb09"}, 0xd8)
bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560a067fffffff81004e220000000058000b4824ca944f64009400050028925aa8000000000000008000f0fffeffff09000000fff5dd00000010000100000c0900fcff0000040e05a5", 0x58}], 0x1)

[ 1311.158934] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[ 1311.166972] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1311.175005] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1311.183134] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1311.191172] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1311.199196] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1311.207276] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
03:40:50 executing program 0:
r0 = socket$kcm(0xa, 0x2, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x5e303289b8d2a456, 0x1}, 0xc)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))

03:40:50 executing program 6:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0)

[ 1311.215302] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[ 1311.221209] hfs: can't find a HFS filesystem on dev loop3
[ 1311.223321] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[ 1311.236898] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[ 1311.244920] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1311.251413] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1311.258921] Interruptibility = 00000000  ActivityState = 00000000
[ 1311.265194] *** Host State ***
[ 1311.268429] RIP = 0xffffffff811f4fc4  RSP = 0xffff88019227f350
[ 1311.274435] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1311.280880] FSBase=00007f5d4df98700 GSBase=ffff8801dae00000 TRBase=fffffe0000003000
[ 1311.288702] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[ 1311.294647] CR0=0000000080050033 CR3=00000001bd5b3000 CR4=00000000001426f0
[ 1311.301718] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87a01380
[ 1311.308437] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[ 1311.314525] *** Control State ***
[ 1311.318040] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[ 1311.324739] EntryControls=0000d1ff ExitControls=0023efff
[ 1311.330233] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1311.337203] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1311.343973] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1311.350591]         reason=80000021 qualification=0000000000000000
[ 1311.356955] IDTVectoring: info=00000000 errcode=00000000
[ 1311.362527] TSC Offset = 0xfffffd3e8e8f7e75
[ 1311.366899] TPR Threshold = 0x00
[ 1311.370304] EPT pointer = 0x00000001922e601e
03:40:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000180)={0x2, 0x0, [0x1d9, 0x1]})

03:40:50 executing program 7:
r0 = syz_open_dev$evdev(&(0x7f00003a3000)='/dev/input/event#\x00', 0x0, 0x1)
ioctl$TIOCSBRK(r0, 0x40044591)
write(r0, &(0x7f0000fdd000), 0x0)

03:40:50 executing program 0:
syz_fuseblk_mount(&(0x7f0000001a80)='./file0\x00', &(0x7f0000001ac0)='./file0\x00', 0x0, 0xffffffffffffffff, 0xee01, 0x0, 0x0, 0x1000)
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000140), 0x20, &(0x7f0000000180)={[{@noload='noload', 0x2c}, {@nomblk_io_submit='nomblk_io_submit', 0x2c}]})

03:40:50 executing program 3:
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000540), 0x0, &(0x7f00000005c0)={[{@dir_umask={'dir_umask', 0x3d}, 0x2c}]})

[ 1311.425149] kvm [13385]: vcpu0, guest rIP: 0x0 kvm_set_msr_common: MSR_IA32_DEBUGCTLMSR 0x1, nop
[ 1311.480803] hfs: can't find a HFS filesystem on dev loop3
[ 1311.511542] EXT4-fs (sda1): Ignoring removed nomblk_io_submit option
[ 1311.533469] EXT4-fs (sda1): re-mounted. Opts: noload,nomblk_io_submit,,errors=continue
[ 1311.548045] *** Guest State ***
[ 1311.551446] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[ 1311.560395] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1311.569308] CR3 = 0x0000000000000000
[ 1311.573076] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[ 1311.579094] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[ 1311.585120] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[ 1311.591833] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[ 1311.599869] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1311.607941] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1311.615967] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1311.624008] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1311.632068] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1311.640859] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[ 1311.648901] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[ 1311.656903] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[ 1311.664914] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[ 1311.672924] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1311.679362] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1311.686839] Interruptibility = 00000000  ActivityState = 00000000
[ 1311.693126] *** Host State ***
[ 1311.696345] RIP = 0xffffffff811f4fc4  RSP = 0xffff8801a0637350
[ 1311.702342] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1311.708825] FSBase=00007f5d4df98700 GSBase=ffff8801daf00000 TRBase=fffffe0000034000
[ 1311.716811] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000
[ 1311.722734] CR0=0000000080050033 CR3=00000001c9836000 CR4=00000000001426e0
[ 1311.729784] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff87a01380
[ 1311.736492] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[ 1311.742568] *** Control State ***
[ 1311.746044] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[ 1311.752726] EntryControls=0000d1ff ExitControls=0023efff
[ 1311.758197] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1311.765151] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1311.771842] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1311.778438]         reason=80000021 qualification=0000000000000000
[ 1311.784770] IDTVectoring: info=00000000 errcode=00000000
[ 1311.790243] TSC Offset = 0xfffffd3e514e8d51
[ 1311.794574] TPR Threshold = 0x00
[ 1311.797968] EPT pointer = 0x00000001a03cf01e
[ 1311.816425] kvm [13438]: vcpu0, guest rIP: 0x0 kvm_set_msr_common: MSR_IA32_DEBUGCTLMSR 0x1, nop
03:40:51 executing program 2:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000000080)="0f", 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10)
sendto$inet(r0, &(0x7f0000029000)="c6", 0x1, 0x0, &(0x7f0000007ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10)
shutdown(r0, 0x1)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7d, &(0x7f0000018000)={0x0, @in6={{0xa}}}, &(0x7f0000000000)=0x8c)

03:40:51 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
r2 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94)
sendmsg(r2, &(0x7f0000030000)={&(0x7f00004f5000)=@generic={0x10000000001e, "0100000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f00000014c0), 0x0, &(0x7f00006e9c68)}, 0x0)

03:40:51 executing program 6:
getuid()
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, &(0x7f0000000200)=[@in6={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}], 0x1c)
r0 = socket(0x2, 0x3, 0x40000000000000ff)
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000000))
pwrite64(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0)

03:40:51 executing program 7:
r0 = syz_open_dev$evdev(&(0x7f00003a3000)='/dev/input/event#\x00', 0x0, 0x1)
ioctl$TIOCSBRK(r0, 0x40044591)
write(r0, &(0x7f0000fdd000), 0x0)

03:40:51 executing program 0:
syz_fuseblk_mount(&(0x7f0000001a80)='./file0\x00', &(0x7f0000001ac0)='./file0\x00', 0x0, 0xffffffffffffffff, 0xee01, 0x0, 0x0, 0x1000)
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000140), 0x20, &(0x7f0000000180)={[{@noload='noload', 0x2c}, {@nomblk_io_submit='nomblk_io_submit', 0x2c}]})

03:40:51 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000003080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000100)=""/147, 0x20000}, 0x18)
recvfrom(r1, &(0x7f00000004c0)=""/4096, 0x8ec0, 0x0, &(0x7f0000001500)=@can={0x1d}, 0x20000000)
sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0xffffffffffffffa2, &(0x7f00000000c0), 0x282, &(0x7f0000000000)=[@rights={0x18, 0x1, 0x1, [r1, r0]}], 0x18}, 0x0)

[ 1312.119648] EXT4-fs (sda1): Ignoring removed nomblk_io_submit option
[ 1312.126452] EXT4-fs (sda1): re-mounted. Opts: noload,nomblk_io_submit,,errors=continue
03:40:51 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
r2 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94)
sendmsg(r2, &(0x7f0000030000)={&(0x7f00004f5000)=@generic={0x10000000001e, "0100000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f00000014c0), 0x0, &(0x7f00006e9c68)}, 0x0)

03:40:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000480)={[], 0x0, 0x1a200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000180)={0x2, 0x0, [0x1d9, 0x1]})

03:40:51 executing program 6:
clock_nanosleep(0x400000000000009, 0x0, &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000000080))

03:40:51 executing program 7:
r0 = syz_open_dev$evdev(&(0x7f00003a3000)='/dev/input/event#\x00', 0x0, 0x1)
ioctl$TIOCSBRK(r0, 0x40044591)
write(r0, &(0x7f0000fdd000), 0x0)

03:40:51 executing program 0:
syz_fuseblk_mount(&(0x7f0000001a80)='./file0\x00', &(0x7f0000001ac0)='./file0\x00', 0x0, 0xffffffffffffffff, 0xee01, 0x0, 0x0, 0x1000)
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000140), 0x20, &(0x7f0000000180)={[{@noload='noload', 0x2c}, {@nomblk_io_submit='nomblk_io_submit', 0x2c}]})

03:40:51 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
r2 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94)
sendmsg(r2, &(0x7f0000030000)={&(0x7f00004f5000)=@generic={0x10000000001e, "0100000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f00000014c0), 0x0, &(0x7f00006e9c68)}, 0x0)

[ 1312.289942] *** Guest State ***
[ 1312.293348] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[ 1312.302270] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[ 1312.311149] CR3 = 0x0000000000000000
[ 1312.314907] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[ 1312.320910] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[ 1312.326952] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
03:40:51 executing program 6:
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x40, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100)='/dev/snd/midiC#D#\x00', 0xe440, 0x1)
write$binfmt_script(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="2321202e0b374057c442c1182f6275730ac6f90034693e1ab0cfc4a6707b7e093ee8faca2ddb0a63ba4059676e67d2645a02f1194fa585c78df2954e2b5cbab0c45b9263315dfe2c3f62a9c996077c2703728c44b9420220ce7dd032005bc10915200ff5ed972027301a92a740454f362a9eb0fc3a210116c4185032cfb358dbe449f85363bd2a9b9307b9a855c6868b760200000034875d63266612716600e776a8131a4a1ab478e333b8623462b84c56fbbfaab04341d2c5f8977916cf8414"], 0xc0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000040)="025cc83d6d345f8f762070")
write$cgroup_type(r1, &(0x7f00000000c0)='threaded\x00', 0xff4c)

03:40:51 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
r2 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94)
sendmsg(r2, &(0x7f0000030000)={&(0x7f00004f5000)=@generic={0x10000000001e, "0100000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f00000014c0), 0x0, &(0x7f00006e9c68)}, 0x0)

03:40:51 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
r2 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94)
sendmsg(r2, &(0x7f0000030000)={&(0x7f00004f5000)=@generic={0x10000000001e, "0100000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f00000014c0), 0x0, &(0x7f00006e9c68)}, 0x0)

[ 1312.333671] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[ 1312.341695] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1312.349713] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1312.357851] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1312.365883] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1312.373919] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[ 1312.381929] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
03:40:51 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
r2 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94)
sendmsg(r2, &(0x7f0000030000)={&(0x7f00004f5000)=@generic={0x10000000001e, "0100000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f00000014c0), 0x0, &(0x7f00006e9c68)}, 0x0)

[ 1312.389985] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[ 1312.398061] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[ 1312.406177] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[ 1312.414185] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[ 1312.420647] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[ 1312.428150] Interruptibility = 00000000  ActivityState = 00000000
[ 1312.434430] *** Host State ***
[ 1312.437651] RIP = 0xffffffff811f4fc4  RSP = 0xffff88019ebff350
[ 1312.443677] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[ 1312.450122] FSBase=00007f5d4df98700 GSBase=ffff8801daf00000 TRBase=fffffe0000034000
[ 1312.455947] EXT4-fs (sda1): Ignoring removed nomblk_io_submit option
[ 1312.457957] GDTBase=fffffe0000032000 IDTBase=fffffe0000000000
[ 1312.470387] CR0=0000000080050033 CR3=00000001b4fcd000 CR4=00000000001426e0
[ 1312.477453] Sysenter RSP=fffffe0000033200 CS:RIP=0010:ffffffff87a01380
[ 1312.479855] EXT4-fs (sda1): re-mounted. Opts: noload,nomblk_io_submit,,errors=continue
[ 1312.484146] EFER = 0x0000000000000d01  PAT = 0x0000000000000000
[ 1312.484151] *** Control State ***
[ 1312.484159] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[ 1312.484165] EntryControls=0000d1ff ExitControls=0023efff
[ 1312.484176] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[ 1312.484184] VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1312.484191] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[ 1312.484196]         reason=80000021 qualification=0000000000000000
[ 1312.484202] IDTVectoring: info=00000000 errcode=00000000
[ 1312.484213] TSC Offset = 0xfffffd3deba30065
[ 1312.550379] TPR Threshold = 0x00
[ 1312.553796] EPT pointer = 0x0000000195fd001e
[ 1312.587707] kvm [13476]: vcpu0, guest rIP: 0x0 kvm_set_msr_common: MSR_IA32_DEBUGCTLMSR 0x1, nop
03:40:52 executing program 2:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000000080)="0f", 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10)
sendto$inet(r0, &(0x7f0000029000)="c6", 0x1, 0x0, &(0x7f0000007ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10)
shutdown(r0, 0x1)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7d, &(0x7f0000018000)={0x0, @in6={{0xa}}}, &(0x7f0000000000)=0x8c)

03:40:52 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
r2 = socket(0x1e, 0x805, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2}, 0x94)
sendmsg(r2, &(0x7f0000030000)={&(0x7f00004f5000)=@generic={0x10000000001e, "0100000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f00000014c0), 0x0, &(0x7f00006e9c68)}, 0x0)

03:40:52 executing program 4:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x3fffe, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x41, 0x0)
write$binfmt_elf64(r1, &(0x7f0000001640)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0xfdac)
write(r0, &(0x7f0000000640)='.', 0x1)
write$binfmt_aout(r1, &(0x7f0000000400), 0x20)

03:40:52 executing program 6:
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x40, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100)='/dev/snd/midiC#D#\x00', 0xe440, 0x1)
write$binfmt_script(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="2321202e0b374057c442c1182f6275730ac6f90034693e1ab0cfc4a6707b7e093ee8faca2ddb0a63ba4059676e67d2645a02f1194fa585c78df2954e2b5cbab0c45b9263315dfe2c3f62a9c996077c2703728c44b9420220ce7dd032005bc10915200ff5ed972027301a92a740454f362a9eb0fc3a210116c4185032cfb358dbe449f85363bd2a9b9307b9a855c6868b760200000034875d63266612716600e776a8131a4a1ab478e333b8623462b84c56fbbfaab04341d2c5f8977916cf8414"], 0xc0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000040)="025cc83d6d345f8f762070")
write$cgroup_type(r1, &(0x7f00000000c0)='threaded\x00', 0xff4c)

03:40:52 executing program 7:
r0 = syz_open_dev$evdev(&(0x7f00003a3000)='/dev/input/event#\x00', 0x0, 0x1)
ioctl$TIOCSBRK(r0, 0x40044591)
write(r0, &(0x7f0000fdd000), 0x0)

03:40:52 executing program 0:
syz_fuseblk_mount(&(0x7f0000001a80)='./file0\x00', &(0x7f0000001ac0)='./file0\x00', 0x0, 0xffffffffffffffff, 0xee01, 0x0, 0x0, 0x1000)
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000140), 0x20, &(0x7f0000000180)={[{@noload='noload', 0x2c}, {@nomblk_io_submit='nomblk_io_submit', 0x2c}]})

03:40:52 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_fuseblk_mount(&(0x7f0000000480)='./file0\x00', &(0x7f0000004640)='./file0\x00', 0x4000, 0x0, 0x0, 0x0, 0x0, 0xe00)

03:40:52 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000003080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000100)=""/147, 0x20000}, 0x18)
recvfrom(r1, &(0x7f00000004c0)=""/4096, 0x8ec0, 0x0, &(0x7f0000001500)=@can={0x1d}, 0x20000000)
sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0xffffffffffffffa2, &(0x7f00000000c0), 0x282, &(0x7f0000000000)=[@rights={0x18, 0x1, 0x1, [r1, r0]}], 0x18}, 0x0)

03:40:52 executing program 1:
timer_create(0x0, &(0x7f0000000040)={0x0, 0x8, 0x0, @thr={&(0x7f0000000000), &(0x7f00000000c0)}}, &(0x7f0000000140))
r0 = syz_open_procfs(0x0, &(0x7f0000000340)='timers\x00')
timer_create(0x0, &(0x7f0000000080)={0x0, 0x1c}, &(0x7f0000000100))
preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000380)=""/4096, 0x1000}], 0x1, 0x0)

03:40:52 executing program 4:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x3fffe, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x41, 0x0)
write$binfmt_elf64(r1, &(0x7f0000001640)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0xfdac)
write(r0, &(0x7f0000000640)='.', 0x1)
write$binfmt_aout(r1, &(0x7f0000000400), 0x20)

03:40:52 executing program 7:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x3fffe, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x41, 0x0)
write$binfmt_elf64(r1, &(0x7f0000001640)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0xfdac)
write(r0, &(0x7f0000000640)='.', 0x1)
write$binfmt_aout(r1, &(0x7f0000000400), 0x20)

03:40:52 executing program 5:
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000280)={0x2, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000400)={0x3, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x88)
setsockopt$inet_group_source_req(r1, 0x0, 0x2e, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2=0xe0000002}}, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x108)

[ 1313.121847] EXT4-fs (sda1): Ignoring removed nomblk_io_submit option
[ 1313.149477] EXT4-fs (sda1): re-mounted. Opts: noload,nomblk_io_submit,,errors=continue
03:40:52 executing program 6:
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x40, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100)='/dev/snd/midiC#D#\x00', 0xe440, 0x1)
write$binfmt_script(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="2321202e0b374057c442c1182f6275730ac6f90034693e1ab0cfc4a6707b7e093ee8faca2ddb0a63ba4059676e67d2645a02f1194fa585c78df2954e2b5cbab0c45b9263315dfe2c3f62a9c996077c2703728c44b9420220ce7dd032005bc10915200ff5ed972027301a92a740454f362a9eb0fc3a210116c4185032cfb358dbe449f85363bd2a9b9307b9a855c6868b760200000034875d63266612716600e776a8131a4a1ab478e333b8623462b84c56fbbfaab04341d2c5f8977916cf8414"], 0xc0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000040)="025cc83d6d345f8f762070")
write$cgroup_type(r1, &(0x7f00000000c0)='threaded\x00', 0xff4c)

03:40:52 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000002c0)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x0, 0x3f})

03:40:52 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(morus1280-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000002480)=""/4096, 0x1000}], 0x1, &(0x7f0000000340)=""/123, 0x7b}, 0x0)

03:40:52 executing program 5:
syz_emit_ethernet(0x18b, &(0x7f0000000040)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x806, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @local={0xac, 0x14, 0x14, 0xaa}}, @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "e57044", 0xfffffffe, "cd98e8"}}}}}}, &(0x7f0000000100)={0x0, 0x3, [0x0, 0x3, 0xbdb]})

03:40:53 executing program 2:
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000000080)="0f", 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10)
sendto$inet(r0, &(0x7f0000029000)="c6", 0x1, 0x0, &(0x7f0000007ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10)
shutdown(r0, 0x1)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7d, &(0x7f0000018000)={0x0, @in6={{0xa}}}, &(0x7f0000000000)=0x8c)

03:40:53 executing program 4:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x3fffe, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x41, 0x0)
write$binfmt_elf64(r1, &(0x7f0000001640)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0xfdac)
write(r0, &(0x7f0000000640)='.', 0x1)
write$binfmt_aout(r1, &(0x7f0000000400), 0x20)

03:40:53 executing program 7:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x3fffe, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x41, 0x0)
write$binfmt_elf64(r1, &(0x7f0000001640)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0xfdac)
write(r0, &(0x7f0000000640)='.', 0x1)
write$binfmt_aout(r1, &(0x7f0000000400), 0x20)

03:40:53 executing program 6:
r0 = open(&(0x7f00000001c0)='./bus\x00', 0x40, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100)='/dev/snd/midiC#D#\x00', 0xe440, 0x1)
write$binfmt_script(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="2321202e0b374057c442c1182f6275730ac6f90034693e1ab0cfc4a6707b7e093ee8faca2ddb0a63ba4059676e67d2645a02f1194fa585c78df2954e2b5cbab0c45b9263315dfe2c3f62a9c996077c2703728c44b9420220ce7dd032005bc10915200ff5ed972027301a92a740454f362a9eb0fc3a210116c4185032cfb358dbe449f85363bd2a9b9307b9a855c6868b760200000034875d63266612716600e776a8131a4a1ab478e333b8623462b84c56fbbfaab04341d2c5f8977916cf8414"], 0xc0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000040)="025cc83d6d345f8f762070")
write$cgroup_type(r1, &(0x7f00000000c0)='threaded\x00', 0xff4c)

03:40:53 executing program 5:
syz_emit_ethernet(0x18b, &(0x7f0000000040)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x806, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @local={0xac, 0x14, 0x14, 0xaa}}, @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "e57044", 0xfffffffe, "cd98e8"}}}}}}, &(0x7f0000000100)={0x0, 0x3, [0x0, 0x3, 0xbdb]})

03:40:53 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000003080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000100)=""/147, 0x20000}, 0x18)
recvfrom(r1, &(0x7f00000004c0)=""/4096, 0x8ec0, 0x0, &(0x7f0000001500)=@can={0x1d}, 0x20000000)
sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0xffffffffffffffa2, &(0x7f00000000c0), 0x282, &(0x7f0000000000)=[@rights={0x18, 0x1, 0x1, [r1, r0]}], 0x18}, 0x0)

03:40:53 executing program 5:
syz_emit_ethernet(0x18b, &(0x7f0000000040)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x806, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @local={0xac, 0x14, 0x14, 0xaa}}, @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "e57044", 0xfffffffe, "cd98e8"}}}}}}, &(0x7f0000000100)={0x0, 0x3, [0x0, 0x3, 0xbdb]})

03:40:53 executing program 4:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x3fffe, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x41, 0x0)
write$binfmt_elf64(r1, &(0x7f0000001640)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0xfdac)
write(r0, &(0x7f0000000640)='.', 0x1)
write$binfmt_aout(r1, &(0x7f0000000400), 0x20)

03:40:53 executing program 7:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x3fffe, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x41, 0x0)
write$binfmt_elf64(r1, &(0x7f0000001640)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0xfdac)
write(r0, &(0x7f0000000640)='.', 0x1)
write$binfmt_aout(r1, &(0x7f0000000400), 0x20)

03:40:53 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000002c0)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x0, 0x3f})

03:40:53 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000002c0)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x0, 0x3f})

03:40:53 executing program 5:
syz_emit_ethernet(0x18b, &(0x7f0000000040)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x806, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @local={0xac, 0x14, 0x14, 0xaa}}, @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "e57044", 0xfffffffe, "cd98e8"}}}}}}, &(0x7f0000000100)={0x0, 0x3, [0x0, 0x3, 0xbdb]})

03:40:53 executing program 4:
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
close(r0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c})

03:40:53 executing program 7:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:53 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(morus1280-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000002480)=""/4096, 0x1000}], 0x1, &(0x7f0000000340)=""/123, 0x7b}, 0x0)

03:40:53 executing program 5:
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000027000)='./file0\x00', &(0x7f00000002c0)='proc\x00', 0x0, &(0x7f000000a000))
syz_fuseblk_mount(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0/bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

03:40:54 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000002c0)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x0, 0x3f})

03:40:54 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000066fff4)=@file={0x0, "e91f7189591e9233614b00"}, 0xc)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000040)=@assoc_value, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f00000000c0)={0x0, 0x1, "96"}, &(0x7f0000000140)=0x9)

03:40:54 executing program 2:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:54 executing program 7:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:54 executing program 5:
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000027000)='./file0\x00', &(0x7f00000002c0)='proc\x00', 0x0, &(0x7f000000a000))
syz_fuseblk_mount(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0/bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

03:40:54 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000003080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000100)=""/147, 0x20000}, 0x18)
recvfrom(r1, &(0x7f00000004c0)=""/4096, 0x8ec0, 0x0, &(0x7f0000001500)=@can={0x1d}, 0x20000000)
sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0xffffffffffffffa2, &(0x7f00000000c0), 0x282, &(0x7f0000000000)=[@rights={0x18, 0x1, 0x1, [r1, r0]}], 0x18}, 0x0)

03:40:54 executing program 2:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:54 executing program 5:
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000027000)='./file0\x00', &(0x7f00000002c0)='proc\x00', 0x0, &(0x7f000000a000))
syz_fuseblk_mount(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0/bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

03:40:54 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000002c0)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x0, 0x3f})

03:40:54 executing program 4:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:54 executing program 7:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:54 executing program 5:
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000027000)='./file0\x00', &(0x7f00000002c0)='proc\x00', 0x0, &(0x7f000000a000))
syz_fuseblk_mount(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0/bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

03:40:54 executing program 4:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:54 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(morus1280-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000002480)=""/4096, 0x1000}], 0x1, &(0x7f0000000340)=""/123, 0x7b}, 0x0)

03:40:54 executing program 2:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:54 executing program 5:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:55 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000002c0)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x0, 0x3f})

03:40:55 executing program 7:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:55 executing program 4:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:55 executing program 2:
r0 = socket(0x2, 0xa, 0x0)
sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f0000000500)={&(0x7f00000002c0)={0x10}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x14, 0x0, 0x0, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0)

03:40:55 executing program 5:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:55 executing program 3:
mremap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f000000b000/0x3000)=nil)
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x0, 0x0)
ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f0000001ffb))

03:40:55 executing program 2:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @hyper}, 0x10)

03:40:55 executing program 3:
capset(&(0x7f0000002ffa)={0x20080522}, &(0x7f0000002000))
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x8000000000000011)

03:40:55 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000002c0)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000240)={0x0, 0x3f})

03:40:55 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
prctl$setptracer(0x59616d61, 0xffffffffffffffff)
prctl$setptracer(0x59616d61, 0x0)

03:40:55 executing program 5:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000140)="2e2f636f6e74726f6cff05", 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='./file1\x00', 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdirat(r0, &(0x7f0000000600)='./file0\x00', 0x0)
renameat2(r0, &(0x7f0000000240)='./file1\x00', r0, &(0x7f0000000280)='./file0\x00', 0x0)

03:40:55 executing program 7:
r0 = socket$inet(0x2, 0x2, 0x0)
fcntl$lock(r0, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0, 0xff00000000000000})

03:40:55 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_mount_image$reiserfs(&(0x7f0000000040)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f00000002c0)={[{@balloc_noborder='block-allocator=noborder', 0x2c}]})

[ 1316.261122] REISERFS warning (device loop3): super-6502 reiserfs_getopt: unknown mount option ""
03:40:55 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(morus1280-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000002480)=""/4096, 0x1000}], 0x1, &(0x7f0000000340)=""/123, 0x7b}, 0x0)

03:40:55 executing program 2:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @hyper}, 0x10)

03:40:55 executing program 4:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mlock(&(0x7f00000f4000/0x3000)=nil, 0x3000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

[ 1316.302457] REISERFS warning (device loop3): super-6502 reiserfs_getopt: unknown mount option ""
03:40:55 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000000c0)={'veth1_to_bond\x00', &(0x7f0000000100)=@ethtool_perm_addr={0x14}})
close(r2)
close(r1)

03:40:55 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = syz_open_procfs(0x0, &(0x7f00004c6f8b)='mounts\x00')
poll(&(0x7f0000000000)=[{r1}], 0x1, 0x2)

03:40:55 executing program 5:
r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x200, 0x0)
preadv(r0, &(0x7f00000022c0)=[{&(0x7f0000000080)}, {&(0x7f00000000c0)=""/50, 0x32}, {&(0x7f0000001240)=""/4096, 0x1000}], 0x3, 0x0)

03:40:55 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_mount_image$reiserfs(&(0x7f0000000040)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f00000002c0)={[{@balloc_noborder='block-allocator=noborder', 0x2c}]})

03:40:55 executing program 0:
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r0, 0x800000010d, 0x0, &(0x7f0000000040)="ffe6ee19", 0x4)

03:40:55 executing program 2:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @hyper}, 0x10)

03:40:55 executing program 2:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @hyper}, 0x10)

03:40:55 executing program 7:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3)
r1 = dup2(r0, r0)
setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000080)=0x47, 0xc5)

[ 1316.878153] REISERFS warning (device loop3): super-6502 reiserfs_getopt: unknown mount option ""
03:40:56 executing program 7:
r0 = socket$nl_xfrm(0x11, 0x3, 0x6)
setsockopt$sock_int(r0, 0x1, 0x2c, &(0x7f0000000600)=0xfffffffffffffff9, 0x4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000200)={0x0, &(0x7f00000001c0)}, 0x10)

03:40:56 executing program 5:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000080)=0x5)

03:40:56 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x0, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000000))
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000040)={0x10000})
readv(r0, &(0x7f0000001700)=[{&(0x7f0000000640)=""/145, 0x91}, {&(0x7f0000000700)=""/4096, 0x1000}], 0x2)

03:40:56 executing program 2:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x0, 0x0)
ioctl$int_in(r1, 0x800000c0045006, &(0x7f0000000040)=0x4)
readv(r1, &(0x7f0000000400)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000000340)=""/176, 0xb0}], 0x2)

03:40:56 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_mount_image$reiserfs(&(0x7f0000000040)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f00000002c0)={[{@balloc_noborder='block-allocator=noborder', 0x2c}]})

[ 1317.068185] REISERFS warning (device loop3): super-6502 reiserfs_getopt: unknown mount option ""
03:40:56 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_mount_image$reiserfs(&(0x7f0000000040)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f00000002c0)={[{@balloc_noborder='block-allocator=noborder', 0x2c}]})

03:40:56 executing program 6:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, <r1=>0x0})
setpgid(r1, 0x0)

03:40:56 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x7d0, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)

[ 1317.314279] REISERFS warning (device loop3): super-6502 reiserfs_getopt: unknown mount option ""
03:40:56 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x0, 0x0)
ioctl$int_in(r1, 0x800000c0045006, &(0x7f0000000040)=0x4)
readv(r1, &(0x7f0000000400)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000000340)=""/176, 0xb0}], 0x2)

03:40:56 executing program 7:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000cb9ffc)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0x347, 0x4)
bind$inet(r0, &(0x7f0000c16ff0)={0x2, 0x1, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffc3, 0x20020007, &(0x7f0000e97fcf)={0x2, 0x1, @loopback=0x7f000001}, 0x10)
recvmmsg(r0, &(0x7f0000003740)=[{{&(0x7f0000000080)=@in6={0x0, 0x0, 0x0, @ipv4={[], [], @multicast2}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000200)=""/123, 0x7b}, {&(0x7f0000000280)=""/130, 0x82}, {&(0x7f0000000340)=""/143, 0xffffff23}, {&(0x7f0000000400)=""/109, 0x6d}, {&(0x7f0000000480)=""/169, 0xa9}], 0x5, &(0x7f0000000580)=""/145, 0x91}}], 0x1, 0x10102, &(0x7f0000003840)={0x77359400})

03:40:56 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet(0x10, 0x3, 0x9)
sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="24000000530407041dfffd946fa2830020200a0009000100021d85680c1baba20400ff7e28000000110affffba16a0aa1c0009b356da5a80d18bec4c8546c8243929db2406b20cd17ed01cc0", 0x4c}], 0x1}, 0x0)

03:40:56 executing program 6:
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0x39e8c2cfef4dc904)

03:40:56 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x7d0, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)

03:40:56 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
io_setup(0x5, &(0x7f0000000000)=<r1=>0x0)
ioctl$EVIOCSABS3F(0xffffffffffffffff, 0x401845ff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x9})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)}, &(0x7f0000000300)=0x10)
io_submit(r1, 0x12f, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000001000)}])

03:40:56 executing program 2:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x0, 0x0)
ioctl$int_in(r1, 0x800000c0045006, &(0x7f0000000040)=0x4)
readv(r1, &(0x7f0000000400)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000000340)=""/176, 0xb0}], 0x2)

03:40:56 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x0, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000000))
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000040)={0x10000})
readv(r0, &(0x7f0000001700)=[{&(0x7f0000000640)=""/145, 0x91}, {&(0x7f0000000700)=""/4096, 0x1000}], 0x2)

03:40:56 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip6_flowlabel\x00')
sendfile(r1, r2, &(0x7f0000000040)=0x3, 0x80000003)

03:40:56 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet(0x10, 0x3, 0x9)
sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="24000000530407041dfffd946fa2830020200a0009000100021d85680c1baba20400ff7e28000000110affffba16a0aa1c0009b356da5a80d18bec4c8546c8243929db2406b20cd17ed01cc0", 0x4c}], 0x1}, 0x0)

03:40:56 executing program 3:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
arch_prctl(0x2002, &(0x7f0000000000))

03:40:56 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x7d0, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)

[ 1317.706514] audit: type=1107 audit(1317.705:3): pid=13830 uid=0 auid=4294967295 ses=4294967295 msg='  
[ 1317.706514] '
03:40:56 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x0, 0x0)
ioctl$int_in(r1, 0x800000c0045006, &(0x7f0000000040)=0x4)
readv(r1, &(0x7f0000000400)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000000340)=""/176, 0xb0}], 0x2)

03:40:56 executing program 6:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000080)="295ee1311f16f477671070")
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x4}, 0x1c)
setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000000), 0x4)

03:40:56 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x7d0, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)

03:40:56 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x2000003, 0x32, 0xffffffffffffffff, 0x0)
ioctl$SG_EMULATED_HOST(r1, 0x2270, &(0x7f0000000080))

03:40:56 executing program 6:
r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000000))
readv(r0, &(0x7f0000001700)=[{&(0x7f0000000640)=""/145, 0x91}], 0x1)

[ 1317.830561] audit: type=1107 audit(1317.829:4): pid=13859 uid=0 auid=4294967295 ses=4294967295 msg='  
[ 1317.830561] '
03:40:57 executing program 3:
pipe2(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
vmsplice(r1, &(0x7f0000000380)=[{&(0x7f0000000340), 0x1000000}], 0x1, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
dup2(r0, r2)

03:40:57 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x0, 0x0)
ioctl$int_in(r1, 0x800000c0045006, &(0x7f0000000040)=0x4)
readv(r1, &(0x7f0000000400)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000000340)=""/176, 0xb0}], 0x2)

03:40:57 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet(0x10, 0x3, 0x9)
sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="24000000530407041dfffd946fa2830020200a0009000100021d85680c1baba20400ff7e28000000110affffba16a0aa1c0009b356da5a80d18bec4c8546c8243929db2406b20cd17ed01cc0", 0x4c}], 0x1}, 0x0)

03:40:57 executing program 5:
capset(&(0x7f0000000140)={0x20071026}, &(0x7f0000000180))
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000a00)=@broute={'broute\x00', 0x20, 0x3, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000380], 0x0, &(0x7f0000000340), &(0x7f0000000380)=[{}, {0x0, '\x00', 0x1}, {0x0, '\x00', 0x3}]}, 0x108)

03:40:57 executing program 6:
r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000000))
readv(r0, &(0x7f0000001700)=[{&(0x7f0000000640)=""/145, 0x91}], 0x1)

03:40:57 executing program 7:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000cb9ffc)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0x347, 0x4)
bind$inet(r0, &(0x7f0000c16ff0)={0x2, 0x1, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffc3, 0x20020007, &(0x7f0000e97fcf)={0x2, 0x1, @loopback=0x7f000001}, 0x10)
recvmmsg(r0, &(0x7f0000003740)=[{{&(0x7f0000000080)=@in6={0x0, 0x0, 0x0, @ipv4={[], [], @multicast2}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000200)=""/123, 0x7b}, {&(0x7f0000000280)=""/130, 0x82}, {&(0x7f0000000340)=""/143, 0xffffff23}, {&(0x7f0000000400)=""/109, 0x6d}, {&(0x7f0000000480)=""/169, 0xa9}], 0x5, &(0x7f0000000580)=""/145, 0x91}}], 0x1, 0x10102, &(0x7f0000003840)={0x77359400})

[ 1318.070848] kernel msg: ebtables bug: please report to author: bad policy
[ 1318.079704] audit: type=1107 audit(1318.078:5): pid=13887 uid=0 auid=4294967295 ses=4294967295 msg='  
[ 1318.079704] '
03:40:57 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x0, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000000))
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000040)={0x10000})
readv(r0, &(0x7f0000001700)=[{&(0x7f0000000640)=""/145, 0x91}, {&(0x7f0000000700)=""/4096, 0x1000}], 0x2)

03:40:57 executing program 2:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x0, 0x0)
ioctl$int_in(r1, 0x800000c0045006, &(0x7f0000000040)=0x4)
readv(r1, &(0x7f0000000400)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000000340)=""/176, 0xb0}], 0x2)

03:40:57 executing program 4:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000cb9ffc)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0x347, 0x4)
bind$inet(r0, &(0x7f0000c16ff0)={0x2, 0x1, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffc3, 0x20020007, &(0x7f0000e97fcf)={0x2, 0x1, @loopback=0x7f000001}, 0x10)
recvmmsg(r0, &(0x7f0000003740)=[{{&(0x7f0000000080)=@in6={0x0, 0x0, 0x0, @ipv4={[], [], @multicast2}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000200)=""/123, 0x7b}, {&(0x7f0000000280)=""/130, 0x82}, {&(0x7f0000000340)=""/143, 0xffffff23}, {&(0x7f0000000400)=""/109, 0x6d}, {&(0x7f0000000480)=""/169, 0xa9}], 0x5, &(0x7f0000000580)=""/145, 0x91}}], 0x1, 0x10102, &(0x7f0000003840)={0x77359400})

03:40:57 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet(0x10, 0x3, 0x9)
sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="24000000530407041dfffd946fa2830020200a0009000100021d85680c1baba20400ff7e28000000110affffba16a0aa1c0009b356da5a80d18bec4c8546c8243929db2406b20cd17ed01cc0", 0x4c}], 0x1}, 0x0)

03:40:57 executing program 6:
r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000000))
readv(r0, &(0x7f0000001700)=[{&(0x7f0000000640)=""/145, 0x91}], 0x1)

03:40:57 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00003dd000)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f000082ef0a)=""/246)
ioctl$EVIOCGREP(r1, 0x40107447, &(0x7f0000d1df52)=""/174)

03:40:57 executing program 6:
r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000000))
readv(r0, &(0x7f0000001700)=[{&(0x7f0000000640)=""/145, 0x91}], 0x1)

[ 1318.326620] audit: type=1107 audit(1318.325:6): pid=13905 uid=0 auid=4294967295 ses=4294967295 msg='  
[ 1318.326620] '
03:40:57 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000002640)="6e65742f736f636b7374617436004404d9f18c0606d312bf9f2e49559dea0d1e74036a1e96d6d9880540e1502003cf85b22ec322a83b8800cf80605c65a0ba7341c381e5a33f81453e13f3b952e38c973dae5ff14f01e1dc69a587864ae41b34dfbd9681793111459b279efff5c72cf72d6457afc4862c5fa2f208b39f3c701aa51b")
preadv(r0, &(0x7f00000024c0)=[{&(0x7f0000000340)=""/43, 0x2b}], 0x1, 0x1a)

03:40:57 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="cbaaaaaaaaaaaaaaaaaaaa0086dd800000000700000000000000000000000000aa00000000000800000000000000000000000005b21fa8f501bb7c2ec315f0000000000000"], &(0x7f0000000040))

03:40:57 executing program 5:
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000540)={0x53, 0x0, 0x21, 0x0, @buffer={0x0, 0xa3, &(0x7f0000000080)=""/163}, &(0x7f0000000340)="677b0438c6cd2e48b2e0be39a47606320b504277521047c739d053e2e3d2bcbb51", &(0x7f00000007c0)=""/198, 0x0, 0x0, 0x0, &(0x7f0000000140)})

03:40:57 executing program 3:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, 0x0, 0x0, 0x0, 0x0, {0xd}}, 0x14}, 0x1}, 0x1)

03:40:57 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f00000000c0)=0x17f, 0x251)
setsockopt$inet_tcp_int(r1, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendto$inet(r1, &(0x7f000099bf26), 0x143, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)
sendto$inet(r1, &(0x7f0000000100), 0xfffffffffffffe4a, 0x840, 0x0, 0x0)

03:40:57 executing program 6:
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='cpu&3|?\x00\x00')

03:40:57 executing program 5:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x28042, 0x0)
fallocate(r0, 0x0, 0x0, 0x8800000)

03:40:57 executing program 7:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000cb9ffc)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0x347, 0x4)
bind$inet(r0, &(0x7f0000c16ff0)={0x2, 0x1, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffc3, 0x20020007, &(0x7f0000e97fcf)={0x2, 0x1, @loopback=0x7f000001}, 0x10)
recvmmsg(r0, &(0x7f0000003740)=[{{&(0x7f0000000080)=@in6={0x0, 0x0, 0x0, @ipv4={[], [], @multicast2}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000200)=""/123, 0x7b}, {&(0x7f0000000280)=""/130, 0x82}, {&(0x7f0000000340)=""/143, 0xffffff23}, {&(0x7f0000000400)=""/109, 0x6d}, {&(0x7f0000000480)=""/169, 0xa9}], 0x5, &(0x7f0000000580)=""/145, 0x91}}], 0x1, 0x10102, &(0x7f0000003840)={0x77359400})

03:40:57 executing program 2:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x0, 0x0)
ioctl$int_in(r1, 0x800000c0045006, &(0x7f0000000040)=0x4)
readv(r1, &(0x7f0000000400)=[{&(0x7f00000009c0)=""/4096, 0x1000}, {&(0x7f0000000340)=""/176, 0xb0}], 0x2)

03:40:58 executing program 4:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000cb9ffc)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0x347, 0x4)
bind$inet(r0, &(0x7f0000c16ff0)={0x2, 0x1, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffc3, 0x20020007, &(0x7f0000e97fcf)={0x2, 0x1, @loopback=0x7f000001}, 0x10)
recvmmsg(r0, &(0x7f0000003740)=[{{&(0x7f0000000080)=@in6={0x0, 0x0, 0x0, @ipv4={[], [], @multicast2}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000200)=""/123, 0x7b}, {&(0x7f0000000280)=""/130, 0x82}, {&(0x7f0000000340)=""/143, 0xffffff23}, {&(0x7f0000000400)=""/109, 0x6d}, {&(0x7f0000000480)=""/169, 0xa9}], 0x5, &(0x7f0000000580)=""/145, 0x91}}], 0x1, 0x10102, &(0x7f0000003840)={0x77359400})

03:40:58 executing program 6:
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000020feffff7a0af0fff8ffffff79a4f0ff00000000b7060000000000012d6405000000000065040400010000000704000001000000b7050000000000006a0a00fe00000000850000001a000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)

03:40:58 executing program 0:
openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x0, 0x0)
ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002)
r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000000000))
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(0xffffffffffffffff, 0xc008551b, &(0x7f0000000040)={0x10000})
readv(r0, &(0x7f0000001700)=[{&(0x7f0000000640)=""/145, 0x91}, {&(0x7f0000000700)=""/4096, 0x1000}], 0x2)

03:40:58 executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000000080)={&(0x7f0000de2ff4)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000000301ff07008fbda33d88c000001018dd"], 0x14}, 0x1}, 0x0)

03:40:58 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet(0x10, 0x3, 0x0)
getsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000000), &(0x7f0000000040)=0x4)

03:40:58 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f00000000c0)=0x17f, 0x251)
setsockopt$inet_tcp_int(r1, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendto$inet(r1, &(0x7f000099bf26), 0x143, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)
sendto$inet(r1, &(0x7f0000000100), 0xfffffffffffffe4a, 0x840, 0x0, 0x0)

03:40:58 executing program 6:
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000020feffff7a0af0fff8ffffff79a4f0ff00000000b7060000000000012d6405000000000065040400010000000704000001000000b7050000000000006a0a00fe00000000850000001a000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)

03:40:58 executing program 5:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = dup2(r0, r0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0x400448ca)

03:40:58 executing program 3:
socketpair(0x0, 0x0, 0x0, &(0x7f0000000140))
r0 = socket$kcm(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0xf, 0x4, 0x4, 0x70}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r1, &(0x7f0000000000), &(0x7f0000000140)}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r1, &(0x7f0000000000), &(0x7f0000000140)}, 0x20)
close(r0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r1}, 0x10)

03:40:58 executing program 6:
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000020feffff7a0af0fff8ffffff79a4f0ff00000000b7060000000000012d6405000000000065040400010000000704000001000000b7050000000000006a0a00fe00000000850000001a000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)

03:40:58 executing program 5:
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], {@arp={0x806, @ether_ipv4={0x6, 0x800, 0x6, 0x4, 0x1, @random="f8bf88df5b1b", @remote={0xac, 0x14, 0x14, 0xbb}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, @rand_addr=0xac1414bb}}}}, &(0x7f0000000100))

03:40:58 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f00000000c0)=0x17f, 0x251)
setsockopt$inet_tcp_int(r1, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendto$inet(r1, &(0x7f000099bf26), 0x143, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)
sendto$inet(r1, &(0x7f0000000100), 0xfffffffffffffe4a, 0x840, 0x0, 0x0)

03:40:58 executing program 6:
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0xe, &(0x7f0000001000)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000020feffff7a0af0fff8ffffff79a4f0ff00000000b7060000000000012d6405000000000065040400010000000704000001000000b7050000000000006a0a00fe00000000850000001a000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)

03:40:58 executing program 2:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
getsockopt$inet6_udp_int(r0, 0x11, 0x65, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

03:40:58 executing program 7:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000cb9ffc)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0x347, 0x4)
bind$inet(r0, &(0x7f0000c16ff0)={0x2, 0x1, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffc3, 0x20020007, &(0x7f0000e97fcf)={0x2, 0x1, @loopback=0x7f000001}, 0x10)
recvmmsg(r0, &(0x7f0000003740)=[{{&(0x7f0000000080)=@in6={0x0, 0x0, 0x0, @ipv4={[], [], @multicast2}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000200)=""/123, 0x7b}, {&(0x7f0000000280)=""/130, 0x82}, {&(0x7f0000000340)=""/143, 0xffffff23}, {&(0x7f0000000400)=""/109, 0x6d}, {&(0x7f0000000480)=""/169, 0xa9}], 0x5, &(0x7f0000000580)=""/145, 0x91}}], 0x1, 0x10102, &(0x7f0000003840)={0x77359400})

03:40:58 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendto$inet6(r0, &(0x7f0000bc2000)="81", 0x1, 0x0, &(0x7f0000606fe4)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, 0x1}, 0x1c)
listen(r0, 0x7)
r1 = accept4(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffe95, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000004d80), &(0x7f0000004dc0)=0x10)

03:40:58 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="a29ab0893fde", [], {@ipv6={0x86dd, {0x0, 0x6, '?:T', 0x14, 0x2f, 0x0, @remote={0xfe, 0x80, [], 0xbb}, @mcast2={0xff, 0x2, [], 0x1}, {[], @tcp={{0x0, 0x883e, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f00000004c0))

03:40:58 executing program 6:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070")
r1 = socket(0xa, 0x2, 0x0)
getsockopt$sock_buf(r1, 0x1, 0x28, &(0x7f0000b56f40)=""/192, &(0x7f0000000040)=0xc0)

[ 1319.438693] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00bb with DS=0x3
[ 1319.458349] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00bb with DS=0x3
03:40:58 executing program 2:
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000804000))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000), 0x4)

03:40:58 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f00000000c0)=0x17f, 0x251)
setsockopt$inet_tcp_int(r1, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendto$inet(r1, &(0x7f000099bf26), 0x143, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)
sendto$inet(r1, &(0x7f0000000100), 0xfffffffffffffe4a, 0x840, 0x0, 0x0)

03:40:58 executing program 4:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000cb9ffc)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0x347, 0x4)
bind$inet(r0, &(0x7f0000c16ff0)={0x2, 0x1, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffc3, 0x20020007, &(0x7f0000e97fcf)={0x2, 0x1, @loopback=0x7f000001}, 0x10)
recvmmsg(r0, &(0x7f0000003740)=[{{&(0x7f0000000080)=@in6={0x0, 0x0, 0x0, @ipv4={[], [], @multicast2}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000200)=""/123, 0x7b}, {&(0x7f0000000280)=""/130, 0x82}, {&(0x7f0000000340)=""/143, 0xffffff23}, {&(0x7f0000000400)=""/109, 0x6d}, {&(0x7f0000000480)=""/169, 0xa9}], 0x5, &(0x7f0000000580)=""/145, 0x91}}], 0x1, 0x10102, &(0x7f0000003840)={0x77359400})

03:40:58 executing program 6:
r0 = eventfd2(0x0, 0x0)
fadvise64(r0, 0x0, 0xfffffffffffeffff, 0x0)

03:40:58 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="a29ab0893fde", [], {@ipv6={0x86dd, {0x0, 0x6, '?:T', 0x14, 0x2f, 0x0, @remote={0xfe, 0x80, [], 0xbb}, @mcast2={0xff, 0x2, [], 0x1}, {[], @tcp={{0x0, 0x883e, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f00000004c0))

03:40:58 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000100)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x3, 0x8001000000002c)
connect$inet6(r1, &(0x7f00000000c0)={0xa}, 0x1c)
sendmsg(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040), 0xffef}], 0x1, &(0x7f0000000200)}, 0x0)

03:40:58 executing program 2:
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000804000))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000), 0x4)

[ 1319.580099] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00bb with DS=0x3
03:40:58 executing program 6:
r0 = socket$inet(0x2, 0x200000002, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e21}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f00003f3fd5)={@random="cb9672fb8a00", @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414bb, @multicast1=0xe0000001}, @udp={0x0, 0x4e21, 0x8}}}}}, 0x0)

03:40:58 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="a29ab0893fde", [], {@ipv6={0x86dd, {0x0, 0x6, '?:T', 0x14, 0x2f, 0x0, @remote={0xfe, 0x80, [], 0xbb}, @mcast2={0xff, 0x2, [], 0x1}, {[], @tcp={{0x0, 0x883e, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f00000004c0))

03:40:58 executing program 0:
r0 = socket$inet(0x2, 0x200000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000480)=@broute={'broute\x00', 0x20, 0x1, 0x1f8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000080], 0x0, &(0x7f0000000040), &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0100000019000000000000000000726f736530000000000000000000000076657468315f746f5f627269646765007465616d5f736c6176655f3100000000697036677265300000000000000000000180c2000000000000000000ffffffffffff0000000000c9468e7c0000000801000038010000706b7474797065000000000000000000000000000000000000000000000000000800000000d73c9d315068e377000000706b7474797065000000000000000000000000000000000000000000000000000800000000f7000000000000000000006d61726b0000000000000000000000000000000000000000000000000000000010000000000000000000000000000068d8ffffff0000000072656469726563740000000000000000000000000000000000000000000000020800000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000003901000000ffffffff00000000"]}, 0x270)

[ 1319.679523] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00bb with DS=0x3
03:40:58 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0)
close(r0)

03:40:58 executing program 6:
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r0 = syz_fuse_mount(&(0x7f0000000380)='./file0\x00', 0x4000, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000100)={<r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c})

03:40:59 executing program 6:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0xf}}}, 0x1c)
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0xe, &(0x7f0000000300), &(0x7f00000002c0)=0x2)

03:40:59 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendto$inet6(r0, &(0x7f0000bc2000)="81", 0x1, 0x0, &(0x7f0000606fe4)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, 0x1}, 0x1c)
listen(r0, 0x7)
r1 = accept4(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffe95, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000004d80), &(0x7f0000004dc0)=0x10)

03:40:59 executing program 2:
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000804000))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000), 0x4)

03:40:59 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="a29ab0893fde", [], {@ipv6={0x86dd, {0x0, 0x6, '?:T', 0x14, 0x2f, 0x0, @remote={0xfe, 0x80, [], 0xbb}, @mcast2={0xff, 0x2, [], 0x1}, {[], @tcp={{0x0, 0x883e, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f00000004c0))

03:40:59 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000040)={0x2, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x88)
setsockopt$inet_msfilter(r1, 0x0, 0x18, &(0x7f0000000180)={@rand_addr, @dev={0xac, 0x14, 0x14}}, 0x10)

03:40:59 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0)
close(r0)

03:40:59 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000480)={0x1, 0x0, [{0x0, 0x1, 0x0, 0x0, @irqchip={0x5}}]})

03:40:59 executing program 7:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r0, &(0x7f0000000240), 0x0, 0x20000040, &(0x7f0000000280)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
bind$inet(r0, &(0x7f0000942000)={0x2, 0x0, @multicast1=0xe0000001}, 0x10)

03:40:59 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x100000000000048, &(0x7f0000000500)=0x2, 0x4)
sendto$inet6(r1, &(0x7f0000000000), 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}, 0x1c)

03:40:59 executing program 2:
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000804000))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000), 0x4)

03:40:59 executing program 4:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x8000000002, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='pagemap\x00')
sendfile(r0, r1, &(0x7f0000493000), 0xfffffffd)

03:40:59 executing program 6:
r0 = socket$inet6_sctp(0xa, 0x40000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in6={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, 0x100000001}], 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r1=>0x0]}, &(0x7f000095dffc)=0x8)
setrlimit(0x7, &(0x7f000046eff0))
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f000095cffe)={r1}, &(0x7f000095c000)=0x8)

[ 1320.497016] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00bb with DS=0x3
03:40:59 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
setsockopt$packet_buf(r0, 0x107, 0xf, &(0x7f0000000200)='a%-3', 0x4)

03:40:59 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0)
close(r0)

03:40:59 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000040)={0x2, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x88)
setsockopt$inet_msfilter(r1, 0x0, 0x18, &(0x7f0000000180)={@rand_addr, @dev={0xac, 0x14, 0x14}}, 0x10)

03:40:59 executing program 7:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
socket$key(0xf, 0x3, 0x2)
r1 = socket(0x10, 0x2, 0x0)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0)
sendfile(r1, r2, &(0x7f00000000c0)=0x39, 0x4000000000000003)

03:40:59 executing program 4:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000007c0)={0x0, 0x0, <r1=>0x0}, &(0x7f0000000800)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000740), 0x0, &(0x7f0000000840)={[{@gid={'gid', 0x3d, r1}, 0x2c}]})

[ 1320.696152] hfs: gid requires an argument
[ 1320.700418] hfs: unable to parse mount options
[ 1320.727143] hfs: gid requires an argument
[ 1320.731418] hfs: unable to parse mount options
03:41:00 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendto$inet6(r0, &(0x7f0000bc2000)="81", 0x1, 0x0, &(0x7f0000606fe4)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, 0x1}, 0x1c)
listen(r0, 0x7)
r1 = accept4(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffe95, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000004d80), &(0x7f0000004dc0)=0x10)

03:41:00 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, 0x0)

03:41:00 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0)
close(r0)

03:41:00 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000040)={0x2, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x88)
setsockopt$inet_msfilter(r1, 0x0, 0x18, &(0x7f0000000180)={@rand_addr, @dev={0xac, 0x14, 0x14}}, 0x10)

03:41:00 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
setsockopt$packet_buf(r0, 0x107, 0xf, &(0x7f0000000200)='a%-3', 0x4)

03:41:00 executing program 7:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
socket$key(0xf, 0x3, 0x2)
r1 = socket(0x10, 0x2, 0x0)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0)
sendfile(r1, r2, &(0x7f00000000c0)=0x39, 0x4000000000000003)

03:41:00 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, &(0x7f000000a000))
r1 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
unshare(0x40600)
pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000180)="a9", 0x1}], 0x1, 0x0)
r2 = creat(&(0x7f00001d3ff4)='./file0/bus\x00', 0x0)
dup2(r2, r1)

03:41:00 executing program 6:
r0 = socket$inet6_sctp(0xa, 0x40000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in6={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, 0x100000001}], 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r1=>0x0]}, &(0x7f000095dffc)=0x8)
setrlimit(0x7, &(0x7f000046eff0))
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f000095cffe)={r1}, &(0x7f000095c000)=0x8)

03:41:00 executing program 2:
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f00008d8000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff01d5c500000000000000000000000100000000000000000000000000000000000000fbff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d8ab6560f788667aca767c24e86e00000000000000000000000000000000005e000000000000000020"], 0x1)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00003cf000)={&(0x7f0000f4dff4)={0x10}, 0x3c0, &(0x7f00005ad000)={&(0x7f00008d8000)=@migrate={0x15c, 0x21, 0x1, 0x0, 0x0, {{@in6=@ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, @in6=@dev={0xfe, 0x80}}}, [@migrate={0x10c, 0x11}]}, 0x15c}, 0x1}, 0x0)

03:41:00 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000040)={0x2, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x88)
setsockopt$inet_msfilter(r1, 0x0, 0x18, &(0x7f0000000180)={@rand_addr, @dev={0xac, 0x14, 0x14}}, 0x10)

03:41:00 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, &(0x7f000000a000))
r1 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
unshare(0x40600)
pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000180)="a9", 0x1}], 0x1, 0x0)
r2 = creat(&(0x7f00001d3ff4)='./file0/bus\x00', 0x0)
dup2(r2, r1)

03:41:00 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
setsockopt$packet_buf(r0, 0x107, 0xf, &(0x7f0000000200)='a%-3', 0x4)

03:41:00 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa}, 0x1c)

03:41:00 executing program 7:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
socket$key(0xf, 0x3, 0x2)
r1 = socket(0x10, 0x2, 0x0)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0)
sendfile(r1, r2, &(0x7f00000000c0)=0x39, 0x4000000000000003)

03:41:00 executing program 7:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
socket$key(0xf, 0x3, 0x2)
r1 = socket(0x10, 0x2, 0x0)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0)
sendfile(r1, r2, &(0x7f00000000c0)=0x39, 0x4000000000000003)

03:41:00 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa}, 0x1c)

03:41:01 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendto$inet6(r0, &(0x7f0000bc2000)="81", 0x1, 0x0, &(0x7f0000606fe4)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, 0x1}, 0x1c)
listen(r0, 0x7)
r1 = accept4(r0, 0x0, &(0x7f0000000000)=0xfffffffffffffe95, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000004d80), &(0x7f0000004dc0)=0x10)

03:41:01 executing program 2:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000b4508a)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xffffffff)
mmap(&(0x7f00006ff000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
lseek(r0, 0x0, 0x3)

03:41:01 executing program 0:
r0 = socket$inet6(0xa, 0x2000000802, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000f68000)={@loopback={0x0, 0x1}, 0x800, 0x0, 0xff, 0x1}, 0x20)
r1 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000040)={@loopback={0x0, 0x1}, 0x800, 0x0, 0xff}, 0x20)

03:41:01 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, &(0x7f000000a000))
r1 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
unshare(0x40600)
pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000180)="a9", 0x1}], 0x1, 0x0)
r2 = creat(&(0x7f00001d3ff4)='./file0/bus\x00', 0x0)
dup2(r2, r1)

03:41:01 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
setsockopt$packet_buf(r0, 0x107, 0xf, &(0x7f0000000200)='a%-3', 0x4)

03:41:01 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa}, 0x1c)

03:41:01 executing program 7:
syz_emit_ethernet(0x72, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="dde9d81cba33", [], {@ipv6={0x86dd, {0x0, 0x6, "fffff3", 0x3c, 0x3a, 0x0, @ipv4={[], [0xff, 0xff], @rand_addr}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@dest_unreach={0x303, 0x0, 0x0, 0x0, [], {0x0, 0x6, "c545f9", 0x0, 0x2f, 0x0, @empty, @mcast1={0xff, 0x1, [], 0x1}, [], "a0a888beffff15000000e2dc"}}}}}}}, 0x0)

03:41:01 executing program 6:
r0 = socket$inet6_sctp(0xa, 0x40000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in6={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, 0x100000001}], 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r1=>0x0]}, &(0x7f000095dffc)=0x8)
setrlimit(0x7, &(0x7f000046eff0))
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f000095cffe)={r1}, &(0x7f000095c000)=0x8)

03:41:01 executing program 7:
syz_emit_ethernet(0x72, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="dde9d81cba33", [], {@ipv6={0x86dd, {0x0, 0x6, "fffff3", 0x3c, 0x3a, 0x0, @ipv4={[], [0xff, 0xff], @rand_addr}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@dest_unreach={0x303, 0x0, 0x0, 0x0, [], {0x0, 0x6, "c545f9", 0x0, 0x2f, 0x0, @empty, @mcast1={0xff, 0x1, [], 0x1}, [], "a0a888beffff15000000e2dc"}}}}}}}, 0x0)

03:41:01 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa}, 0x1c)

03:41:01 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000000)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b7050000000008006a0a00fe00000000850000000b000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0xe, 0xe5, &(0x7f0000000080)="31d8f0bd7eb8993528a10e346bb4", &(0x7f0000000580)=""/229}, 0x28)

03:41:01 executing program 2:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000b4508a)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xffffffff)
mmap(&(0x7f00006ff000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
lseek(r0, 0x0, 0x3)

03:41:01 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x14, r2, 0x1, 0x0, 0x0, {0x10}}, 0x14}, 0x1}, 0x0)

03:41:01 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000027000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x50, &(0x7f000000a000))
r1 = creat(&(0x7f0000df1000)='./file0/bus\x00', 0xbc9dc8fbd81cb4b1)
fcntl$lock(r1, 0x7, &(0x7f0000027000)={0x1})
unshare(0x40600)
pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000180)="a9", 0x1}], 0x1, 0x0)
r2 = creat(&(0x7f00001d3ff4)='./file0/bus\x00', 0x0)
dup2(r2, r1)

03:41:01 executing program 7:
syz_emit_ethernet(0x72, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="dde9d81cba33", [], {@ipv6={0x86dd, {0x0, 0x6, "fffff3", 0x3c, 0x3a, 0x0, @ipv4={[], [0xff, 0xff], @rand_addr}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@dest_unreach={0x303, 0x0, 0x0, 0x0, [], {0x0, 0x6, "c545f9", 0x0, 0x2f, 0x0, @empty, @mcast1={0xff, 0x1, [], 0x1}, [], "a0a888beffff15000000e2dc"}}}}}}}, 0x0)

03:41:01 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000001700)="295ee1311f16f477671070")
r1 = socket$inet(0x2, 0x3, 0xff)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000469ffc)=0x7fe, 0x4)
sendto$inet(r1, &(0x7f0000edf000), 0x28, 0x0, &(0x7f0000cd2ff0)={0x2}, 0x10)

03:41:02 executing program 6:
r0 = socket$inet6_sctp(0xa, 0x40000000005, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000961fe4)=[@in6={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, 0x100000001}], 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [<r1=>0x0]}, &(0x7f000095dffc)=0x8)
setrlimit(0x7, &(0x7f000046eff0))
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f000095cffe)={r1}, &(0x7f000095c000)=0x8)

03:41:02 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x14, r2, 0x1, 0x0, 0x0, {0x10}}, 0x14}, 0x1}, 0x0)

03:41:02 executing program 3:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000240)={0x0, <r1=>0x0})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
waitid(0x2, r1, 0x0, 0x80000009, 0x0)

03:41:02 executing program 7:
syz_emit_ethernet(0x72, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="dde9d81cba33", [], {@ipv6={0x86dd, {0x0, 0x6, "fffff3", 0x3c, 0x3a, 0x0, @ipv4={[], [0xff, 0xff], @rand_addr}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@dest_unreach={0x303, 0x0, 0x0, 0x0, [], {0x0, 0x6, "c545f9", 0x0, 0x2f, 0x0, @empty, @mcast1={0xff, 0x1, [], 0x1}, [], "a0a888beffff15000000e2dc"}}}}}}}, 0x0)

03:41:02 executing program 2:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000b4508a)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xffffffff)
mmap(&(0x7f00006ff000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
lseek(r0, 0x0, 0x3)

03:41:02 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0xc06855c8, &(0x7f00000008c0)={'veth0_to_team\x00'})

03:41:02 executing program 0:
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r0, 0x5eb857)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e23}, 0x10)
accept4(r0, &(0x7f0000000040)=@can, &(0x7f0000752ffc)=0xfffffffffffffe20, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
recvmmsg(r1, &(0x7f0000000200), 0x3b4, 0x0, 0x0)

03:41:02 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00009f3fa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00003c1000)="0a0775b0d5e383e5b3b60c", 0xb)
r2 = accept$alg(r1, 0x0, 0x0)
sendmmsg(r2, &(0x7f00000031c0)=[{{&(0x7f0000000140)=@can={0x1d}, 0x80, &(0x7f0000000780)=[{&(0x7f00000006c0)="14", 0x1}], 0x1, &(0x7f0000003640)=ANY=[]}}], 0x1, 0x0)
recvmsg(r2, &(0x7f0000003580)={&(0x7f00000003c0)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f00000034c0)=[{&(0x7f0000003440)=""/112, 0x200034b0}], 0x1, &(0x7f0000003500)=""/106, 0x6a}, 0x0)

03:41:02 executing program 7:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff})
recvmsg(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x5a, &(0x7f0000000000), 0x18d, &(0x7f0000000340)=""/148, 0x94}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x40000000000037f, 0x0)

03:41:02 executing program 4:
pkey_mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0xffffffffffffffff)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x8, 0x0, &(0x7f000000dff8)=[@release={0x40086303}], 0x0, 0x0, &(0x7f0000000f4d)})

03:41:02 executing program 2:
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000b4508a)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xffffffff)
mmap(&(0x7f00006ff000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
lseek(r0, 0x0, 0x3)

03:41:02 executing program 3:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000240)={0x0, <r1=>0x0})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
waitid(0x2, r1, 0x0, 0x80000009, 0x0)

03:41:02 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x14, r2, 0x1, 0x0, 0x0, {0x10}}, 0x14}, 0x1}, 0x0)

03:41:02 executing program 1:
r0 = socket(0x40000000002, 0x3, 0x3f)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='bridge0\x00', 0x10)
sendto$unix(r0, &(0x7f0000000080), 0xffeb, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0xd0000e0}, 0x63)

03:41:02 executing program 4:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndtimer(&(0x7f0000000100)='/dev/snd/timer\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f00000000c0))

03:41:02 executing program 7:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff})
recvmsg(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x5a, &(0x7f0000000000), 0x18d, &(0x7f0000000340)=""/148, 0x94}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x40000000000037f, 0x0)

03:41:03 executing program 1:
mmap(&(0x7f0000000000/0xddf000)=nil, 0xddf000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140), &(0x7f0000000280))

03:41:03 executing program 3:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000240)={0x0, <r1=>0x0})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
waitid(0x2, r1, 0x0, 0x80000009, 0x0)

03:41:03 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x14, r2, 0x1, 0x0, 0x0, {0x10}}, 0x14}, 0x1}, 0x0)

03:41:03 executing program 2:
r0 = epoll_create1(0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x90000010})

03:41:03 executing program 0:
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r0, 0x5eb857)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e23}, 0x10)
accept4(r0, &(0x7f0000000040)=@can, &(0x7f0000752ffc)=0xfffffffffffffe20, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
recvmmsg(r1, &(0x7f0000000200), 0x3b4, 0x0, 0x0)

03:41:03 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000040)="005c8f2380345f8f762070")
r1 = socket$inet6(0xa, 0x2000000000001, 0x0)
setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f0000000040)=@fragment, 0x8)
setsockopt$inet6_int(r1, 0x29, 0x4, &(0x7f0000000000)=0x3, 0x4)
bind$inet6(r1, &(0x7f0000402000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
sendto$inet6(r1, &(0x7f00007a8fff), 0x3a7, 0x20000000, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)

03:41:03 executing program 7:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff})
recvmsg(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x5a, &(0x7f0000000000), 0x18d, &(0x7f0000000340)=""/148, 0x94}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x40000000000037f, 0x0)

03:41:03 executing program 6:
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000180), &(0x7f0000000140)=0xf)

03:41:03 executing program 3:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000240)={0x0, <r1=>0x0})
ptrace$setopts(0x4206, r1, 0x0, 0x0)
waitid(0x2, r1, 0x0, 0x80000009, 0x0)

03:41:03 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x167, &(0x7f0000000100)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r2, &(0x7f00000015c0)={&(0x7f0000000040)=@pppol2tpin6, 0x80, &(0x7f00000014c0)=[{&(0x7f0000003ec0)=""/4096, 0x1000}], 0x1, &(0x7f0000001580)=""/32, 0x20}, 0x0)

03:41:03 executing program 0:
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r0, 0x5eb857)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e23}, 0x10)
accept4(r0, &(0x7f0000000040)=@can, &(0x7f0000752ffc)=0xfffffffffffffe20, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
recvmmsg(r1, &(0x7f0000000200), 0x3b4, 0x0, 0x0)

03:41:03 executing program 4:
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x10bd}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0xa, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x0, 0x1, 0x50}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x1, 0x3bc, &(0x7f00001a7f05)=""/251}, 0x2e)

03:41:03 executing program 7:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff})
recvmsg(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x5a, &(0x7f0000000000), 0x18d, &(0x7f0000000340)=""/148, 0x94}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x40000000000037f, 0x0)

03:41:03 executing program 2:
r0 = epoll_create1(0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x90000010})

03:41:03 executing program 5:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070")
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x1, 0x0)
write$sndseq(r1, &(0x7f0000000200)=[{0x81, 0x1000000000006, 0x0, 0x0, @tick=0xe3, {}, {}, @raw8={"959546592b83c98a10d789af"}}], 0x30)

03:41:03 executing program 6:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'kw(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00004f7000)="649c47ad46390d006dc80000009d4d54", 0x10)
r1 = dup(r0)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
write$binfmt_script(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="2321202e2f18696c6530202026766d6e"], 0x10)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003940)=[{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000300)="097be1758b29ecc7ee925fe171e3dfe3", 0x10}], 0x1, &(0x7f0000000780)}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000b00), 0x204, 0x0, &(0x7f0000000b40)={0x77359400})

03:41:03 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000340)='/dev/input/event#\x00', 0x3fe, 0x200)
ioctl$EVIOCGKEYCODE(r0, 0x80084504, &(0x7f0000000380)=""/203)

03:41:03 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4040ae79, &(0x7f00000005c0)={0x0, 0x0, [0x0, 0x0, 0x8000000]})

03:41:03 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000140)}, 0xc100)
sendmsg(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000240)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2013ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb08ad0491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db2d6e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d9f44f059a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca116f8f11416e5c1bd5499636ddae25fc49709f0309cf5c0bf8e432160c258d14223b3b0d009b09858645773dd97e68a9531072713cff077b2e73e03ed4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243f33e7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147eebe8b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff72b53e2622d6e8b4a4c815fb2ea90ef63e141209dd29254e5ab5bde9c6817b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0efa4d9d3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bb20dcf3e90f80a4a8ac093de9f0d9c11a540aff2de27437787bbed317439cafb71e7f92b7e02cbadb076f04ba2cb8c96aeef53c74d9036c922b1b24a79228e833abc661b5630caa45389341cb8ddf277fd916141023fb53c0d155faf6fdfb593e22db25c4f8afdcd90d437672ebe975f4a5f445bbdd845505fcfea702a42d821d3dc11720de0009e83161e5a089d09184346606e126842de54e85e20aa5fac874367a8690d09d6e041378bd424eabe8248652c3f75a849ff89da7b6be87fb3fe6ff22693b0cece9e4d935f28bb7efd85afb1642a363d583eb01f48f25784f80002b163bd3da724b0391dac7c23f76b5c5c6319f7aab18a486d5607f68ce2f83d2a6a8a13f8ecdb845b8af96230f063019ff113698c720403bbf6202b2d5e6146f14a45afe6ed538fc1fa57518769bd3bfc11e743b4e56b01f17483a152abcca0bd84a1011bd703a494150176d17322cf10307d259999622b76ac6a86407c9ed281ae29b9b569b382d3f39fe4d07706c96c41a565437d9edb1cb532d900efe54f518044bba5fa5791c1797c569a3d6c21342d92f4b104a3d957cf85e617c46ac97b6785a455ce7765eb80a02de4dffde0207061e1afb61e777379b202707f0f49edcf21a186ea1f2e08ef1dc15ae3371280d89aabb3bd53408b4cb2a8e42f9f4d0bc11d766eb51940f5e92559b91954649f2786fb6683e19ca5f609c40e327876f5515aeefce0f390d3fd557aabcb091b04131f3edc1ed80a2d5a812786530a302ab54f7e1f3a6bca852722d1af85ceab2e6565733b31f76d795b1a603a780564b181ebadb0028c03d0c2c2831ce3a83369bf4ec61f802633e719040dac86c9c26e01bdad8a18d33cd91ed4dcdf6f1e1d93d3ecfc1a8b0993ec8e441321a107e0f8e14b4eb135041eab6278b1557d13780f1b4f520cf0d5948d86842ea547824bdcc37a5383b3e58918b0a6ddaa38f9358ba907629bec4ec41a3c685adca897d41b0a847b3b20100daa73d01dd2cca16cad83af5bbae0e0b107de49a9222aef89cc4a6efde35f381433151afea24aa88bb44be666a996bb45fd37e", 0x585}], 0x1, &(0x7f0000003b40)}, 0x0)

03:41:03 executing program 1:
r0 = inotify_init1(0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f000045fff8)={0x0, <r2=>0x0})
ptrace$setopts(0x4206, r2, 0x0, 0x0)
ptrace(0x4207, r2)
ptrace$cont(0x20, r2, 0x0, 0x0)

03:41:03 executing program 0:
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r0, 0x5eb857)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e23}, 0x10)
accept4(r0, &(0x7f0000000040)=@can, &(0x7f0000752ffc)=0xfffffffffffffe20, 0x0)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
recvmmsg(r1, &(0x7f0000000200), 0x3b4, 0x0, 0x0)

03:41:03 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
socketpair$inet(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r1=>0x0, 0x0})
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'veth0_to_bond\x00'})

03:41:03 executing program 2:
r0 = epoll_create1(0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x90000010})

03:41:03 executing program 3:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r1=>0x0})
ptrace(0x10, r1)

03:41:03 executing program 6:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)=""/193, &(0x7f0000000280)=""/97, &(0x7f0000000300)=""/127})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000700)=ANY=[])
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, &(0x7f0000000380)=""/115, &(0x7f0000000580)=""/156, &(0x7f0000000940)=""/185})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000040)=0xfffffffffffffffc)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x1, &(0x7f0000000080)=""/65, &(0x7f0000000400)=""/64, &(0x7f0000000440)=""/199, 0xfdfdffff00000000})

03:41:03 executing program 4:
r0 = socket(0x40000000015, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r1=>0x0}, &(0x7f0000000200)=0x5)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000080)=0xc)
setreuid(r2, r1)

03:41:03 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, 0x1c)
write$binfmt_aout(r1, &(0x7f0000000080)={{0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}}, 0x20)

03:41:03 executing program 1:
r0 = socket(0x10, 0x2, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
sendfile(r0, r1, &(0x7f00000000c0)=0x4, 0x80000002)

03:41:03 executing program 2:
r0 = epoll_create1(0x0)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x90000010})

03:41:03 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
get_mempolicy(&(0x7f0000008bc0), &(0x7f000000bbc0), 0x100, &(0x7f0000ffe000/0x2000)=nil, 0x3)

03:41:03 executing program 4:
r0 = socket(0x40000000015, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r1=>0x0}, &(0x7f0000000200)=0x5)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000080)=0xc)
setreuid(r2, r1)

03:41:03 executing program 6:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)="2e2f6367726f75702e63707500eac5bea7af575a45fddd5af3a7709295a69e7bc5fd0592bf2a4dc8ace908be8842141ca2a714ed0163d4afd8ac48123d4869e05556a93347d6a7430e03a5f2beb186f16bacf2e4dcdcf3b9ff1d99165ce38d996e7798fe471d9a0d81acd08788fcc9892a2487efcde7a649614b14ba1c18", 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000180)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)
pwrite64(r1, &(0x7f0000000080)="e4", 0x1, 0x0)

03:41:03 executing program 4:
r0 = socket(0x40000000015, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r1=>0x0}, &(0x7f0000000200)=0x5)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000080)=0xc)
setreuid(r2, r1)

03:41:03 executing program 6:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)="2e2f6367726f75702e63707500eac5bea7af575a45fddd5af3a7709295a69e7bc5fd0592bf2a4dc8ace908be8842141ca2a714ed0163d4afd8ac48123d4869e05556a93347d6a7430e03a5f2beb186f16bacf2e4dcdcf3b9ff1d99165ce38d996e7798fe471d9a0d81acd08788fcc9892a2487efcde7a649614b14ba1c18", 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000180)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)
pwrite64(r1, &(0x7f0000000080)="e4", 0x1, 0x0)

03:41:03 executing program 0:
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg(r0, &(0x7f00000016c0)=[{{&(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x2, 0x3, 0x0, 0x2, {0xa, 0x4e23, 0x3, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, 0x6}}}, 0x80, &(0x7f00000011c0)=[{&(0x7f0000000100)="51f48ffc08c0198dbd68bbcdae745fa9a9ce41f85fc99caf23460700c5d3f6cffbd889134b3c287e83e486d723801995948f53c94e774c7bba1ec6ea5f7aa87e4db0a3b83314f40c2a17f59496d386a0181af743b2185ab50100204f66892ee0cd80d9ae9658b935ff346651650095f061e9f00f5bc01ce4d7216b5c9d5f113170bce56034710aeae621fc0e0e790702163977a355ffda20b5e7f846922aecd72aa501ea40f78af82730422efccfd384b940d64c8561a9430718acd142b40e945250ebacadb8371733e91843b7adf81aff27e9c55568c8ecf7b1ca154bb462aeeeea97f97c489f38b2ba21057aa3145df2ed66de3dac549ac1daf0207f338a9be02cbe0c04f065c3202fb1afd112fcd6a29d0e8d15814b4f11cd8c35ac51c0c9f6bd8abdc9c95765debe51c3f0285ec569c34de9269d1b47e0d5029fdba1df51e92acefd569cc9ea91f2dfb3328a44b9a7cc6569d29dc1d4bc2b28b51acfba9b8d9239d81ee342369931fb59bfca188c77226b9bb4a19c3b6f73e48b70c5714581948254394390ab5e332d98d7cae48a0b3a3288cf32d5dcb2b8dd1fbcb1ba94aae2af3a1d37dcd3dccc36f95ea7f3d125090460063dc65cb06e3f59ec8a9d90b5c98c3b6012fc26fcb041442e0722982d920087afd83f9f4ae19cfd730caa05585b38517fc592ba8b8545ab3973d10089973bc89f441d3196b0733e91ea75b7cc620baf318130d243deab263ef0d88f8d4e0a8bdda345cf988a5a1f82714b4387b0bf127f1aa36b5d92abd313990eaae6ae7e75a933fb3463658c6f28503428e6fd276cddc8244da990c0810f73dad677e425c502409b587e824e72e6670995ad36c86e2aec2a7f3c77f9d62a7a786469ce8b99a2ba93667ca032c12cb59913650135b6d7dc1f201ff54a080c8a5a05d4d45dd0cc85bf4bc9241e8c137f49313aaef2669cc43efff3a84c74f34351d2afa225625378ecded3fd1b9d838c87c052ffb79bb8bf72c59117c0a559817afe7aa6d8e7fc7df7d447670cdfa33f38925512f335f9bac226c047efab767b0ec03ecffe8e505ae547a183ccd7d6264bfba68b827cc0293c4562d8de700e646e2ff8a2af9110dbc538ebf0afeddb4c852bdf78fbb84314bb78b8b0cd12cc7b8c4b6b7176147b47069a1d28a8f7877548fd957da8fbbe496caeef856b07123dae26154ddb64183262e6289ab03fb49a0fba0336f129b56803bb8730312085e23dac32bbc4def0763b3b4cc9ada528eb436f21f38c5563f9207225ce6422e98b7b03d7b2ea5b54f324fff6229526aaebdb4430a3d1b46c9570513da9d851175739f0fda018c5035e98fb2b1b5d6743addede65e97a444695ae850fcf56db679c19ffe3be9a6b3d55fae13875a3306acbc7fb92fcfb122b8c2955077400e3aa87ca43cc889ac368ce9674de9e66ac5c300fb8a3ee091cc62d2dc213d77d2a7fc9f87004abeb88ba8686edb3a232cafaabf524f985dd10a40d01c1e82d34ddf4fde4b2bee000aa9183b4055955ad411e7780e4a6a4c2f6d90d01922063d3e26a5876d195d0464740db7a025f63c3fcf188f57a8921fc0de54904a6c4d3c0ee308d2a9d090ec1cfcdfa379c46e24fb492d126c45cf2ce43f894e299cef89dc03f3796291ea06836885e2e84d7b13d8d731eb36200ff1ec7247941cd8fb6a3a59a84c253285668d4f408edefd48c1cbeb820ede726c60f43b12dded57324f288e1bb1147adf1821dffd9fc2a264191829001b07e00197572485c761ad7837dafbac5d19bd0f0cdc797ebd8f27a26011463f3b904f2bfee3787a7cd891c2b1259efad03bf5ac8505d94b20b00bf2f7401b6068a4b70bc47a4472d4c170573478b4c74aa6fcad26cd98e9be24929f50cd81d2d8f3ac5b116f96453aa754d480023bc2c37bfb3a4331350bf55a316ec3ba909b5541c5c174d07717d21dcdb3dd3d1615fb7ed1c38b20de8aa82f09774c19b3bb5b80a1504c705e38872f04c13f41c2f1e1c9235d306498bff2fffc176ef253687352ba7c69b267ff50d1e0943b950cb2144c8afdc6337f9875f696740f5573faa3fc58a1a7f1e3df8c3751f05ada1a1f5cc20a3eaa4ffb9ed692a9f21c91a73252b333b3946e517204b21f98a647b0d0c058831ea75c9666d5c6c3c6caa289b9609023fa2a43a5d083d169c5377186c9ce3b6a50b84f29520a3f8a57a925507ce8c68a8d50d96f342381bd0150adc9ed0066d090b2784fa420e848da9a4b15713703c6cc6e49866b7f1eabd29d8b760e7715bc25f747ec7fbc78913b3f55c54cce5daadbdc0f9417d81697a9316ba73012659c8489f078ef86bd57e0d08ce7d5684b172fa49561be96c6b1dcb52b599206876ea16af5889988ecc45fa551393b002c236f8cae0578c914f6295595a7dad58cafced0edb02f9f76c81cd3fabd8c09bcdeaace94980fe2d233c282f26e46a4748d44ce94d19759409576fba3f72c8b92912712e9d939c8637233ce20852094e49d3a370cf4445a423d33718d799c16e05874fb29942a73aec22df1144ac5dea3258a87698424bf711a3b8122f3859840a7db44f362073f6171d980374111916395a2af20c6fef6d5f5d61989bde4e4e06867f7d70e0705ce6080b585f7628af402c398e7c843faa6c10bf3e3caa19ec641bb196fc259585e4b4250de50a588b40a3fe1a55ac4d7e4199ef95cdc1fd4d96150fede734da107049c599554327c54f83dfd4d8f2fd3295602aa46fe3295a2d28000f13ab330ddb14461e1240cb70b5676a0c1aa0ad30a73b9d3f620fd2cab5e149f5805924d6d3aa549ea00b90aeb8069cb9d1f302eec498fec46adb9d745d4c9b51ccd68c65e11d4c8be95d8e5aeefc19bab99dc29b48ae126119908735f60f6fcaefc45164ad668c87e3f9dd891de1ea86ac20a210a22c183751efec23744cd8c6b49106c01617505ab324057a27f521b40823899e9538e6b377993c4c5173a010092cbb1066eac1dca6a7e3d67ff0fb48e4dd3cdc9852b233f4f6802aefe2d174eb84c15546bf87d7aad98dd0916f9fa32c1dc98e2a5f477b14b396c03416b1940d97e4694e57a4cc339dc76b57a13d93e729435f9d19ed77f068b364321567783b8fe3e7f0bf39e1045754851c8d9c7fd70f73bc208f09a373de25a61e7228634e982216aa3b5157b264362b92fd80508378c4f954e0b2231cf78f4121b350f3d5ba5f6e0b90eab45d8a44135f73fcf4da646458abdb735f1e99605191e7c7fa11462e12fedd076ddfc6e95131e31d4bcde8bcbee57aa63760a395ab74cacb3307aa4ec64dcb5c3e1cbb3735f7c03525e02925101885d190cc7cde2e8c9823bf47a4aac1c1d21bef0580e88520f5e36f544fd0dfe49e0299756715e95ecfa3948b8c1829ff7864f7e052e0b28297596ab6367bd3f9ffd1b710045d984d46bed5c4a013e0acc362bb8c2ecad01b5e08bd04fd0443c6afef3faa82eccdf1d61fad7457862967a8724dee1818f4916ca3e3fd7b3a4ff7affd758b1e43b9a0cd2499a56d945770469cefadcb6a66491c8d7d0f9b1663b09ad11e19afb1cd41a2eb68855d8835421a79076643bcdec4018828e5d2edf5ce35345a9786e5723b60820f9f0e72406df1fa859fe90a16b8fbf3e19abe76d64d9b1c6a7cb2909e337ad89da4f1bf8f683a194742f0524eb110849c270a99125e4b8fc71ab92f9482931202fb6c8f062e6511baed5bd7cd2ba652dc5c0a40f36fd43434808db5de958fc0d233a6b37e467025e59352f133cb48564fb52e9dbb5617afb5e7cc7554fe5a5e0dfbbdf792ea495985dc157e848d6ffac7f94e3ea9199276d955c97b1b43bb6f12eabf0d6b2d878c95e78e586cbeed1e048bb1341f7c1adc67436e4307d662e08f68bed1800f7f87a84e19eed5293f7150b76efcbfb7b8c1b1a2448c9e7cfbb19a15f40464ba546604bce01a086e7f35d291c8bc264e30916a701aa7eff42c79c3b8c9baddb4071739b1ec0c01ffd8df5a1f13ca92d077946e64c58f2889e15f4179bcd521129ff3ceceb3de239cb4cb5b1668eb136f1b5d353ed1327301010459578778a5a348ffed525fcc8f077e87ed6760c53ae2a1c52f544ead68b4f2a064228b1c3ed0774113fb69dfe7c2b3db8ebbef6598f9eca8868928fe65fd967c5ef903f4ea86b256cc711e026d1534803e3721cd1018bbd92601bb430b1cb02e426ca40f007b34827c5a3d4e9b11272bc361bb9ef209302101fcfc77b73b6182aa90a3da3497e011bcb92321c69f30cc96c5e491ca7fe03797acabb13c1be71535f0ca4fa88219744edf6c14a7fd85b8b5971937ca14aa931186a8ae0cdf8e2daa2a17f223cec17d8083890e395b9710763ef219b28db17da258f5a5accf237285c7b36b3bd86c664239cf2bd945165f6edd902085bbe3be0c7e80801fc5871c50b99f9d2d2ee923c479fbb0f7748a29e92c447c47dbd8a2977437d108ef8a8e27fbd9a1322cdd2665195f646664a7d43b2399616adaece1bec58c0812619b517f807a7eced31233ea77db77af768133a3689316523615797185a1b2840127367babc628fb752976c782d8886fb16f8d8b4cad977fd5af690209101ce42bd1f95e6a1539e5622f15b454ed3043ff92b037d82d5e304b4796f8892e781f20fd3ec853bd777c14d96513ad2b303fab15af0f842f74683bf9f3c9175a8857636d97a375a5856552a13f7a9fdf146cfafe92b85b5f376e3eab28c0eec690e59b3b2679350f7328321459ccbc46caceeb417429f4c47322f49a1e0986c66ea8d4f6b17463e1f4dbd922e87aec9989ef9ffb5aad1975c5ec5dc05493de21eaa424ee4ee1b3e622304ef21254838038d0e1cfe5ad3ac66b71a9c04b8a2aa987ed47c4e94df8f8ba7309cdbbb071a4afa4c62cf767e86b8eeee9304872bca94f79b17adb8a2be138b99b3603cbd05230ba0288159ddb70010a9c3a59cb162f413c6151d3b01669eb67f616c3646be8f7de97065fb54ed0ae32d10ab59fdd52532eda7cf0aa3acd18e4e3a21307178b9c8e53a13c75e921cd8f38edff67cef1364cefda571cb3932ff09cbd754d0766f6997e8e30f95e14978e9573a23c77179750ce7ca8235b3693ce4f4f68e2e40f8c2f1568d2ec5dc7daf30969ac06786e82e5b6017764f4436cf53b68e8fd759a6d6b2d8dab488d9bac09856d336f229ba6687ecca584c50b9993aeda40d71dec5a463c34658cd4cc98afe1cc956a49292c08f45354ad60a50244de100385595683cc03a633c6dd187e7557c7da3a30f2c3752ce27db0068599bdd80df5c26d6da1c303da6407cea72813923ecd7702a15b1f4590b010767da32de8c39f732b7a95a6e4358df64977d3c654d8d589f074fb5879e885e030cd9e814505f52c7b5402c9b00d1f593d50204ffa5c1399a8c90f9db68a1ce73c111c42b9afb5813f5760e7bb7d66a4c94b12049f05c07f5d234a216b78ed9b0e98f9fabdab27f72aa85b96e27fb38151ba66df16e548f1105d2fad2d543026a9d444eecc6e7d5931a8ad2efb6610fb9468aba7ee2e31ff58fef2d0d8c43121ee1200feaac5e8d24e3608a066108401e3fc7ad73fd79b2e9eadd2f68163ad9a9c47f5cac43b9851b013f71849687d4871d3c8f6dffc198a4bc7fe58c3b41a96a8d2f358973f41c7d3b9e2637086909626cb72f67d2ca1d3e35812c5b251bc17edf0d77706a49251f73b713cef2a3debd7e2ee4dee334dca1db267dd6ace8385ef03ebdd941088472da019c285714f6d4bbfbc88b28e77b2d6cacdb343", 0x1000}], 0x1, &(0x7f0000001200)=ANY=[], 0x0, 0x1}, 0x100000000}], 0x1, 0x8040)
setsockopt$llc_int(r0, 0x10c, 0x3, &(0x7f0000000000), 0x4)
connect$llc(r0, &(0x7f0000000040)={0x1a, 0x337, 0x47, 0x4, 0x3, 0x7f, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x10)

03:41:03 executing program 1:
r0 = socket(0x10, 0x2, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
sendfile(r0, r1, &(0x7f00000000c0)=0x4, 0x80000002)

03:41:03 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000040)="66ba2000edc4c2f90089c2dcf8070f01ca660f013726660ff19dfaffffff64670f06660fd58d0a000000d19e650600000fb04b5c0f30", 0x36}], 0x1, 0x0, &(0x7f0000000100), 0x0)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="640fbe0af0f75100ba420066ed360faa66b9800000c00f326635000800000f308221990fc71e27000f216d260f2134baf80c66b82735ea8166efbafc0cb06cee", 0x40}], 0x1, 0x24, &(0x7f00000002c0), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10004, 0x0, 0x0, 0x2000, &(0x7f0000fea000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:41:04 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
socketpair$inet(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r1=>0x0, 0x0})
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'veth0_to_bond\x00'})

03:41:04 executing program 4:
r0 = socket(0x40000000015, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, <r1=>0x0}, &(0x7f0000000200)=0x5)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000080)=0xc)
setreuid(r2, r1)

03:42:03 executing program 3:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r1=>0x0})
ptrace(0x10, r1)

03:42:03 executing program 6:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)="2e2f6367726f75702e63707500eac5bea7af575a45fddd5af3a7709295a69e7bc5fd0592bf2a4dc8ace908be8842141ca2a714ed0163d4afd8ac48123d4869e05556a93347d6a7430e03a5f2beb186f16bacf2e4dcdcf3b9ff1d99165ce38d996e7798fe471d9a0d81acd08788fcc9892a2487efcde7a649614b14ba1c18", 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000180)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)
pwrite64(r1, &(0x7f0000000080)="e4", 0x1, 0x0)

03:42:03 executing program 1:
r0 = socket(0x10, 0x2, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
sendfile(r0, r1, &(0x7f00000000c0)=0x4, 0x80000002)

03:42:03 executing program 0:
shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000)
clone(0x0, &(0x7f0000b53000), &(0x7f000084effc), &(0x7f0000c35ffc), &(0x7f0000000140))
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
remap_file_pages(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0)

03:42:03 executing program 4:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs\x00', 0x0, 0x0)

03:42:03 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, 0x1c)
write$binfmt_aout(r1, &(0x7f0000000080)={{0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}}, 0x20)

03:42:03 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
socketpair$inet(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r1=>0x0, 0x0})
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'veth0_to_bond\x00'})

03:42:03 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000040)="66ba2000edc4c2f90089c2dcf8070f01ca660f013726660ff19dfaffffff64670f06660fd58d0a000000d19e650600000fb04b5c0f30", 0x36}], 0x1, 0x0, &(0x7f0000000100), 0x0)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="640fbe0af0f75100ba420066ed360faa66b9800000c00f326635000800000f308221990fc71e27000f216d260f2134baf80c66b82735ea8166efbafc0cb06cee", 0x40}], 0x1, 0x24, &(0x7f00000002c0), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10004, 0x0, 0x0, 0x2000, &(0x7f0000fea000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:42:03 executing program 4:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x8044000000201, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080)="0bf5430f0003b9", 0x7}], 0x1)

03:42:03 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, 0x1c)
write$binfmt_aout(r1, &(0x7f0000000080)={{0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}}, 0x20)

03:42:03 executing program 6:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)="2e2f6367726f75702e63707500eac5bea7af575a45fddd5af3a7709295a69e7bc5fd0592bf2a4dc8ace908be8842141ca2a714ed0163d4afd8ac48123d4869e05556a93347d6a7430e03a5f2beb186f16bacf2e4dcdcf3b9ff1d99165ce38d996e7798fe471d9a0d81acd08788fcc9892a2487efcde7a649614b14ba1c18", 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000180)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)
pwrite64(r1, &(0x7f0000000080)="e4", 0x1, 0x0)

03:42:03 executing program 1:
r0 = socket(0x10, 0x2, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
sendfile(r0, r1, &(0x7f00000000c0)=0x4, 0x80000002)

03:42:03 executing program 4:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
capset(&(0x7f00001e8ff8)={0x19980330}, &(0x7f0000032fe8))
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8955, &(0x7f00000000c0)={"ec6f004000"})

03:42:03 executing program 4:
bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x47}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x9, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x0, 0x1, 0x2c}], {0x95}}, &(0x7f0000000040)='syzkaller\x00', 0x9, 0xfd51, &(0x7f00000001c0)=""/251, 0x0, 0x0, [], 0x0, 0xd}, 0x48)

03:42:03 executing program 6:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@loopback={0x0, 0x1}}, 0x200000a0)

03:42:03 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f00000000c0)="b8679a00000f23d00f21f8352000000a0f23f8360f4864c563b9800000c00f3235010000000f30642e660f2e188fc86095ff0066ba2000ec660f3807a431224a000066baf80cb83ccaec8cef66bafc0cb801000000ef66b880008ee8650f005725", 0x61}], 0x1, 0x24, &(0x7f00000002c0), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x10004, 0x0, 0x0, 0x2000, &(0x7f0000017000/0x2000)=nil})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1385.356630] device bridge_slave_1 left promiscuous mode
[ 1385.362197] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1385.372451] device bridge_slave_0 left promiscuous mode
[ 1385.378054] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1385.795258] IPVS: ftp: loaded support on port[0] = 21
[ 1385.977926] team0 (unregistering): Port device team_slave_1 removed
[ 1385.986443] team0 (unregistering): Port device team_slave_0 removed
[ 1385.994668] bond0 (unregistering): Releasing backup interface bond_slave_1
[ 1386.005993] bond0 (unregistering): Releasing backup interface bond_slave_0
[ 1386.025916] bond0 (unregistering): Released all slaves
[ 1386.338611] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1386.345010] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1386.352210] device bridge_slave_0 entered promiscuous mode
[ 1386.377142] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1386.383660] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1386.390573] device bridge_slave_1 entered promiscuous mode
[ 1386.413288] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 1386.436405] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 1386.500663] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 1386.525995] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 1386.623609] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 1386.630723] team0: Port device team_slave_0 added
[ 1386.652563] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 1386.659691] team0: Port device team_slave_1 added
[ 1386.685155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1386.709641] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1386.734709] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1386.758849] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1386.966436] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1386.972848] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1386.979484] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1386.985876] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1387.706755] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1387.781925] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 1387.856911] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 1387.863116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1387.870721] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1387.941168] 8021q: adding VLAN 0 to HW filter on device team0
03:43:07 executing program 3:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r1=>0x0})
ptrace(0x10, r1)

03:43:07 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, 0x1c)
write$binfmt_aout(r1, &(0x7f0000000080)={{0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}}, 0x20)

03:43:07 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000003, 0x100000003)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000f65000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f00004aaffc)=0xfffffffffffffa1c, 0x4)
sendto$inet6(r1, &(0x7f00007a8fff), 0x0, 0xfffffefffffffffe, &(0x7f000006ffe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
sendmmsg(r1, &(0x7f0000008400)=[{{&(0x7f0000000040)=@l2={0x1f, 0x1000, {0x4, 0xecc, 0x0, 0xd, 0x6, 0x40}, 0x20, 0xff}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b524992aede785f8b922318d48bd444e766bca0f5bb8020ae2875481d56c6c3619", 0x21}], 0x1, &(0x7f00000001c0)=[{0x48, 0x1ff, 0x1000, "dc3f56667ee88ccc16a3ae37419d0555cbf5d9cb1a8700eddc5b53e8fdc374c0ab9b07da2a7a051a1527210ca34f56af5a7aad68"}], 0x48, 0x1bc994861b8f8b4c}, 0x92b}, {{&(0x7f00000008c0)=@un=@file={0x1, './file0\x00'}, 0x80, &(0x7f0000002c00)=[{&(0x7f0000000940)="80bf68c49a1de7ba879cdad7bdeac2e483f515a3f8ab340fab0f726dcb794ceb1a267df11c833e778c72e164a403d9d9cba2699dd35ff0a7f0c8b7c7167829de044e50287e4e4edb7c416c7e06eba2809633bd7e412a949ef89728d8e98550ae94710f3401984544fffdf2560f15bc01b17008cddfa8dc72a28472666c71a9dd92ab04369258c3cc968e51f9544a0ee58a5f7196e6", 0x95}, {&(0x7f0000000a80)="2ef322e6102c1f3ea5897107f72f63399a600c584ffe7ecf93863d2b6a01916e03538431e954a6d440f75d53d4359406fb1cbf0b7ec8e393518e7ad760eb0f636a82dc0c40c2c19230587cb9eb63d908b5f2f30fa4a7f21a3627435fb6fd21b71ae7944402e97c91615373536d96bb950826be585c6553c83f32f7b0c5790bb8ac16e0226b9f0ea6906662941da48f092e6b3ddbb9276d87456ad6dcfbb9ebd208ccdcda87fe1ac6b42a", 0xaa}, {&(0x7f0000000bc0)="322b7a8535fff9b5f9fe8b997ae0ce0f1601564e7420ad75ef3c316d8e5859b22750273c285869e93d9fcb204bcf423b5cd557d62783cc1e1812aa8b492e39d28d6263304c033b992a514145b6d8d0c4658a264bcaabf8330569dd4ce47d15036bae16af480efbf0476e7880cb0b424d72094c737342a3c038e6d632f801fb48e9902a2acedeee07ff09330c0744097d23c541e63512c7a5b381024b31abe029d82699150305aea84ecb9561fff69c28e93a6bbc45e9af7e040093bb60a6535fa266cb1eba41a74cc104bb81ffb10a0704e7e163a16744b2c9f6b6d59704bfabb47536394ef37cd87d980d7b5ce5495d76cd2b87a9602fde8563a9e5eb2d39e61c5db060e454b8ee7802214736799e892d4158874247d52dbbfb35588e18d966e4f4471cc053dc7d588f7c984dd25cf519775bbfa06ef46679262e682b8731d5921ef4beb183afb6e4c2419eae303e66f1cc07eda153fb6afd64eba1520e28ce42341ead88f616f9c4736c31d0166769aa3fef0d0c9ce231844e69953fd6890a30065bdaee4ba28ecf9c50580f0442bd0a7cc182a788ca52e007bf26ff17e9b1703efb682a95c8c4c76a9ceadf76adcaa56987ec8956724564e4d4bb1f5752027bb17a9eb4f6af2989bdaca99c8312f26d49f632814f5e4bdcca3226bedb6a32758c2c4c3a7d62fe9d9cfe83b2718cbdc57b2a606bb6d6ca66f3f4828151110687087e763e903c5788bc73a1a4d9c06bb1a2d1ae083322669ae445d0a0cd75b78ce7064c29709e65771fe85c858dc9180ac57f6f020a807b3689dd7c574bd7943a8acd54c5ca1b8c75c2a0a7e7156e5c4b0a0e0c8dd6ef63571dffc0c79ce670916b513cec9b09f46988fe6682201e3ed0998392ce356c0635f6e1fb892ac88fb9d17c186676861fd14f6eb4648112e5df87dc825eba6abba17a289a8748d6d01f6eac0d86e222f4a3214c75ffd0db4e3b9689c61422c8cd2ea5b78067f47a1879bb18d0fa8546bab3dd64a0c761a4c50bc724ede057b6e71060efa5ab97cbfb829873c5116f565d5410d6396ac8598df7b673625e0122157fa0e7302e939a64e45e902d661a5e2595fb54f4781d7afa40f3c5c45fee0e40571b78d447f73963d17dc18cefaf80e36a55654581abd47a9e6e4ba7b36e22685b2ef5806044387e8d40fecd637ee2fd1344053a62a1a84d62661276b4f5a9a1ef1fa88bd520fc8abafc6bf36045c467667865353a652614b2e9f39484c1c8c5f09ee18c7e5b87033218b544e6aab3c495b18e2ecde61fe10715911d865adcff4600b89a3c9557a504d3468e060e714e7de218d6cbc5aec79c275b4e61814d1f598fc39f84279e1e835a4411bd2b1b8d419bd68897ce5e245868c9246cdcb6ca081c72a377506cd5cb67a2133983e6868361b8ffaaed55d678441b1a4ddbc237641336d6515379c9cbf31f9df827c6e9801b8ac7a7db5d40ce6c4b1983d85fc3096ab7744bcb1ff5abba9179ba0e1798fd04c5145759eaa7acc8b042db4dfa5cae9c7b2420ecde4a06cbba8524166cc0045ab2a8f1ed02fef9b7a16983394848f008c7868c74a72f56e1dd5107f04c315d63c14c65958bae2d8caa732683ab5e4bab480503b01db2fcb8361c05222740e4d9fb661a487491c8b187b84e6625ea4e732ee67aa47a5a6cd46957e8a2e652c2e6a79fb0aaf2a2b012e0d364f571c86c7da3e073b2364033ee6447e96b76b6a858f546c0a3656fb807ed124729315183229660b35f5e18f6d5802f9af2fc871a76d1d7258a364b5ca7e901cda33e8700abfb404781be75442451a2fd6fd06659b18935a62da2b56054b933bfc0f5f48e389cf2bc21f4d7fbe63c459fca9212a16e0a7ed5ef902bbdd0a872d070f627f8ecaa71ac23556c3f1f8dc1b231ab4f6c85d6e6ec7a79d500792e1986472ceb61ec8be03b8c52e75c8ae50784e25ede4445fc40a4066fe7231ba53c401630a44dd63709449ef95d2cef189922a76715b4b0f1cab1d82abb21475fea8a278b836fda595cab52c601d1c67fea363064382f54ad918722f2dcc17f4b1e4c9143d6716a727dc0ac35ad9f1b064119295dd840d1b3dd459ac6e8292782e909b230675589e474a247a698886e4cd3bdfbeec60312516347d241652d87f3078977f24287d2100d6d7c2f3a1fa336f00f3ef1bc6a1982c705f6495a9d9f73b3234a8f2af51c510e5c454b260fa466765edb4d368f65c033c11b454d3fc50ba92255959b2f131182cf42c45b9260e3e1f6b7f67988b1eb555f01f9ceb15a3adb9d75691063a35c273a654345c91f1626414c30ac07ecb433bc98cc2053a8a469dfe3a66849fcb9470bc3fc1aa2b5945f4b57ae2ea912eb8f622e45a525dc32f3e71d0315b230d412b68f223087dbcc8400f7e890dd21834a49ad51bfb9723003247f795440f6da3a052f5248be9ed0520e99c3a13932b7d7134c5b63394a8f2cc5c488a98389d7b68d624cc2a16043870b30f3154050effebc16d86f4a10269a3ae2e53c3a31f9cb07c22dad3997dedca970c9b4292f72c0b8601fdf4d00779be581065e3a0df9f6793c367c4901e75c1e9a003782eb6311b2c2b5042efcb7ae9f902cd05925c673931f333b23c0f4a69c1fddaf1201eb370c068e21037c61b185343ef72584f133d61d773ef202fd374a6ddbc2c2edd90254dd1ba49a8253d6e63641bfe5a3de7154b170c70690ed433372f647d6537a8f379ceebaeb4b2765d0417fa61b548397b2b89b85c5b29ee425936d709b8817c18c306522a9b5f553cb2ce3497d6901bed69b95ae4a9f79b4e6835ebd993d367e407417766363db11683f3e1078703bfb760ca9875251e3b2d32cda3c5a7453888eb71e6e09004aceaf97b362f099ac9a518318aa35cafb5dcb9e1b1490e8c381eefa9eef2c84b52b6eed463b1e9bac326ded0dbffb534290c443594730edea3f90402560a3cceaf00f4f0156c166600558595b3e727bd074a98e572fe3aa880d46d48460c316c87e1d8e616582230f58b43b40aec53a6c71f077f1a810a84cf7291f7714de66b62182da97d1df13fc3648a0042b4900f9b1b1346dd024a5d79f8c9afeb08c11391098c80e255be8d64ad1fcf8811acf2d1e1cc7bb085707a9e299ac864ce0ff8e3b5a8fa3d114f7b05227d0752e41c0dc36a0fcd9ea35319cbe57a2bbe856ee0859978ceca7b9538442423d8fb92bf8c22668166ee72263ff9e2abbb1ce648445cbd0d7428d6d2f860917b0e8a549d6854ac69827918373e4f648a243d21d65cd1fdd44f25c0a6b22c8b041425d8dfdd6c4c4318f7f6dd573c07ec95046098a8007554cecddd007a478a2dd03c6c0e754f621026441a7b1651d1b31c8a54e98150a578eca9161dc7690cf7481bdf8a2f371eee6428b94f4e4c7b8d31b8eae3cd552f2f6d52bb60a9ec633609cc116c5c3d5bb83121abd4224aef8fda4332800af9941de05c6f6eb196abebfd6217081b7d52f767820274620e250601dfcfd7c80b2525bbee08c493a7fff10eb794fdd37d8a9355165beedfa043042740fb19496c26de1bbbe8e14a3f16fc76ac27844313bcc8dd4c2fb34e3bcde30f77b05525e9267e8bd893ca6fbb257c641768102696b5e3d48dd1684f0133a7dd3915b3f2a5077a9e2a4fa8531ba92de518d71971ab4a33b028c9941e9633dc7b7a6c0690e3f04024107f0a9d1e9cc2850a398ec3d54333089465223903230c14b0dc70ab6038dd46454db534cb7a033dbfd6f4af6e1a872a35b79245d658a6e63ae42adcd615f35216127412752b5c69216e1f0cc99954b3e0519a0492f0659c0408d01b6d224bdd9d3801e477d08533b16aef8755827980ee8707ff8603e43209a383800d56491dbfa44369fd41e910ee33669ed70294404cf89d940649f7725c9e006feb9b341073178bb2342a5346dbd10aa4647f6dab1e06465b42f8b6d77f7d4b254ca04dab32fabd17fb5b8d6b1124a32717b5923f01590e589945ede1221760f3ec3fa010f5cd4c6d717e3afab14523776ca4d519318d69743885d4dc7a77b79f1b1408fe3bce01e842ca0cd81e39e828f775572ea646af048fca57ef6b428deb80d2b75bef775d82da8e3196795e34c557c9cb565e8c7bf4a955ae305f9633d69d3269bcfaec69ced0da7cdcbf1ac18719292eeb58f379a01a61b060c9ba062f822e682290e0dbd19ec0c091f8028e1f7d7d488ff8084e63b63aed0f98aafc403cde7f12a6fc5e70fc7d4c000193c2baaefbba71d6fef29fd58a7391fbc1f0bbbdf67ff6fbad9289f74c43b383b8fa3dbba3cc55bc5739d691c40496895bebf438825fba0a7cb7ed073ef628fe8788c8884407dfbdb76cbb4cf15d6d3ae8ecbe4c3d618037d5eca6589a5495762feaee8e7f94c67cd4acecb075a57bf5ca9e8fae3ab090f222c7989b24fc8103febadb5bd3f1452def1c3da625c98488636fc15f75f13fb260b65a29fc2e6f578b79149174b7453d47b66ec6725b6abc2d40d9ccd257f59606df87adc73ab7177907df10c0e282869efb0ff2ad55f738b5abb587594d4f5a5380884cdce6ca9a588ddb62b5270c87b329df04aad5716e68bdee585ac38dcdad4d19ddc968ace69d4a6a5ab408a4da394234c9a36376f42c60a8d0924dd0944b1167bb31e3a4f01adeca5512ba504885b2357a5cd847bc63c457500771698dce3bb1a72707c60168e33176a2134e41126c4de0eb610fcc8207961ec161b77401115a0d26123b909187c3b0e08dbe78d569e2f0400cb133868fd689b28017de0886e11713cc714cf06ef2ff1bd5dea7487e0a91420c7bfe4f24077ba98f344fdb0707892390eaa92b8a7786f1a50288b0c94fa017dd4076b87f55544195ad1279b527dcf17d0cbfdfa4ad8ea1eb9972ff8b181d82a3a52ecf1812f329cf2e4088773dca0f75642120ee933ade87e39609581052a4cc521d18340ebe2a110673e545f45d36314ecfa33e15b813b1220a49a1e66f7c09c8332a63e79cc470f3813408231f46801281c5b389c20f8d96d40dfb3bc97b92bd6f063a50e8cd354b41246750f63afed05a3a7341d498977971dc21e1ec942690610db9100fe5c4ba3a9f8368cb3cfb72938f4cb681d94338b66690f6d470c80e0d815d45ca30d7795c0b5f513f33f3906a2db44b7a46083c6f07df28b51baa45dd38f4a7855ed5e05b6f257539877b0af38717ac4b83793cebac964408d680cbd395d9d6a4f881ecd8756711da04bd537061a70dc4f9080281bf6675ad727d62d74e5f42d84f32edbc4a98164d0a03a7a3d9aa63f6f47eed0d5cc61d6393940dc780f24e093c1e3a544c63820c710413dd863cd573657f4e5e3a440c76b8a0ed7c108cfaf800194738e9c15fbdaa2311414af984b88f46f7828c43fac0653db8d82d8b3ae31f4ee7fa64963808a0362d05ece1ad161fc9ccfe6b036bfbcbbc5d390828cbaca8266516bef5ffbb55311d2dbb6813d4089a9ef38cd45d1c2ea3ffaf04381d58cfb9d773c7de4c28b825c828dc4ba2687491200f1e40d9be077bb0043e850452fbbf960a9ab9865fbcd1bbbeb07a6b49989d16f2c7ad1660aa97378cfb1d267dad3afd3e0cf6937a1b12116d6b599ab732a6fab232585751e6b5e0d9f03820b05500d60b18a07d8969f3ca6336415e6ebe1dda363a552968497601f6c7e1261d7638bec814644f41048e3d2951f8794fbe3e96eb1d8c1399e9c18adc5cdb8117190281c8036220fdf3b550cd10ce0bacd3a98c46b401ded2514f41e0595dfcae77ad978ff9ba1e0a45c95ee9c", 0x1000}, {&(0x7f0000001c00)="549fb9fc727264db2346f50a23d1a8c00672dd0ef5dca20aec8a5557bb52d743791a2f4d8450c1bd2fbafe3939c4135b5628e0a1ce6668dd56ef397b7bb6584ce633d346f9dcfd244766f3704acd7c5fa777069acea6521722c8ca61a865d42b967c08a511e42d7b6862068435c1d3ac6c9b1af0fb0d5f163cef3cb1432191fa2baa113db9ebc03061183878b5587201e8e4bb276c8916fddea41558933afc0f357edd6bd349e69395baf9eb0d35469990e743ca986a3245b6e586d25c1c061d30328ad61c19b070c422f6618474d31fc735aa08a1f1b84412e890fa36b568caf1c63a64adfc165d6deda4ee8e608f32b8acd44e11d64aaf446172db19e4390dfdc04d9e23795572154c47159e0e8efc9721f7f05367584780640e609432a869c8d6215e0f894f31a701852ff9ec66ebf31165b841f3c8e9826f67058d1551963309d61196bce50e27ba70c47ede87b61b0005354396ace3d47d26b02c10a10de23431d01c34f8bd0682c37fb5b937afe217b9492fbbd46648ae34c96f75bbc3efed70a6eb98859c9321b2c8339fa41fbee5d09986cbebb1146eb419f07158b5ea3929eae266e9c0a976091026aef5e816dc3376f5a4b8120e6721039480ad164a634e1e9e473e1215201d27837e33dcd3cadefd018cc5d4964a9814cce38172234941af58ae526ace1ac02699735c9c2e06ac25468b9f7902c0832986ee7ffbb1ca0dacb29cc2ccf588558223fdb7ce2d855548810ce8064bd786e6b1b7bb53ca503268817c83d87ea274ed9ce93e7a76a991ef99a84ebb71c5efaa44ee0a6b81d2db4d321a6cc88523500c612203ed033f6b6dc1c40bfa3575483d15a312db56d4fd77a7a771d02aca874981d4d0a87fc04327adbf3ee4485cd97ed18cfcb1c912643e99f179032047e86e8d83d011ebcf8f3e0d5476dc8bcc9c2d7f8cec8a52922cca7684f0331708dffee66dd1ff2df1d3f790347e0b8973d7b175fada8b651e82445b2220217515eb57c5672d19b26453492cfd5e7b0252d1614914785e87e50897e8c1bc26edcfc24e6d3fe56a57de70ad396fac300ee37353619682911a0b72806f2d1f3534fcab915ecd8710e2f495a517e4e279b27b5bb29f291be800b75b7161327dad2941380a5a85d682897558d45a39c096c10f9daba305b32f41b00e3eebaf05bca816b37d0ad321c3175621ed237dc9b02af8ff69f09a3001ae50dd8ee6173621467d8be64ca3a0a9fd4dc551deffeff234382b1b7b2a3e997ea11e53b1fcf0e6e6cd8cd36b3877efc22fcaa63262dafb73884c7583de19041bc2e125fbf2629d96fc911b0b0642078a57c76f612368c5b03db80c0f887bb3345fc1ef2b88f2858e4cf28c6aadaabda31e67b1ff2f8969cfaade5acc802b1d07230b3fe1b199f19cb41a0501ed343744587e8e63d472d195a1e8b2c0c5f4cfa480c95314222f55a617f49902567e986d4d82672528402e9c55ff40120be4d273301233ed55f7f799cfa2df31d206eeb3dfb45cfd270614f7c25605eedcf8f9ccca25b082aca38eb08136371effa2e236eed654ca8b28087c2c3f3a6c8acfd28d2402d38ae649bf39807a2267a8685d8603985f9bce1d81f8cc633d9e07f66afa30b646cd62d86e95a826c705baa5b4421090b8fbffb862abd578d0c275a3f9c29e7cfcc19e2a601fc394ae9787cc1c43872fa2e906ec9812de3aa6be1ee299dc88cf6f16d3f3928f388739e1e030fb7377866eae6a6d3ae168cbc419675f74cf075c01a27933aab0b7186cdd9d9217ec96621893578d25be39e29991ed7887ca7022f51254078ad9759fcf2091c521c077775987922eb8c87ec86a94dde2e3b7f092dd894549b64388adc5a83f259637c77a3e314bd1f9496b30ecf3aa318dd3bb779d1eba4df3e4b911c344d3464fd73c775e202edcb27224d597cda091bceea96e4582e9c05d0428bd9d08f49ab2c723ca19b86c5ffb3a9433194c82916914e274fa92197c47c230d7bec2748a7fdf530410808ef8997d3253c9cdb8eae665514e7b6701bb60785e5283a4e438bb4fe38ca07a8a4e55581e2c8548c7897a6d211616b91f2833169ec586495ec8dfe7a1d9ae6e06c528cbbb5403641f79af9c92ca376b9f5053086d3c36fc905722a39aad8e637d75a632fc2c9c4bf7a1aed9cebc5d0bf6f524214f55eea0d4f502df91df83187a19b8c89181af579b45fa808267a3e27a17bc05bb0b33173e9a85021fa1920d13ae186022e27946d35c2db943065befca3c6eae647032d928e275e5524ada71908be395cc6cd18939a3ebcfa08f8b804f8383c966bdd8ee4c39ff0a7010936dc2175db30468cfa9ecc60de3d956b76eaf64f8cadc7364ec53714448c93f7221982d730a1936c69aba6d564a040486bc241ca91bb36972c96f9b21d43ba519069009388db799bf0d73b7c6e051b71686c34a87d5d341942db1240f7e0681b1e5d7a120007adb638e40c9c20f9de7a71147745ad1f18359bd09d4bcbf2c4ac6362301fb29813effaba08a19c020966e2d8ede9469c6aac4231714e5350971a564f78e08025cf6140d826dd28bae00f6560c0da9f04fcb628f8896b97106f1150e50b5f825d080249b76b3698d5f20430b41bd5fd0788ec016d8ea49c41c5b9ab37df0fba791fe022051aface508475d2f791a6458359c8c634e5a646247fa171eaf084c0292d052b5d030f1ef9d4e9ad9b6785be560c9100fcf83fed55d17870340a9ae63fbc8670e1de04400bf665d2c6f8c112c1bdc7b99e1094592c16224b599d68fcdf14a37125a2c89ca43802802c7ed0e604b55a1b3a8257ee9ab6a6f82e5be841c08ed8e16bf1b39f2f30013cb611f6451d7389ed818c0a91513ae683509e1f18d25ba5012a7ef390d0ea8b2c8f284795a7c04e2e3e45cd9fd4cc010f97be337b3964cf38bad9282064b202bc58c2aa4a6c8e24073d5615474645d6ffc1c34d86444522f820837324c3c3e5db55fa3bd6661067db5f29856033bee83c180e8ef5bfd14dab8b886c41780796790a8a1124afd809ed715548e3dc58c60d84831e3f6dae4f428a848dbe6c9eadd91356c0d080dc6e8904f563310902f5cad87cfd87dc8d910e46bfc3d41dbb9075240ae5712d42ea28ff193c6974a9ad7edb85221de99ec65b43cccd9e6224de373391c9ff58bc938834c5937f9dad6eeea1a24a113c81aff8e79b608574063d91fe6de8961906cdae188036402316522abf9d5297d889dd259456e0aad199a6a8c52b3fca4f69784c0adc8c475b327ae43d12a1131f43b12569aaa3d2bb56347d44303b80af52b79a5b0bc118887fd060367ad2b1e822c70803c9771f25c0b6eb6707706c9e79e103956c5f65e97037481b65bcd3ea560b21d3f0c59779aaa1b129f1551b606c138f1cd9dbcce8826dd5f1eb0a46e41118d2145e8df3d3ebbe36ce5f12132c13c737cbe62bae2d8dff92d462e91dd8931615f43b9e49230d43b9d6ae6a0510c89f0e8ceb4c0599d756d84423b56e911d74ef43f9d79cfdfa8c951081cab567b2650b40fa02e20e1396c927b861e32c6dd7f09b43d48d44874afa463760901ddd92ace11788b656fc7661ac89442852af87bf7c2cd0424688e9192380a0145590337b4628b00cc103d4f0462e180eeef2eaadeec379307f5db2a7631e08a5c8695eeba7c1994e89525e52d93c820c1f8834239c0e9af04899ac96722cbff025720048841e5ad84a0c441789762042c8438b1b82890d2040749cb67052fb549438744977a190aa638aba397f5d6c9e802fa4ce5844fa308eeb3eb6a8ac3576d51818462839a5c449baeb8ffa1be566685f1bf7bb3f0aef720359458d10495f2e406e754f89abd1f80b495bb8559429d65e641a86f93cc41d20406162655865369afae6449cddb3e5c3f801282eb13853a6f4ef9fcea87f80bbfcba1fe888e2cf8ae6ece60e74dd904a42137743cf4d1dbedbd95cb4eb9671f771aa6c81fa716b3cc876c8b88644ebf407c49e55ae99b32bfb774803c72231af4b1892101d70bb828b2f63823316ddee3c6459ad2f35377862468708471d44b6f44cc0c1d29b02dd264ca3c24ece069ab46c23c4c4887a029794af74b93c71f0b50932c9406fbc309f85f81ed05862bb58c9d921761aa8455dedf42b744bf09807fe79aaee1be137c9ffda295d72b06f5b65217b5e2d999c201c1faf48cb8500a642976a7883d05952a1540aa4f45fa95b64bb39e433a5397242760521258c99cc635d1d710485e9dd80e452c625567b06325c6cac3c765f7d1f44c280a19fa3fac6504a41ed5c2adec0c5bb7cc5fd804ec12d08f66185e590eb28845797eae3f428b1e148d005acbd58c4a8ca856dd8cfc5de21f09b8ed02c1c60a045843f68891846690b064c18273c615af5c535d86862c0f40339de83731663380f879e18e8829bba3d3d02ca15435e0fceae19cb28a0c614ea253a8a9ca26974149546efb3d7fcc3e92a28ad8dddcd6f817a3056f10b274ac83f5296ee7e49614f4fb62552bbd7d1c74e84073105af8d6a0dae4efad12afbb6fd94155b55fe7519960c5cf5cd91d16b739fa9e4b42a6a8792d7c9182fc8b7bd30c76b64d53a613ae568fc5fcbc7b69e786c2972e9f406bf84a036d33bc0c9ac01242ab835d5ee9345108531bede81e371548ea5a548ea86da5c8b33f4d245a0ba3c68129a0fd0aaeed956d5dbe1665824b1f45ad064c4664fa3244fac7e561b1f3e79c73452016cd7b5be3a222b2687272689c660a94e543b483779b14707a16ebd4107b70b19ca86812292885b59e6c2c4c5606924e815afc1e03c6fd65af75aebeea3720849a630a58b659522c09645620301655affb8f0895ea4522d9b6dac461424c5e18481b3298b6f831b44bb83b1ddb641f08c781d2df289ac68f7170ec6e64db81df69aaeb4a29bbb930d96b9daca51ff284d331030c0c919926669e586374e9428e3a709839cd24ae91917697156e15ce40ac9ada0c1c638fd3dc136cdca0767056842a02ca8355ce6bed58d38fe2a825f235143b46bfa532a2cbf8d1d74aab55481b61beaf2cdcb6f5ac981038f1976a4a4d4fa8834bb8105d5a9fd6e2436c0e585f9e2e96f979cb9ff5aa1091c0abb971826c352bbe0869ec762fd86a3990b2339fff3ef32fdd9fb88e4fd999c11cd7277efc806dff3bf8151cb6cb855a088fd7c7ff083b608fe411f3b0d07a937682ad2df0409654143b7135c15259e1f7205a073f8691276fabb3891b9c47d509620d759c79b81fe30771e8e9a0734f4298a0014163616852566a63429d8ec39abc7dca4a479dd4351d07d32c144776ccb733cd28a0fe4a8b5ed8b80828304150bf3aa6de75074980995b15879f06fd53ace235a7fc3038d9e0ac48c453dfecfb6f46f65e0ff178960589dac7992945428f768c96da0aa299c3495a05f26f238d52fdc148de4f32296731c9b90ec785443d7ef8a3df6e8008347a45e0616d10e2ac7951a9a19bc9b685655f08edbb141d09a2a6d3748846acf187238b78c2c48d1f5ba145c7f1337c01f9c332165ac2611ae1d56b91eecabe525d9867d510326155d53cc2324c36277445c3e6986cedd996997aa84b243876c6a3e4a82aefbfeb8b069ebcc2fe2c3be026ca75f0acc345baffb5deaea2e1a499a5de1435f77ae29019fafd5f662765b705df110087c6e31e56e1d4a3fdf62661266c294c455dcc7bb2c3d6be8b436d6514b27c6a6a7d9f690756d8762bff7a34e41351a57b6a1d5c7364078725cafe69521c3532b7bb6ddad9f1e2", 0x1000}], 0x4, &(0x7f0000002c80)=[{0x108, 0x19f, 0x1f, "2dab67317eeedda7db1bacfc6e49197d40b9b4736a592bc601c66aefd4775818a74b1805b0d30a2ca2623dd2bc12637f721f2b06ddb0f1dbcbf46f75a30eb1c99a6c38fb364baeddd9bab55ba999900009b958180339bff60b77abb6b08b94fd48904b47216bf712329896e7bf832e3c7e2783f24a67e5fbef21ef304fc43f73dfaddfa4cf91950f07ec1dceb4c4f5bd03bd5db5c768ef772169cd94b9c3f55277eaa52338807c6eca39990a0abfea0b006b958b498eed73f914773310e3aab718a0c26ae361cb2c0e3dd0814667cccf8936ba911503e8d5b2bb24d5e191a8fd53c8308fb344ecbaf621fc3b585cdd11f4b1"}, {0x50, 0x119, 0x2, "11ae421ac885c53fb4489321db15eb6420fb87852ede63bd5271723aa8accb3103ab3fd84e1cb85b142e90542f2748df954089d970cecb7ac73677a3d0f0"}, {0xd0, 0x0, 0x401, "0cbd7ec1ece3124960c0db355b5d5ed33af7bb03bf25580bacf4c6856100d304ae679405daa97b2d0decf0c6d98b1f65c19dcce089568b0c92f0ffbd4badc0936bccf088dd33c1674a380dab0a526073761571aed5410f09a73520b9ace7bbc79d7246d016a83951752eb439f38ba2efa6235f154a8b8e72d1c421f266da9a08014f4cf45e0875cb93ab4891a635bc95d4249bcbdaddf86b293ed269bc15ede5be48a93b67d86546868b9cde0aa579d22fcfc17cc73e16b8ddee40"}], 0x228, 0x10}, 0x2f}, {{&(0x7f0000003100)=@ax25={0x3, {"8bacda7aa4e170"}, 0x7}, 0x80, &(0x7f0000004180), 0x0, 0x0, 0x0, 0x40000}, 0x400}, {{&(0x7f00000041c0)=@in6={0xa, 0x4e24, 0x101, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x5}, 0x80, &(0x7f0000004580)=[{&(0x7f0000004240)="fe424c878338bc94bab5b3f705944334de74268d99dd7a86c02e3e092a0fb2d0de770d463135ea05470f1de80c01fc1e9bdd25d5578f7b9b6555367b1c2b660229d46ba357a41f28a0cd05f33a5abb09e792847a1daa609945fd84ebfa29e2c551ca72fd3250a6a26474771a6cbf7ff59a194d0759c3b1920e1ee67b5158f47c4faf8179a74a86ccbbd9fb9612e55535011455e44c8aabca4be9b6179087b0cc186756234214d6428d33ae13853a81d2c3a36dee737817e44f81e58df5dc90ebc3e0bda385e4b6aac36229db6697e8666ae675baf9b2e9d1fc98422d8c3ad4ccd376bac8ea0a31", 0xe7}, {&(0x7f0000004440)="16d9ca2e5a36651caf0b812e38bd5b4f238bfdae97ca6704e100a181cdc359e77f0a2ebdae1734e41d446ffc08ae8ad0e06e793d7002d16d54caaaeaa5b46738f2f73c2e336a83b84e0cca9ce45c3aa7497ff086c19eb3451fbc5f3d09979401cf6f65a6c8cdcce13055d02c22f28b7910a11c38c9084bbe7319eeb987e023df07d5ac6dc1499b197217c7f2611662461b5d135707d741f2ddd426fd154927deb2e62241a393b4c7bfa3879a7e786e3be04fe8fd730b985e436d5db960ce13ad962030097458cee78ab085889b502983b5b5995206", 0xd5}], 0x2, &(0x7f00000045c0)=[{0x38, 0x19f, 0x8000, "b27266a0d4f024fe1618663b22539166c6d5f28246a1fd981971132100e7cb8e477466532f"}, {0x50, 0x11f, 0x2, "fa66186b48663776d869aceb221319631d744ce01ea3d2d849d4103d0429079e978fd1e094d2bbd9f261f2acd0f8a6eaf261d359fa2cf3eb731617"}, {0x10, 0x115, 0xffffffffffffffb5}], 0x98}}], 0x4, 0x0)

03:43:07 executing program 6:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000280)="295ee1311f16f477671070")
r1 = syz_open_procfs(0x0, &(0x7f0000001b40)='net/xfrm_stat\x00')
lseek(r1, 0x41, 0x0)

03:43:07 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000040)="66ba2000edc4c2f90089c2dcf8070f01ca660f013726660ff19dfaffffff64670f06660fd58d0a000000d19e650600000fb04b5c0f30", 0x36}], 0x1, 0x0, &(0x7f0000000100), 0x0)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="640fbe0af0f75100ba420066ed360faa66b9800000c00f326635000800000f308221990fc71e27000f216d260f2134baf80c66b82735ea8166efbafc0cb06cee", 0x40}], 0x1, 0x24, &(0x7f00000002c0), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10004, 0x0, 0x0, 0x2000, &(0x7f0000fea000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:43:07 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
socketpair$inet(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r1=>0x0, 0x0})
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'veth0_to_bond\x00'})

03:43:07 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', &(0x7f0000000040)='./bus\x00', 0x0, 0x0, &(0x7f00000007c0), 0x0, &(0x7f00000008c0)={[{@usrquota='usrquota', 0x2c}, {@discard='discard', 0x2c}]})

03:43:07 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f00000000c0)="b8679a00000f23d00f21f8352000000a0f23f8360f4864c563b9800000c00f3235010000000f30642e660f2e188fc86095ff0066ba2000ec660f3807a431224a000066baf80cb83ccaec8cef66bafc0cb801000000ef66b880008ee8650f005725", 0x61}], 0x1, 0x24, &(0x7f00000002c0), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x10004, 0x0, 0x0, 0x2000, &(0x7f0000017000/0x2000)=nil})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

03:43:07 executing program 6:
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8001, 0x5, 0x0, 0xffffffffffffffff, 0x0, [0x140]}, 0x2c)

03:43:07 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = dup2(r1, r1)
ioctl$sock_SIOCGIFBR(r2, 0x8940, &(0x7f0000000540)=@generic={0x1, 0xa07000, 0x3})

03:43:07 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000003, 0x100000003)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000f65000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f00004aaffc)=0xfffffffffffffa1c, 0x4)
sendto$inet6(r1, &(0x7f00007a8fff), 0x0, 0xfffffefffffffffe, &(0x7f000006ffe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
sendmmsg(r1, &(0x7f0000008400)=[{{&(0x7f0000000040)=@l2={0x1f, 0x1000, {0x4, 0xecc, 0x0, 0xd, 0x6, 0x40}, 0x20, 0xff}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b524992aede785f8b922318d48bd444e766bca0f5bb8020ae2875481d56c6c3619", 0x21}], 0x1, &(0x7f00000001c0)=[{0x48, 0x1ff, 0x1000, "dc3f56667ee88ccc16a3ae37419d0555cbf5d9cb1a8700eddc5b53e8fdc374c0ab9b07da2a7a051a1527210ca34f56af5a7aad68"}], 0x48, 0x1bc994861b8f8b4c}, 0x92b}, {{&(0x7f00000008c0)=@un=@file={0x1, './file0\x00'}, 0x80, &(0x7f0000002c00)=[{&(0x7f0000000940)="80bf68c49a1de7ba879cdad7bdeac2e483f515a3f8ab340fab0f726dcb794ceb1a267df11c833e778c72e164a403d9d9cba2699dd35ff0a7f0c8b7c7167829de044e50287e4e4edb7c416c7e06eba2809633bd7e412a949ef89728d8e98550ae94710f3401984544fffdf2560f15bc01b17008cddfa8dc72a28472666c71a9dd92ab04369258c3cc968e51f9544a0ee58a5f7196e6", 0x95}, {&(0x7f0000000a80)="2ef322e6102c1f3ea5897107f72f63399a600c584ffe7ecf93863d2b6a01916e03538431e954a6d440f75d53d4359406fb1cbf0b7ec8e393518e7ad760eb0f636a82dc0c40c2c19230587cb9eb63d908b5f2f30fa4a7f21a3627435fb6fd21b71ae7944402e97c91615373536d96bb950826be585c6553c83f32f7b0c5790bb8ac16e0226b9f0ea6906662941da48f092e6b3ddbb9276d87456ad6dcfbb9ebd208ccdcda87fe1ac6b42a", 0xaa}, {&(0x7f0000000bc0)="322b7a8535fff9b5f9fe8b997ae0ce0f1601564e7420ad75ef3c316d8e5859b22750273c285869e93d9fcb204bcf423b5cd557d62783cc1e1812aa8b492e39d28d6263304c033b992a514145b6d8d0c4658a264bcaabf8330569dd4ce47d15036bae16af480efbf0476e7880cb0b424d72094c737342a3c038e6d632f801fb48e9902a2acedeee07ff09330c0744097d23c541e63512c7a5b381024b31abe029d82699150305aea84ecb9561fff69c28e93a6bbc45e9af7e040093bb60a6535fa266cb1eba41a74cc104bb81ffb10a0704e7e163a16744b2c9f6b6d59704bfabb47536394ef37cd87d980d7b5ce5495d76cd2b87a9602fde8563a9e5eb2d39e61c5db060e454b8ee7802214736799e892d4158874247d52dbbfb35588e18d966e4f4471cc053dc7d588f7c984dd25cf519775bbfa06ef46679262e682b8731d5921ef4beb183afb6e4c2419eae303e66f1cc07eda153fb6afd64eba1520e28ce42341ead88f616f9c4736c31d0166769aa3fef0d0c9ce231844e69953fd6890a30065bdaee4ba28ecf9c50580f0442bd0a7cc182a788ca52e007bf26ff17e9b1703efb682a95c8c4c76a9ceadf76adcaa56987ec8956724564e4d4bb1f5752027bb17a9eb4f6af2989bdaca99c8312f26d49f632814f5e4bdcca3226bedb6a32758c2c4c3a7d62fe9d9cfe83b2718cbdc57b2a606bb6d6ca66f3f4828151110687087e763e903c5788bc73a1a4d9c06bb1a2d1ae083322669ae445d0a0cd75b78ce7064c29709e65771fe85c858dc9180ac57f6f020a807b3689dd7c574bd7943a8acd54c5ca1b8c75c2a0a7e7156e5c4b0a0e0c8dd6ef63571dffc0c79ce670916b513cec9b09f46988fe6682201e3ed0998392ce356c0635f6e1fb892ac88fb9d17c186676861fd14f6eb4648112e5df87dc825eba6abba17a289a8748d6d01f6eac0d86e222f4a3214c75ffd0db4e3b9689c61422c8cd2ea5b78067f47a1879bb18d0fa8546bab3dd64a0c761a4c50bc724ede057b6e71060efa5ab97cbfb829873c5116f565d5410d6396ac8598df7b673625e0122157fa0e7302e939a64e45e902d661a5e2595fb54f4781d7afa40f3c5c45fee0e40571b78d447f73963d17dc18cefaf80e36a55654581abd47a9e6e4ba7b36e22685b2ef5806044387e8d40fecd637ee2fd1344053a62a1a84d62661276b4f5a9a1ef1fa88bd520fc8abafc6bf36045c467667865353a652614b2e9f39484c1c8c5f09ee18c7e5b87033218b544e6aab3c495b18e2ecde61fe10715911d865adcff4600b89a3c9557a504d3468e060e714e7de218d6cbc5aec79c275b4e61814d1f598fc39f84279e1e835a4411bd2b1b8d419bd68897ce5e245868c9246cdcb6ca081c72a377506cd5cb67a2133983e6868361b8ffaaed55d678441b1a4ddbc237641336d6515379c9cbf31f9df827c6e9801b8ac7a7db5d40ce6c4b1983d85fc3096ab7744bcb1ff5abba9179ba0e1798fd04c5145759eaa7acc8b042db4dfa5cae9c7b2420ecde4a06cbba8524166cc0045ab2a8f1ed02fef9b7a16983394848f008c7868c74a72f56e1dd5107f04c315d63c14c65958bae2d8caa732683ab5e4bab480503b01db2fcb8361c05222740e4d9fb661a487491c8b187b84e6625ea4e732ee67aa47a5a6cd46957e8a2e652c2e6a79fb0aaf2a2b012e0d364f571c86c7da3e073b2364033ee6447e96b76b6a858f546c0a3656fb807ed124729315183229660b35f5e18f6d5802f9af2fc871a76d1d7258a364b5ca7e901cda33e8700abfb404781be75442451a2fd6fd06659b18935a62da2b56054b933bfc0f5f48e389cf2bc21f4d7fbe63c459fca9212a16e0a7ed5ef902bbdd0a872d070f627f8ecaa71ac23556c3f1f8dc1b231ab4f6c85d6e6ec7a79d500792e1986472ceb61ec8be03b8c52e75c8ae50784e25ede4445fc40a4066fe7231ba53c401630a44dd63709449ef95d2cef189922a76715b4b0f1cab1d82abb21475fea8a278b836fda595cab52c601d1c67fea363064382f54ad918722f2dcc17f4b1e4c9143d6716a727dc0ac35ad9f1b064119295dd840d1b3dd459ac6e8292782e909b230675589e474a247a698886e4cd3bdfbeec60312516347d241652d87f3078977f24287d2100d6d7c2f3a1fa336f00f3ef1bc6a1982c705f6495a9d9f73b3234a8f2af51c510e5c454b260fa466765edb4d368f65c033c11b454d3fc50ba92255959b2f131182cf42c45b9260e3e1f6b7f67988b1eb555f01f9ceb15a3adb9d75691063a35c273a654345c91f1626414c30ac07ecb433bc98cc2053a8a469dfe3a66849fcb9470bc3fc1aa2b5945f4b57ae2ea912eb8f622e45a525dc32f3e71d0315b230d412b68f223087dbcc8400f7e890dd21834a49ad51bfb9723003247f795440f6da3a052f5248be9ed0520e99c3a13932b7d7134c5b63394a8f2cc5c488a98389d7b68d624cc2a16043870b30f3154050effebc16d86f4a10269a3ae2e53c3a31f9cb07c22dad3997dedca970c9b4292f72c0b8601fdf4d00779be581065e3a0df9f6793c367c4901e75c1e9a003782eb6311b2c2b5042efcb7ae9f902cd05925c673931f333b23c0f4a69c1fddaf1201eb370c068e21037c61b185343ef72584f133d61d773ef202fd374a6ddbc2c2edd90254dd1ba49a8253d6e63641bfe5a3de7154b170c70690ed433372f647d6537a8f379ceebaeb4b2765d0417fa61b548397b2b89b85c5b29ee425936d709b8817c18c306522a9b5f553cb2ce3497d6901bed69b95ae4a9f79b4e6835ebd993d367e407417766363db11683f3e1078703bfb760ca9875251e3b2d32cda3c5a7453888eb71e6e09004aceaf97b362f099ac9a518318aa35cafb5dcb9e1b1490e8c381eefa9eef2c84b52b6eed463b1e9bac326ded0dbffb534290c443594730edea3f90402560a3cceaf00f4f0156c166600558595b3e727bd074a98e572fe3aa880d46d48460c316c87e1d8e616582230f58b43b40aec53a6c71f077f1a810a84cf7291f7714de66b62182da97d1df13fc3648a0042b4900f9b1b1346dd024a5d79f8c9afeb08c11391098c80e255be8d64ad1fcf8811acf2d1e1cc7bb085707a9e299ac864ce0ff8e3b5a8fa3d114f7b05227d0752e41c0dc36a0fcd9ea35319cbe57a2bbe856ee0859978ceca7b9538442423d8fb92bf8c22668166ee72263ff9e2abbb1ce648445cbd0d7428d6d2f860917b0e8a549d6854ac69827918373e4f648a243d21d65cd1fdd44f25c0a6b22c8b041425d8dfdd6c4c4318f7f6dd573c07ec95046098a8007554cecddd007a478a2dd03c6c0e754f621026441a7b1651d1b31c8a54e98150a578eca9161dc7690cf7481bdf8a2f371eee6428b94f4e4c7b8d31b8eae3cd552f2f6d52bb60a9ec633609cc116c5c3d5bb83121abd4224aef8fda4332800af9941de05c6f6eb196abebfd6217081b7d52f767820274620e250601dfcfd7c80b2525bbee08c493a7fff10eb794fdd37d8a9355165beedfa043042740fb19496c26de1bbbe8e14a3f16fc76ac27844313bcc8dd4c2fb34e3bcde30f77b05525e9267e8bd893ca6fbb257c641768102696b5e3d48dd1684f0133a7dd3915b3f2a5077a9e2a4fa8531ba92de518d71971ab4a33b028c9941e9633dc7b7a6c0690e3f04024107f0a9d1e9cc2850a398ec3d54333089465223903230c14b0dc70ab6038dd46454db534cb7a033dbfd6f4af6e1a872a35b79245d658a6e63ae42adcd615f35216127412752b5c69216e1f0cc99954b3e0519a0492f0659c0408d01b6d224bdd9d3801e477d08533b16aef8755827980ee8707ff8603e43209a383800d56491dbfa44369fd41e910ee33669ed70294404cf89d940649f7725c9e006feb9b341073178bb2342a5346dbd10aa4647f6dab1e06465b42f8b6d77f7d4b254ca04dab32fabd17fb5b8d6b1124a32717b5923f01590e589945ede1221760f3ec3fa010f5cd4c6d717e3afab14523776ca4d519318d69743885d4dc7a77b79f1b1408fe3bce01e842ca0cd81e39e828f775572ea646af048fca57ef6b428deb80d2b75bef775d82da8e3196795e34c557c9cb565e8c7bf4a955ae305f9633d69d3269bcfaec69ced0da7cdcbf1ac18719292eeb58f379a01a61b060c9ba062f822e682290e0dbd19ec0c091f8028e1f7d7d488ff8084e63b63aed0f98aafc403cde7f12a6fc5e70fc7d4c000193c2baaefbba71d6fef29fd58a7391fbc1f0bbbdf67ff6fbad9289f74c43b383b8fa3dbba3cc55bc5739d691c40496895bebf438825fba0a7cb7ed073ef628fe8788c8884407dfbdb76cbb4cf15d6d3ae8ecbe4c3d618037d5eca6589a5495762feaee8e7f94c67cd4acecb075a57bf5ca9e8fae3ab090f222c7989b24fc8103febadb5bd3f1452def1c3da625c98488636fc15f75f13fb260b65a29fc2e6f578b79149174b7453d47b66ec6725b6abc2d40d9ccd257f59606df87adc73ab7177907df10c0e282869efb0ff2ad55f738b5abb587594d4f5a5380884cdce6ca9a588ddb62b5270c87b329df04aad5716e68bdee585ac38dcdad4d19ddc968ace69d4a6a5ab408a4da394234c9a36376f42c60a8d0924dd0944b1167bb31e3a4f01adeca5512ba504885b2357a5cd847bc63c457500771698dce3bb1a72707c60168e33176a2134e41126c4de0eb610fcc8207961ec161b77401115a0d26123b909187c3b0e08dbe78d569e2f0400cb133868fd689b28017de0886e11713cc714cf06ef2ff1bd5dea7487e0a91420c7bfe4f24077ba98f344fdb0707892390eaa92b8a7786f1a50288b0c94fa017dd4076b87f55544195ad1279b527dcf17d0cbfdfa4ad8ea1eb9972ff8b181d82a3a52ecf1812f329cf2e4088773dca0f75642120ee933ade87e39609581052a4cc521d18340ebe2a110673e545f45d36314ecfa33e15b813b1220a49a1e66f7c09c8332a63e79cc470f3813408231f46801281c5b389c20f8d96d40dfb3bc97b92bd6f063a50e8cd354b41246750f63afed05a3a7341d498977971dc21e1ec942690610db9100fe5c4ba3a9f8368cb3cfb72938f4cb681d94338b66690f6d470c80e0d815d45ca30d7795c0b5f513f33f3906a2db44b7a46083c6f07df28b51baa45dd38f4a7855ed5e05b6f257539877b0af38717ac4b83793cebac964408d680cbd395d9d6a4f881ecd8756711da04bd537061a70dc4f9080281bf6675ad727d62d74e5f42d84f32edbc4a98164d0a03a7a3d9aa63f6f47eed0d5cc61d6393940dc780f24e093c1e3a544c63820c710413dd863cd573657f4e5e3a440c76b8a0ed7c108cfaf800194738e9c15fbdaa2311414af984b88f46f7828c43fac0653db8d82d8b3ae31f4ee7fa64963808a0362d05ece1ad161fc9ccfe6b036bfbcbbc5d390828cbaca8266516bef5ffbb55311d2dbb6813d4089a9ef38cd45d1c2ea3ffaf04381d58cfb9d773c7de4c28b825c828dc4ba2687491200f1e40d9be077bb0043e850452fbbf960a9ab9865fbcd1bbbeb07a6b49989d16f2c7ad1660aa97378cfb1d267dad3afd3e0cf6937a1b12116d6b599ab732a6fab232585751e6b5e0d9f03820b05500d60b18a07d8969f3ca6336415e6ebe1dda363a552968497601f6c7e1261d7638bec814644f41048e3d2951f8794fbe3e96eb1d8c1399e9c18adc5cdb8117190281c8036220fdf3b550cd10ce0bacd3a98c46b401ded2514f41e0595dfcae77ad978ff9ba1e0a45c95ee9c", 0x1000}, {&(0x7f0000001c00)="549fb9fc727264db2346f50a23d1a8c00672dd0ef5dca20aec8a5557bb52d743791a2f4d8450c1bd2fbafe3939c4135b5628e0a1ce6668dd56ef397b7bb6584ce633d346f9dcfd244766f3704acd7c5fa777069acea6521722c8ca61a865d42b967c08a511e42d7b6862068435c1d3ac6c9b1af0fb0d5f163cef3cb1432191fa2baa113db9ebc03061183878b5587201e8e4bb276c8916fddea41558933afc0f357edd6bd349e69395baf9eb0d35469990e743ca986a3245b6e586d25c1c061d30328ad61c19b070c422f6618474d31fc735aa08a1f1b84412e890fa36b568caf1c63a64adfc165d6deda4ee8e608f32b8acd44e11d64aaf446172db19e4390dfdc04d9e23795572154c47159e0e8efc9721f7f05367584780640e609432a869c8d6215e0f894f31a701852ff9ec66ebf31165b841f3c8e9826f67058d1551963309d61196bce50e27ba70c47ede87b61b0005354396ace3d47d26b02c10a10de23431d01c34f8bd0682c37fb5b937afe217b9492fbbd46648ae34c96f75bbc3efed70a6eb98859c9321b2c8339fa41fbee5d09986cbebb1146eb419f07158b5ea3929eae266e9c0a976091026aef5e816dc3376f5a4b8120e6721039480ad164a634e1e9e473e1215201d27837e33dcd3cadefd018cc5d4964a9814cce38172234941af58ae526ace1ac02699735c9c2e06ac25468b9f7902c0832986ee7ffbb1ca0dacb29cc2ccf588558223fdb7ce2d855548810ce8064bd786e6b1b7bb53ca503268817c83d87ea274ed9ce93e7a76a991ef99a84ebb71c5efaa44ee0a6b81d2db4d321a6cc88523500c612203ed033f6b6dc1c40bfa3575483d15a312db56d4fd77a7a771d02aca874981d4d0a87fc04327adbf3ee4485cd97ed18cfcb1c912643e99f179032047e86e8d83d011ebcf8f3e0d5476dc8bcc9c2d7f8cec8a52922cca7684f0331708dffee66dd1ff2df1d3f790347e0b8973d7b175fada8b651e82445b2220217515eb57c5672d19b26453492cfd5e7b0252d1614914785e87e50897e8c1bc26edcfc24e6d3fe56a57de70ad396fac300ee37353619682911a0b72806f2d1f3534fcab915ecd8710e2f495a517e4e279b27b5bb29f291be800b75b7161327dad2941380a5a85d682897558d45a39c096c10f9daba305b32f41b00e3eebaf05bca816b37d0ad321c3175621ed237dc9b02af8ff69f09a3001ae50dd8ee6173621467d8be64ca3a0a9fd4dc551deffeff234382b1b7b2a3e997ea11e53b1fcf0e6e6cd8cd36b3877efc22fcaa63262dafb73884c7583de19041bc2e125fbf2629d96fc911b0b0642078a57c76f612368c5b03db80c0f887bb3345fc1ef2b88f2858e4cf28c6aadaabda31e67b1ff2f8969cfaade5acc802b1d07230b3fe1b199f19cb41a0501ed343744587e8e63d472d195a1e8b2c0c5f4cfa480c95314222f55a617f49902567e986d4d82672528402e9c55ff40120be4d273301233ed55f7f799cfa2df31d206eeb3dfb45cfd270614f7c25605eedcf8f9ccca25b082aca38eb08136371effa2e236eed654ca8b28087c2c3f3a6c8acfd28d2402d38ae649bf39807a2267a8685d8603985f9bce1d81f8cc633d9e07f66afa30b646cd62d86e95a826c705baa5b4421090b8fbffb862abd578d0c275a3f9c29e7cfcc19e2a601fc394ae9787cc1c43872fa2e906ec9812de3aa6be1ee299dc88cf6f16d3f3928f388739e1e030fb7377866eae6a6d3ae168cbc419675f74cf075c01a27933aab0b7186cdd9d9217ec96621893578d25be39e29991ed7887ca7022f51254078ad9759fcf2091c521c077775987922eb8c87ec86a94dde2e3b7f092dd894549b64388adc5a83f259637c77a3e314bd1f9496b30ecf3aa318dd3bb779d1eba4df3e4b911c344d3464fd73c775e202edcb27224d597cda091bceea96e4582e9c05d0428bd9d08f49ab2c723ca19b86c5ffb3a9433194c82916914e274fa92197c47c230d7bec2748a7fdf530410808ef8997d3253c9cdb8eae665514e7b6701bb60785e5283a4e438bb4fe38ca07a8a4e55581e2c8548c7897a6d211616b91f2833169ec586495ec8dfe7a1d9ae6e06c528cbbb5403641f79af9c92ca376b9f5053086d3c36fc905722a39aad8e637d75a632fc2c9c4bf7a1aed9cebc5d0bf6f524214f55eea0d4f502df91df83187a19b8c89181af579b45fa808267a3e27a17bc05bb0b33173e9a85021fa1920d13ae186022e27946d35c2db943065befca3c6eae647032d928e275e5524ada71908be395cc6cd18939a3ebcfa08f8b804f8383c966bdd8ee4c39ff0a7010936dc2175db30468cfa9ecc60de3d956b76eaf64f8cadc7364ec53714448c93f7221982d730a1936c69aba6d564a040486bc241ca91bb36972c96f9b21d43ba519069009388db799bf0d73b7c6e051b71686c34a87d5d341942db1240f7e0681b1e5d7a120007adb638e40c9c20f9de7a71147745ad1f18359bd09d4bcbf2c4ac6362301fb29813effaba08a19c020966e2d8ede9469c6aac4231714e5350971a564f78e08025cf6140d826dd28bae00f6560c0da9f04fcb628f8896b97106f1150e50b5f825d080249b76b3698d5f20430b41bd5fd0788ec016d8ea49c41c5b9ab37df0fba791fe022051aface508475d2f791a6458359c8c634e5a646247fa171eaf084c0292d052b5d030f1ef9d4e9ad9b6785be560c9100fcf83fed55d17870340a9ae63fbc8670e1de04400bf665d2c6f8c112c1bdc7b99e1094592c16224b599d68fcdf14a37125a2c89ca43802802c7ed0e604b55a1b3a8257ee9ab6a6f82e5be841c08ed8e16bf1b39f2f30013cb611f6451d7389ed818c0a91513ae683509e1f18d25ba5012a7ef390d0ea8b2c8f284795a7c04e2e3e45cd9fd4cc010f97be337b3964cf38bad9282064b202bc58c2aa4a6c8e24073d5615474645d6ffc1c34d86444522f820837324c3c3e5db55fa3bd6661067db5f29856033bee83c180e8ef5bfd14dab8b886c41780796790a8a1124afd809ed715548e3dc58c60d84831e3f6dae4f428a848dbe6c9eadd91356c0d080dc6e8904f563310902f5cad87cfd87dc8d910e46bfc3d41dbb9075240ae5712d42ea28ff193c6974a9ad7edb85221de99ec65b43cccd9e6224de373391c9ff58bc938834c5937f9dad6eeea1a24a113c81aff8e79b608574063d91fe6de8961906cdae188036402316522abf9d5297d889dd259456e0aad199a6a8c52b3fca4f69784c0adc8c475b327ae43d12a1131f43b12569aaa3d2bb56347d44303b80af52b79a5b0bc118887fd060367ad2b1e822c70803c9771f25c0b6eb6707706c9e79e103956c5f65e97037481b65bcd3ea560b21d3f0c59779aaa1b129f1551b606c138f1cd9dbcce8826dd5f1eb0a46e41118d2145e8df3d3ebbe36ce5f12132c13c737cbe62bae2d8dff92d462e91dd8931615f43b9e49230d43b9d6ae6a0510c89f0e8ceb4c0599d756d84423b56e911d74ef43f9d79cfdfa8c951081cab567b2650b40fa02e20e1396c927b861e32c6dd7f09b43d48d44874afa463760901ddd92ace11788b656fc7661ac89442852af87bf7c2cd0424688e9192380a0145590337b4628b00cc103d4f0462e180eeef2eaadeec379307f5db2a7631e08a5c8695eeba7c1994e89525e52d93c820c1f8834239c0e9af04899ac96722cbff025720048841e5ad84a0c441789762042c8438b1b82890d2040749cb67052fb549438744977a190aa638aba397f5d6c9e802fa4ce5844fa308eeb3eb6a8ac3576d51818462839a5c449baeb8ffa1be566685f1bf7bb3f0aef720359458d10495f2e406e754f89abd1f80b495bb8559429d65e641a86f93cc41d20406162655865369afae6449cddb3e5c3f801282eb13853a6f4ef9fcea87f80bbfcba1fe888e2cf8ae6ece60e74dd904a42137743cf4d1dbedbd95cb4eb9671f771aa6c81fa716b3cc876c8b88644ebf407c49e55ae99b32bfb774803c72231af4b1892101d70bb828b2f63823316ddee3c6459ad2f35377862468708471d44b6f44cc0c1d29b02dd264ca3c24ece069ab46c23c4c4887a029794af74b93c71f0b50932c9406fbc309f85f81ed05862bb58c9d921761aa8455dedf42b744bf09807fe79aaee1be137c9ffda295d72b06f5b65217b5e2d999c201c1faf48cb8500a642976a7883d05952a1540aa4f45fa95b64bb39e433a5397242760521258c99cc635d1d710485e9dd80e452c625567b06325c6cac3c765f7d1f44c280a19fa3fac6504a41ed5c2adec0c5bb7cc5fd804ec12d08f66185e590eb28845797eae3f428b1e148d005acbd58c4a8ca856dd8cfc5de21f09b8ed02c1c60a045843f68891846690b064c18273c615af5c535d86862c0f40339de83731663380f879e18e8829bba3d3d02ca15435e0fceae19cb28a0c614ea253a8a9ca26974149546efb3d7fcc3e92a28ad8dddcd6f817a3056f10b274ac83f5296ee7e49614f4fb62552bbd7d1c74e84073105af8d6a0dae4efad12afbb6fd94155b55fe7519960c5cf5cd91d16b739fa9e4b42a6a8792d7c9182fc8b7bd30c76b64d53a613ae568fc5fcbc7b69e786c2972e9f406bf84a036d33bc0c9ac01242ab835d5ee9345108531bede81e371548ea5a548ea86da5c8b33f4d245a0ba3c68129a0fd0aaeed956d5dbe1665824b1f45ad064c4664fa3244fac7e561b1f3e79c73452016cd7b5be3a222b2687272689c660a94e543b483779b14707a16ebd4107b70b19ca86812292885b59e6c2c4c5606924e815afc1e03c6fd65af75aebeea3720849a630a58b659522c09645620301655affb8f0895ea4522d9b6dac461424c5e18481b3298b6f831b44bb83b1ddb641f08c781d2df289ac68f7170ec6e64db81df69aaeb4a29bbb930d96b9daca51ff284d331030c0c919926669e586374e9428e3a709839cd24ae91917697156e15ce40ac9ada0c1c638fd3dc136cdca0767056842a02ca8355ce6bed58d38fe2a825f235143b46bfa532a2cbf8d1d74aab55481b61beaf2cdcb6f5ac981038f1976a4a4d4fa8834bb8105d5a9fd6e2436c0e585f9e2e96f979cb9ff5aa1091c0abb971826c352bbe0869ec762fd86a3990b2339fff3ef32fdd9fb88e4fd999c11cd7277efc806dff3bf8151cb6cb855a088fd7c7ff083b608fe411f3b0d07a937682ad2df0409654143b7135c15259e1f7205a073f8691276fabb3891b9c47d509620d759c79b81fe30771e8e9a0734f4298a0014163616852566a63429d8ec39abc7dca4a479dd4351d07d32c144776ccb733cd28a0fe4a8b5ed8b80828304150bf3aa6de75074980995b15879f06fd53ace235a7fc3038d9e0ac48c453dfecfb6f46f65e0ff178960589dac7992945428f768c96da0aa299c3495a05f26f238d52fdc148de4f32296731c9b90ec785443d7ef8a3df6e8008347a45e0616d10e2ac7951a9a19bc9b685655f08edbb141d09a2a6d3748846acf187238b78c2c48d1f5ba145c7f1337c01f9c332165ac2611ae1d56b91eecabe525d9867d510326155d53cc2324c36277445c3e6986cedd996997aa84b243876c6a3e4a82aefbfeb8b069ebcc2fe2c3be026ca75f0acc345baffb5deaea2e1a499a5de1435f77ae29019fafd5f662765b705df110087c6e31e56e1d4a3fdf62661266c294c455dcc7bb2c3d6be8b436d6514b27c6a6a7d9f690756d8762bff7a34e41351a57b6a1d5c7364078725cafe69521c3532b7bb6ddad9f1e2", 0x1000}], 0x4, &(0x7f0000002c80)=[{0x108, 0x19f, 0x1f, "2dab67317eeedda7db1bacfc6e49197d40b9b4736a592bc601c66aefd4775818a74b1805b0d30a2ca2623dd2bc12637f721f2b06ddb0f1dbcbf46f75a30eb1c99a6c38fb364baeddd9bab55ba999900009b958180339bff60b77abb6b08b94fd48904b47216bf712329896e7bf832e3c7e2783f24a67e5fbef21ef304fc43f73dfaddfa4cf91950f07ec1dceb4c4f5bd03bd5db5c768ef772169cd94b9c3f55277eaa52338807c6eca39990a0abfea0b006b958b498eed73f914773310e3aab718a0c26ae361cb2c0e3dd0814667cccf8936ba911503e8d5b2bb24d5e191a8fd53c8308fb344ecbaf621fc3b585cdd11f4b1"}, {0x50, 0x119, 0x2, "11ae421ac885c53fb4489321db15eb6420fb87852ede63bd5271723aa8accb3103ab3fd84e1cb85b142e90542f2748df954089d970cecb7ac73677a3d0f0"}, {0xd0, 0x0, 0x401, "0cbd7ec1ece3124960c0db355b5d5ed33af7bb03bf25580bacf4c6856100d304ae679405daa97b2d0decf0c6d98b1f65c19dcce089568b0c92f0ffbd4badc0936bccf088dd33c1674a380dab0a526073761571aed5410f09a73520b9ace7bbc79d7246d016a83951752eb439f38ba2efa6235f154a8b8e72d1c421f266da9a08014f4cf45e0875cb93ab4891a635bc95d4249bcbdaddf86b293ed269bc15ede5be48a93b67d86546868b9cde0aa579d22fcfc17cc73e16b8ddee40"}], 0x228, 0x10}, 0x2f}, {{&(0x7f0000003100)=@ax25={0x3, {"8bacda7aa4e170"}, 0x7}, 0x80, &(0x7f0000004180), 0x0, 0x0, 0x0, 0x40000}, 0x400}, {{&(0x7f00000041c0)=@in6={0xa, 0x4e24, 0x101, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x5}, 0x80, &(0x7f0000004580)=[{&(0x7f0000004240)="fe424c878338bc94bab5b3f705944334de74268d99dd7a86c02e3e092a0fb2d0de770d463135ea05470f1de80c01fc1e9bdd25d5578f7b9b6555367b1c2b660229d46ba357a41f28a0cd05f33a5abb09e792847a1daa609945fd84ebfa29e2c551ca72fd3250a6a26474771a6cbf7ff59a194d0759c3b1920e1ee67b5158f47c4faf8179a74a86ccbbd9fb9612e55535011455e44c8aabca4be9b6179087b0cc186756234214d6428d33ae13853a81d2c3a36dee737817e44f81e58df5dc90ebc3e0bda385e4b6aac36229db6697e8666ae675baf9b2e9d1fc98422d8c3ad4ccd376bac8ea0a31", 0xe7}, {&(0x7f0000004440)="16d9ca2e5a36651caf0b812e38bd5b4f238bfdae97ca6704e100a181cdc359e77f0a2ebdae1734e41d446ffc08ae8ad0e06e793d7002d16d54caaaeaa5b46738f2f73c2e336a83b84e0cca9ce45c3aa7497ff086c19eb3451fbc5f3d09979401cf6f65a6c8cdcce13055d02c22f28b7910a11c38c9084bbe7319eeb987e023df07d5ac6dc1499b197217c7f2611662461b5d135707d741f2ddd426fd154927deb2e62241a393b4c7bfa3879a7e786e3be04fe8fd730b985e436d5db960ce13ad962030097458cee78ab085889b502983b5b5995206", 0xd5}], 0x2, &(0x7f00000045c0)=[{0x38, 0x19f, 0x8000, "b27266a0d4f024fe1618663b22539166c6d5f28246a1fd981971132100e7cb8e477466532f"}, {0x50, 0x11f, 0x2, "fa66186b48663776d869aceb221319631d744ce01ea3d2d849d4103d0429079e978fd1e094d2bbd9f261f2acd0f8a6eaf261d359fa2cf3eb731617"}, {0x10, 0x115, 0xffffffffffffffb5}], 0x98}}], 0x4, 0x0)

03:43:07 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)="2e2f6367726f75700000000000db887974a9d4b8049e206606a808fcfe3dd31291f786cee92a2ed9cc0eeb0f6e1b21700557d7d321c616f2a69f975e5d5807683103cf48516fd96063603193e1cc3109ac8eeb3489d6a5d86eea6fc66adc6c92378d49", 0x200002, 0x0)
fchdir(r1)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000000040)=""/127, 0x7f)
lseek(r2, 0x5c689bef, 0x0)
getdents64(r2, &(0x7f0000000200)=""/54, 0x36)

03:43:07 executing program 6:
r0 = syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x105082)
r1 = memfd_create(&(0x7f0000000140)="000000008c00000000000000000000", 0x0)
pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r1, &(0x7f00000ddff8)=0x40000, 0x102002f01)

03:43:07 executing program 5:
r0 = socket$l2tp(0x18, 0x1, 0x1)
unshare(0x400)
close(r0)
r1 = socket(0x10, 0x80002, 0x0)
io_setup(0x6, &(0x7f0000000300)=<r2=>0x0)
read(r1, &(0x7f0000000100)=""/223, 0xdf)
io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}])

03:43:07 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x800000018, &(0x7f0000001280)=0x503, 0x4)
sendmsg(r1, &(0x7f0000001440)={&(0x7f0000000880)=@in6={0xa, 0x4e21}, 0x80, &(0x7f0000000840)=[{&(0x7f0000001480)="8dec3f7bcc4e40402a87b000058c599b541522f7bdaaa8b69638a0b2e2086e35c8b722b8a7295afaa61eeb02f208ecb5e7facbce008f6c22df6186cea07753b9f2230d9036f17f7924348dcfb76e6fd5c62b60889fea84af85fa17ce58a1e80c3a23b2d2970c8b3ed56d05510cb72835f879a59fcf95ab7f5e45120856d42ab0f4a9b4dfb6dcd2f6f5c7a3565beafe4f317d3aa267d52ddc55dff7fe45264449d7a602e4fb549df99f005510b90edbfac93c931cc61f4b8a6cd413319cb1aee2e7d70ee0dcf651b232634a2f530d20b9654a5835503ec5f4695e05a63db13cb8f28bb30051d730cefd5099723655743f168285f04af5d80d4675a29382e142979a876a66144594abb7f824ec5dd275fcb8e8175e5c15a11a82d385d40bafb6a723cf03db593144a4d607f2598b6e321965f87e04c586ed4f6df269eb918d9e0fd681fe18312e74fbde52bd7ea4e087ffb93faa4d613e02b447ec1ef1af747da9d2374230c45fe7c848fc4a8f74787b3deeccf25a0fdcc5686f1e275f7dbc5890e222a6c10f2f2cecf3d0b921589046bd68ac7551b0b1e91ddecdc8f696c116c40208ef860fab2b19b674ce8a5bdb50974f19c99811c0e818e47be3419ae7f9003ae567a9324ae65d50a452f06b99dc1e1f5f3dbf13f2ca0a38e317e22727329d91c1b87402b1b9061de81a8e264c5a1a6bbd73843ffc1525ba436929d6fed958e0376b31d9f8d3b5eff896285dfa7894f3e784cb7eb093119346710f3f0c0461fd1fd162a9e2758ab35fcab8f69609179a16a14a9d57aef4a76cd2727555dbd6bdc92aae623a017867a305f5f3fb947bf83ff20d208eb50cbd672c532c511f15ebf9bb779ba27f2c3bf7ec247e080fd2bef42fffdb6c167d01e8af2c98e3ad43f510849a8469d76b865b2119676972408aadf0a6517b510b4d799f5a99ab4938e0763dac43302a0e526b9c7f650597dcef62918e71945bb114cd42262b44e78aba01eb61a49cfebe85eacdf0f8c31df27adf85363fddc945a362ada8c4954ad0c7d33ff49ce5e9c0d2db3a73cd2676631acb6420492f8e0ee515e75fb46b9531c06ea26ed9dcf5b52510542338b2f8a3957453315024833f8a022933d90cdd606c01c860c2cf63c674de76c51c60c569ab565422a06fd7dfe8b905086a324ffba34d17f222ce26ab4540df08c7e995f15842ba75a33a4748ed0a3687d635922e0362a50652b4396d05e1538925a14ed8fd0357178c3cbc0200c1ccf7d335af32a2c2cf88311f11ed84f3423a9acbfc133c74154a2071b9455ef047b2a6067948c188c622d5c676305e0af8433a20aa03788bc39feb45e472fa705d4cf4e3af6914329355ee585da3ad5e5db79fa782d656ad5cfa3d69056edcad494aad5154001421a094666bc9bd165c8305380b52b27d3d25efa58503c78e9ad2d035e3ea796c095273cb75494483b39f433a0402e44b8a06b32fc2f4da300951ef0b32b33288fc1d857b3781d3e3dcf295cdb52afcbfaac1db538cda9ca98cc19eec4efd572b63ca57d35a75f4c702472c54c54cbab917d256ef37f4e0efae6ab507a1427529c374946e76f03740843394824fca8616872e23b6e6c5ccb377f093952a024cf8cf6501fa02c66f61cb7ac28edd4c4a48430d6de0df14b8595665b89075a1b9dd6722778422ea20e863e53aae3b827288b396e6b08bd234978a5e24955a3596fc33", 0x4c2}], 0x1}, 0x8000)
sendmsg(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="60d35a68f077fa", 0x7}], 0x1, &(0x7f0000000a80)}, 0x8000)
sendmsg(r1, &(0x7f0000000200)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000240)="e694446313bf3fbb7da9fb", 0xb}], 0x1, &(0x7f00000036c0)}, 0x0)

[ 1448.552076] device bridge_slave_1 left promiscuous mode
[ 1448.557592] bridge0: port 2(bridge_slave_1) entered disabled state
03:43:07 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000040)="66ba2000edc4c2f90089c2dcf8070f01ca660f013726660ff19dfaffffff64670f06660fd58d0a000000d19e650600000fb04b5c0f30", 0x36}], 0x1, 0x0, &(0x7f0000000100), 0x0)
r3 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="640fbe0af0f75100ba420066ed360faa66b9800000c00f326635000800000f308221990fc71e27000f216d260f2134baf80c66b82735ea8166efbafc0cb06cee", 0x40}], 0x1, 0x24, &(0x7f00000002c0), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x10004, 0x0, 0x0, 0x2000, &(0x7f0000fea000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[ 1448.625496] device bridge_slave_0 left promiscuous mode
[ 1448.631040] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1448.694330] team0 (unregistering): Port device team_slave_1 removed
[ 1448.703688] team0 (unregistering): Port device team_slave_0 removed
[ 1448.712595] bond0 (unregistering): Releasing backup interface bond_slave_1
[ 1448.734154] bond0 (unregistering): Releasing backup interface bond_slave_0
[ 1448.755076] bond0 (unregistering): Released all slaves
[ 1449.714187] IPVS: ftp: loaded support on port[0] = 21
[ 1450.021845] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1450.028258] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1450.035169] device bridge_slave_0 entered promiscuous mode
[ 1450.058295] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1450.064734] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1450.071670] device bridge_slave_1 entered promiscuous mode
[ 1450.098252] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 1450.122125] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 1450.188175] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 1450.213641] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 1450.312931] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 1450.321239] team0: Port device team_slave_0 added
[ 1450.342952] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 1450.350305] team0: Port device team_slave_1 added
[ 1450.372455] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1450.396487] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1450.420116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1450.444556] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 1450.451658] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1450.459664] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1450.655067] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1450.661472] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1450.668103] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1450.674462] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1450.681727] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 1451.429336] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1451.488127] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1451.510931] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 1451.585238] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 1451.591412] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1451.598699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1451.662504] 8021q: adding VLAN 0 to HW filter on device team0
03:44:11 executing program 3:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r1=>0x0})
ptrace(0x10, r1)

03:44:11 executing program 7:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070")
recvmmsg(0xffffffffffffffff, &(0x7f0000004900)=[{{&(0x7f0000001680)=@nfc, 0x80, &(0x7f0000001780)=[{&(0x7f0000001700)=""/91, 0x5b}], 0x1, &(0x7f00000017c0)=""/116, 0x74}}], 0x1, 0x0, &(0x7f0000004a40))
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/anycast6\x00')
preadv(r1, &(0x7f0000000140), 0x391, 0x51)

03:44:11 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f00000000c0)="b8679a00000f23d00f21f8352000000a0f23f8360f4864c563b9800000c00f3235010000000f30642e660f2e188fc86095ff0066ba2000ec660f3807a431224a000066baf80cb83ccaec8cef66bafc0cb801000000ef66b880008ee8650f005725", 0x61}], 0x1, 0x24, &(0x7f00000002c0), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x10004, 0x0, 0x0, 0x2000, &(0x7f0000017000/0x2000)=nil})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

03:44:11 executing program 6:
r0 = syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x105082)
r1 = memfd_create(&(0x7f0000000140)="000000008c00000000000000000000", 0x0)
pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r1, &(0x7f00000ddff8)=0x40000, 0x102002f01)

03:44:11 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000003, 0x100000003)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP(r2, 0x4068aea3, &(0x7f0000000040)={0x81, 0x0, [0x3]})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r2, 0x4020aea5, &(0x7f00000002c0))

03:44:11 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000003, 0x100000003)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000f65000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f00004aaffc)=0xfffffffffffffa1c, 0x4)
sendto$inet6(r1, &(0x7f00007a8fff), 0x0, 0xfffffefffffffffe, &(0x7f000006ffe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
sendmmsg(r1, &(0x7f0000008400)=[{{&(0x7f0000000040)=@l2={0x1f, 0x1000, {0x4, 0xecc, 0x0, 0xd, 0x6, 0x40}, 0x20, 0xff}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b524992aede785f8b922318d48bd444e766bca0f5bb8020ae2875481d56c6c3619", 0x21}], 0x1, &(0x7f00000001c0)=[{0x48, 0x1ff, 0x1000, "dc3f56667ee88ccc16a3ae37419d0555cbf5d9cb1a8700eddc5b53e8fdc374c0ab9b07da2a7a051a1527210ca34f56af5a7aad68"}], 0x48, 0x1bc994861b8f8b4c}, 0x92b}, {{&(0x7f00000008c0)=@un=@file={0x1, './file0\x00'}, 0x80, &(0x7f0000002c00)=[{&(0x7f0000000940)="80bf68c49a1de7ba879cdad7bdeac2e483f515a3f8ab340fab0f726dcb794ceb1a267df11c833e778c72e164a403d9d9cba2699dd35ff0a7f0c8b7c7167829de044e50287e4e4edb7c416c7e06eba2809633bd7e412a949ef89728d8e98550ae94710f3401984544fffdf2560f15bc01b17008cddfa8dc72a28472666c71a9dd92ab04369258c3cc968e51f9544a0ee58a5f7196e6", 0x95}, {&(0x7f0000000a80)="2ef322e6102c1f3ea5897107f72f63399a600c584ffe7ecf93863d2b6a01916e03538431e954a6d440f75d53d4359406fb1cbf0b7ec8e393518e7ad760eb0f636a82dc0c40c2c19230587cb9eb63d908b5f2f30fa4a7f21a3627435fb6fd21b71ae7944402e97c91615373536d96bb950826be585c6553c83f32f7b0c5790bb8ac16e0226b9f0ea6906662941da48f092e6b3ddbb9276d87456ad6dcfbb9ebd208ccdcda87fe1ac6b42a", 0xaa}, {&(0x7f0000000bc0)="322b7a8535fff9b5f9fe8b997ae0ce0f1601564e7420ad75ef3c316d8e5859b22750273c285869e93d9fcb204bcf423b5cd557d62783cc1e1812aa8b492e39d28d6263304c033b992a514145b6d8d0c4658a264bcaabf8330569dd4ce47d15036bae16af480efbf0476e7880cb0b424d72094c737342a3c038e6d632f801fb48e9902a2acedeee07ff09330c0744097d23c541e63512c7a5b381024b31abe029d82699150305aea84ecb9561fff69c28e93a6bbc45e9af7e040093bb60a6535fa266cb1eba41a74cc104bb81ffb10a0704e7e163a16744b2c9f6b6d59704bfabb47536394ef37cd87d980d7b5ce5495d76cd2b87a9602fde8563a9e5eb2d39e61c5db060e454b8ee7802214736799e892d4158874247d52dbbfb35588e18d966e4f4471cc053dc7d588f7c984dd25cf519775bbfa06ef46679262e682b8731d5921ef4beb183afb6e4c2419eae303e66f1cc07eda153fb6afd64eba1520e28ce42341ead88f616f9c4736c31d0166769aa3fef0d0c9ce231844e69953fd6890a30065bdaee4ba28ecf9c50580f0442bd0a7cc182a788ca52e007bf26ff17e9b1703efb682a95c8c4c76a9ceadf76adcaa56987ec8956724564e4d4bb1f5752027bb17a9eb4f6af2989bdaca99c8312f26d49f632814f5e4bdcca3226bedb6a32758c2c4c3a7d62fe9d9cfe83b2718cbdc57b2a606bb6d6ca66f3f4828151110687087e763e903c5788bc73a1a4d9c06bb1a2d1ae083322669ae445d0a0cd75b78ce7064c29709e65771fe85c858dc9180ac57f6f020a807b3689dd7c574bd7943a8acd54c5ca1b8c75c2a0a7e7156e5c4b0a0e0c8dd6ef63571dffc0c79ce670916b513cec9b09f46988fe6682201e3ed0998392ce356c0635f6e1fb892ac88fb9d17c186676861fd14f6eb4648112e5df87dc825eba6abba17a289a8748d6d01f6eac0d86e222f4a3214c75ffd0db4e3b9689c61422c8cd2ea5b78067f47a1879bb18d0fa8546bab3dd64a0c761a4c50bc724ede057b6e71060efa5ab97cbfb829873c5116f565d5410d6396ac8598df7b673625e0122157fa0e7302e939a64e45e902d661a5e2595fb54f4781d7afa40f3c5c45fee0e40571b78d447f73963d17dc18cefaf80e36a55654581abd47a9e6e4ba7b36e22685b2ef5806044387e8d40fecd637ee2fd1344053a62a1a84d62661276b4f5a9a1ef1fa88bd520fc8abafc6bf36045c467667865353a652614b2e9f39484c1c8c5f09ee18c7e5b87033218b544e6aab3c495b18e2ecde61fe10715911d865adcff4600b89a3c9557a504d3468e060e714e7de218d6cbc5aec79c275b4e61814d1f598fc39f84279e1e835a4411bd2b1b8d419bd68897ce5e245868c9246cdcb6ca081c72a377506cd5cb67a2133983e6868361b8ffaaed55d678441b1a4ddbc237641336d6515379c9cbf31f9df827c6e9801b8ac7a7db5d40ce6c4b1983d85fc3096ab7744bcb1ff5abba9179ba0e1798fd04c5145759eaa7acc8b042db4dfa5cae9c7b2420ecde4a06cbba8524166cc0045ab2a8f1ed02fef9b7a16983394848f008c7868c74a72f56e1dd5107f04c315d63c14c65958bae2d8caa732683ab5e4bab480503b01db2fcb8361c05222740e4d9fb661a487491c8b187b84e6625ea4e732ee67aa47a5a6cd46957e8a2e652c2e6a79fb0aaf2a2b012e0d364f571c86c7da3e073b2364033ee6447e96b76b6a858f546c0a3656fb807ed124729315183229660b35f5e18f6d5802f9af2fc871a76d1d7258a364b5ca7e901cda33e8700abfb404781be75442451a2fd6fd06659b18935a62da2b56054b933bfc0f5f48e389cf2bc21f4d7fbe63c459fca9212a16e0a7ed5ef902bbdd0a872d070f627f8ecaa71ac23556c3f1f8dc1b231ab4f6c85d6e6ec7a79d500792e1986472ceb61ec8be03b8c52e75c8ae50784e25ede4445fc40a4066fe7231ba53c401630a44dd63709449ef95d2cef189922a76715b4b0f1cab1d82abb21475fea8a278b836fda595cab52c601d1c67fea363064382f54ad918722f2dcc17f4b1e4c9143d6716a727dc0ac35ad9f1b064119295dd840d1b3dd459ac6e8292782e909b230675589e474a247a698886e4cd3bdfbeec60312516347d241652d87f3078977f24287d2100d6d7c2f3a1fa336f00f3ef1bc6a1982c705f6495a9d9f73b3234a8f2af51c510e5c454b260fa466765edb4d368f65c033c11b454d3fc50ba92255959b2f131182cf42c45b9260e3e1f6b7f67988b1eb555f01f9ceb15a3adb9d75691063a35c273a654345c91f1626414c30ac07ecb433bc98cc2053a8a469dfe3a66849fcb9470bc3fc1aa2b5945f4b57ae2ea912eb8f622e45a525dc32f3e71d0315b230d412b68f223087dbcc8400f7e890dd21834a49ad51bfb9723003247f795440f6da3a052f5248be9ed0520e99c3a13932b7d7134c5b63394a8f2cc5c488a98389d7b68d624cc2a16043870b30f3154050effebc16d86f4a10269a3ae2e53c3a31f9cb07c22dad3997dedca970c9b4292f72c0b8601fdf4d00779be581065e3a0df9f6793c367c4901e75c1e9a003782eb6311b2c2b5042efcb7ae9f902cd05925c673931f333b23c0f4a69c1fddaf1201eb370c068e21037c61b185343ef72584f133d61d773ef202fd374a6ddbc2c2edd90254dd1ba49a8253d6e63641bfe5a3de7154b170c70690ed433372f647d6537a8f379ceebaeb4b2765d0417fa61b548397b2b89b85c5b29ee425936d709b8817c18c306522a9b5f553cb2ce3497d6901bed69b95ae4a9f79b4e6835ebd993d367e407417766363db11683f3e1078703bfb760ca9875251e3b2d32cda3c5a7453888eb71e6e09004aceaf97b362f099ac9a518318aa35cafb5dcb9e1b1490e8c381eefa9eef2c84b52b6eed463b1e9bac326ded0dbffb534290c443594730edea3f90402560a3cceaf00f4f0156c166600558595b3e727bd074a98e572fe3aa880d46d48460c316c87e1d8e616582230f58b43b40aec53a6c71f077f1a810a84cf7291f7714de66b62182da97d1df13fc3648a0042b4900f9b1b1346dd024a5d79f8c9afeb08c11391098c80e255be8d64ad1fcf8811acf2d1e1cc7bb085707a9e299ac864ce0ff8e3b5a8fa3d114f7b05227d0752e41c0dc36a0fcd9ea35319cbe57a2bbe856ee0859978ceca7b9538442423d8fb92bf8c22668166ee72263ff9e2abbb1ce648445cbd0d7428d6d2f860917b0e8a549d6854ac69827918373e4f648a243d21d65cd1fdd44f25c0a6b22c8b041425d8dfdd6c4c4318f7f6dd573c07ec95046098a8007554cecddd007a478a2dd03c6c0e754f621026441a7b1651d1b31c8a54e98150a578eca9161dc7690cf7481bdf8a2f371eee6428b94f4e4c7b8d31b8eae3cd552f2f6d52bb60a9ec633609cc116c5c3d5bb83121abd4224aef8fda4332800af9941de05c6f6eb196abebfd6217081b7d52f767820274620e250601dfcfd7c80b2525bbee08c493a7fff10eb794fdd37d8a9355165beedfa043042740fb19496c26de1bbbe8e14a3f16fc76ac27844313bcc8dd4c2fb34e3bcde30f77b05525e9267e8bd893ca6fbb257c641768102696b5e3d48dd1684f0133a7dd3915b3f2a5077a9e2a4fa8531ba92de518d71971ab4a33b028c9941e9633dc7b7a6c0690e3f04024107f0a9d1e9cc2850a398ec3d54333089465223903230c14b0dc70ab6038dd46454db534cb7a033dbfd6f4af6e1a872a35b79245d658a6e63ae42adcd615f35216127412752b5c69216e1f0cc99954b3e0519a0492f0659c0408d01b6d224bdd9d3801e477d08533b16aef8755827980ee8707ff8603e43209a383800d56491dbfa44369fd41e910ee33669ed70294404cf89d940649f7725c9e006feb9b341073178bb2342a5346dbd10aa4647f6dab1e06465b42f8b6d77f7d4b254ca04dab32fabd17fb5b8d6b1124a32717b5923f01590e589945ede1221760f3ec3fa010f5cd4c6d717e3afab14523776ca4d519318d69743885d4dc7a77b79f1b1408fe3bce01e842ca0cd81e39e828f775572ea646af048fca57ef6b428deb80d2b75bef775d82da8e3196795e34c557c9cb565e8c7bf4a955ae305f9633d69d3269bcfaec69ced0da7cdcbf1ac18719292eeb58f379a01a61b060c9ba062f822e682290e0dbd19ec0c091f8028e1f7d7d488ff8084e63b63aed0f98aafc403cde7f12a6fc5e70fc7d4c000193c2baaefbba71d6fef29fd58a7391fbc1f0bbbdf67ff6fbad9289f74c43b383b8fa3dbba3cc55bc5739d691c40496895bebf438825fba0a7cb7ed073ef628fe8788c8884407dfbdb76cbb4cf15d6d3ae8ecbe4c3d618037d5eca6589a5495762feaee8e7f94c67cd4acecb075a57bf5ca9e8fae3ab090f222c7989b24fc8103febadb5bd3f1452def1c3da625c98488636fc15f75f13fb260b65a29fc2e6f578b79149174b7453d47b66ec6725b6abc2d40d9ccd257f59606df87adc73ab7177907df10c0e282869efb0ff2ad55f738b5abb587594d4f5a5380884cdce6ca9a588ddb62b5270c87b329df04aad5716e68bdee585ac38dcdad4d19ddc968ace69d4a6a5ab408a4da394234c9a36376f42c60a8d0924dd0944b1167bb31e3a4f01adeca5512ba504885b2357a5cd847bc63c457500771698dce3bb1a72707c60168e33176a2134e41126c4de0eb610fcc8207961ec161b77401115a0d26123b909187c3b0e08dbe78d569e2f0400cb133868fd689b28017de0886e11713cc714cf06ef2ff1bd5dea7487e0a91420c7bfe4f24077ba98f344fdb0707892390eaa92b8a7786f1a50288b0c94fa017dd4076b87f55544195ad1279b527dcf17d0cbfdfa4ad8ea1eb9972ff8b181d82a3a52ecf1812f329cf2e4088773dca0f75642120ee933ade87e39609581052a4cc521d18340ebe2a110673e545f45d36314ecfa33e15b813b1220a49a1e66f7c09c8332a63e79cc470f3813408231f46801281c5b389c20f8d96d40dfb3bc97b92bd6f063a50e8cd354b41246750f63afed05a3a7341d498977971dc21e1ec942690610db9100fe5c4ba3a9f8368cb3cfb72938f4cb681d94338b66690f6d470c80e0d815d45ca30d7795c0b5f513f33f3906a2db44b7a46083c6f07df28b51baa45dd38f4a7855ed5e05b6f257539877b0af38717ac4b83793cebac964408d680cbd395d9d6a4f881ecd8756711da04bd537061a70dc4f9080281bf6675ad727d62d74e5f42d84f32edbc4a98164d0a03a7a3d9aa63f6f47eed0d5cc61d6393940dc780f24e093c1e3a544c63820c710413dd863cd573657f4e5e3a440c76b8a0ed7c108cfaf800194738e9c15fbdaa2311414af984b88f46f7828c43fac0653db8d82d8b3ae31f4ee7fa64963808a0362d05ece1ad161fc9ccfe6b036bfbcbbc5d390828cbaca8266516bef5ffbb55311d2dbb6813d4089a9ef38cd45d1c2ea3ffaf04381d58cfb9d773c7de4c28b825c828dc4ba2687491200f1e40d9be077bb0043e850452fbbf960a9ab9865fbcd1bbbeb07a6b49989d16f2c7ad1660aa97378cfb1d267dad3afd3e0cf6937a1b12116d6b599ab732a6fab232585751e6b5e0d9f03820b05500d60b18a07d8969f3ca6336415e6ebe1dda363a552968497601f6c7e1261d7638bec814644f41048e3d2951f8794fbe3e96eb1d8c1399e9c18adc5cdb8117190281c8036220fdf3b550cd10ce0bacd3a98c46b401ded2514f41e0595dfcae77ad978ff9ba1e0a45c95ee9c", 0x1000}, {&(0x7f0000001c00)="549fb9fc727264db2346f50a23d1a8c00672dd0ef5dca20aec8a5557bb52d743791a2f4d8450c1bd2fbafe3939c4135b5628e0a1ce6668dd56ef397b7bb6584ce633d346f9dcfd244766f3704acd7c5fa777069acea6521722c8ca61a865d42b967c08a511e42d7b6862068435c1d3ac6c9b1af0fb0d5f163cef3cb1432191fa2baa113db9ebc03061183878b5587201e8e4bb276c8916fddea41558933afc0f357edd6bd349e69395baf9eb0d35469990e743ca986a3245b6e586d25c1c061d30328ad61c19b070c422f6618474d31fc735aa08a1f1b84412e890fa36b568caf1c63a64adfc165d6deda4ee8e608f32b8acd44e11d64aaf446172db19e4390dfdc04d9e23795572154c47159e0e8efc9721f7f05367584780640e609432a869c8d6215e0f894f31a701852ff9ec66ebf31165b841f3c8e9826f67058d1551963309d61196bce50e27ba70c47ede87b61b0005354396ace3d47d26b02c10a10de23431d01c34f8bd0682c37fb5b937afe217b9492fbbd46648ae34c96f75bbc3efed70a6eb98859c9321b2c8339fa41fbee5d09986cbebb1146eb419f07158b5ea3929eae266e9c0a976091026aef5e816dc3376f5a4b8120e6721039480ad164a634e1e9e473e1215201d27837e33dcd3cadefd018cc5d4964a9814cce38172234941af58ae526ace1ac02699735c9c2e06ac25468b9f7902c0832986ee7ffbb1ca0dacb29cc2ccf588558223fdb7ce2d855548810ce8064bd786e6b1b7bb53ca503268817c83d87ea274ed9ce93e7a76a991ef99a84ebb71c5efaa44ee0a6b81d2db4d321a6cc88523500c612203ed033f6b6dc1c40bfa3575483d15a312db56d4fd77a7a771d02aca874981d4d0a87fc04327adbf3ee4485cd97ed18cfcb1c912643e99f179032047e86e8d83d011ebcf8f3e0d5476dc8bcc9c2d7f8cec8a52922cca7684f0331708dffee66dd1ff2df1d3f790347e0b8973d7b175fada8b651e82445b2220217515eb57c5672d19b26453492cfd5e7b0252d1614914785e87e50897e8c1bc26edcfc24e6d3fe56a57de70ad396fac300ee37353619682911a0b72806f2d1f3534fcab915ecd8710e2f495a517e4e279b27b5bb29f291be800b75b7161327dad2941380a5a85d682897558d45a39c096c10f9daba305b32f41b00e3eebaf05bca816b37d0ad321c3175621ed237dc9b02af8ff69f09a3001ae50dd8ee6173621467d8be64ca3a0a9fd4dc551deffeff234382b1b7b2a3e997ea11e53b1fcf0e6e6cd8cd36b3877efc22fcaa63262dafb73884c7583de19041bc2e125fbf2629d96fc911b0b0642078a57c76f612368c5b03db80c0f887bb3345fc1ef2b88f2858e4cf28c6aadaabda31e67b1ff2f8969cfaade5acc802b1d07230b3fe1b199f19cb41a0501ed343744587e8e63d472d195a1e8b2c0c5f4cfa480c95314222f55a617f49902567e986d4d82672528402e9c55ff40120be4d273301233ed55f7f799cfa2df31d206eeb3dfb45cfd270614f7c25605eedcf8f9ccca25b082aca38eb08136371effa2e236eed654ca8b28087c2c3f3a6c8acfd28d2402d38ae649bf39807a2267a8685d8603985f9bce1d81f8cc633d9e07f66afa30b646cd62d86e95a826c705baa5b4421090b8fbffb862abd578d0c275a3f9c29e7cfcc19e2a601fc394ae9787cc1c43872fa2e906ec9812de3aa6be1ee299dc88cf6f16d3f3928f388739e1e030fb7377866eae6a6d3ae168cbc419675f74cf075c01a27933aab0b7186cdd9d9217ec96621893578d25be39e29991ed7887ca7022f51254078ad9759fcf2091c521c077775987922eb8c87ec86a94dde2e3b7f092dd894549b64388adc5a83f259637c77a3e314bd1f9496b30ecf3aa318dd3bb779d1eba4df3e4b911c344d3464fd73c775e202edcb27224d597cda091bceea96e4582e9c05d0428bd9d08f49ab2c723ca19b86c5ffb3a9433194c82916914e274fa92197c47c230d7bec2748a7fdf530410808ef8997d3253c9cdb8eae665514e7b6701bb60785e5283a4e438bb4fe38ca07a8a4e55581e2c8548c7897a6d211616b91f2833169ec586495ec8dfe7a1d9ae6e06c528cbbb5403641f79af9c92ca376b9f5053086d3c36fc905722a39aad8e637d75a632fc2c9c4bf7a1aed9cebc5d0bf6f524214f55eea0d4f502df91df83187a19b8c89181af579b45fa808267a3e27a17bc05bb0b33173e9a85021fa1920d13ae186022e27946d35c2db943065befca3c6eae647032d928e275e5524ada71908be395cc6cd18939a3ebcfa08f8b804f8383c966bdd8ee4c39ff0a7010936dc2175db30468cfa9ecc60de3d956b76eaf64f8cadc7364ec53714448c93f7221982d730a1936c69aba6d564a040486bc241ca91bb36972c96f9b21d43ba519069009388db799bf0d73b7c6e051b71686c34a87d5d341942db1240f7e0681b1e5d7a120007adb638e40c9c20f9de7a71147745ad1f18359bd09d4bcbf2c4ac6362301fb29813effaba08a19c020966e2d8ede9469c6aac4231714e5350971a564f78e08025cf6140d826dd28bae00f6560c0da9f04fcb628f8896b97106f1150e50b5f825d080249b76b3698d5f20430b41bd5fd0788ec016d8ea49c41c5b9ab37df0fba791fe022051aface508475d2f791a6458359c8c634e5a646247fa171eaf084c0292d052b5d030f1ef9d4e9ad9b6785be560c9100fcf83fed55d17870340a9ae63fbc8670e1de04400bf665d2c6f8c112c1bdc7b99e1094592c16224b599d68fcdf14a37125a2c89ca43802802c7ed0e604b55a1b3a8257ee9ab6a6f82e5be841c08ed8e16bf1b39f2f30013cb611f6451d7389ed818c0a91513ae683509e1f18d25ba5012a7ef390d0ea8b2c8f284795a7c04e2e3e45cd9fd4cc010f97be337b3964cf38bad9282064b202bc58c2aa4a6c8e24073d5615474645d6ffc1c34d86444522f820837324c3c3e5db55fa3bd6661067db5f29856033bee83c180e8ef5bfd14dab8b886c41780796790a8a1124afd809ed715548e3dc58c60d84831e3f6dae4f428a848dbe6c9eadd91356c0d080dc6e8904f563310902f5cad87cfd87dc8d910e46bfc3d41dbb9075240ae5712d42ea28ff193c6974a9ad7edb85221de99ec65b43cccd9e6224de373391c9ff58bc938834c5937f9dad6eeea1a24a113c81aff8e79b608574063d91fe6de8961906cdae188036402316522abf9d5297d889dd259456e0aad199a6a8c52b3fca4f69784c0adc8c475b327ae43d12a1131f43b12569aaa3d2bb56347d44303b80af52b79a5b0bc118887fd060367ad2b1e822c70803c9771f25c0b6eb6707706c9e79e103956c5f65e97037481b65bcd3ea560b21d3f0c59779aaa1b129f1551b606c138f1cd9dbcce8826dd5f1eb0a46e41118d2145e8df3d3ebbe36ce5f12132c13c737cbe62bae2d8dff92d462e91dd8931615f43b9e49230d43b9d6ae6a0510c89f0e8ceb4c0599d756d84423b56e911d74ef43f9d79cfdfa8c951081cab567b2650b40fa02e20e1396c927b861e32c6dd7f09b43d48d44874afa463760901ddd92ace11788b656fc7661ac89442852af87bf7c2cd0424688e9192380a0145590337b4628b00cc103d4f0462e180eeef2eaadeec379307f5db2a7631e08a5c8695eeba7c1994e89525e52d93c820c1f8834239c0e9af04899ac96722cbff025720048841e5ad84a0c441789762042c8438b1b82890d2040749cb67052fb549438744977a190aa638aba397f5d6c9e802fa4ce5844fa308eeb3eb6a8ac3576d51818462839a5c449baeb8ffa1be566685f1bf7bb3f0aef720359458d10495f2e406e754f89abd1f80b495bb8559429d65e641a86f93cc41d20406162655865369afae6449cddb3e5c3f801282eb13853a6f4ef9fcea87f80bbfcba1fe888e2cf8ae6ece60e74dd904a42137743cf4d1dbedbd95cb4eb9671f771aa6c81fa716b3cc876c8b88644ebf407c49e55ae99b32bfb774803c72231af4b1892101d70bb828b2f63823316ddee3c6459ad2f35377862468708471d44b6f44cc0c1d29b02dd264ca3c24ece069ab46c23c4c4887a029794af74b93c71f0b50932c9406fbc309f85f81ed05862bb58c9d921761aa8455dedf42b744bf09807fe79aaee1be137c9ffda295d72b06f5b65217b5e2d999c201c1faf48cb8500a642976a7883d05952a1540aa4f45fa95b64bb39e433a5397242760521258c99cc635d1d710485e9dd80e452c625567b06325c6cac3c765f7d1f44c280a19fa3fac6504a41ed5c2adec0c5bb7cc5fd804ec12d08f66185e590eb28845797eae3f428b1e148d005acbd58c4a8ca856dd8cfc5de21f09b8ed02c1c60a045843f68891846690b064c18273c615af5c535d86862c0f40339de83731663380f879e18e8829bba3d3d02ca15435e0fceae19cb28a0c614ea253a8a9ca26974149546efb3d7fcc3e92a28ad8dddcd6f817a3056f10b274ac83f5296ee7e49614f4fb62552bbd7d1c74e84073105af8d6a0dae4efad12afbb6fd94155b55fe7519960c5cf5cd91d16b739fa9e4b42a6a8792d7c9182fc8b7bd30c76b64d53a613ae568fc5fcbc7b69e786c2972e9f406bf84a036d33bc0c9ac01242ab835d5ee9345108531bede81e371548ea5a548ea86da5c8b33f4d245a0ba3c68129a0fd0aaeed956d5dbe1665824b1f45ad064c4664fa3244fac7e561b1f3e79c73452016cd7b5be3a222b2687272689c660a94e543b483779b14707a16ebd4107b70b19ca86812292885b59e6c2c4c5606924e815afc1e03c6fd65af75aebeea3720849a630a58b659522c09645620301655affb8f0895ea4522d9b6dac461424c5e18481b3298b6f831b44bb83b1ddb641f08c781d2df289ac68f7170ec6e64db81df69aaeb4a29bbb930d96b9daca51ff284d331030c0c919926669e586374e9428e3a709839cd24ae91917697156e15ce40ac9ada0c1c638fd3dc136cdca0767056842a02ca8355ce6bed58d38fe2a825f235143b46bfa532a2cbf8d1d74aab55481b61beaf2cdcb6f5ac981038f1976a4a4d4fa8834bb8105d5a9fd6e2436c0e585f9e2e96f979cb9ff5aa1091c0abb971826c352bbe0869ec762fd86a3990b2339fff3ef32fdd9fb88e4fd999c11cd7277efc806dff3bf8151cb6cb855a088fd7c7ff083b608fe411f3b0d07a937682ad2df0409654143b7135c15259e1f7205a073f8691276fabb3891b9c47d509620d759c79b81fe30771e8e9a0734f4298a0014163616852566a63429d8ec39abc7dca4a479dd4351d07d32c144776ccb733cd28a0fe4a8b5ed8b80828304150bf3aa6de75074980995b15879f06fd53ace235a7fc3038d9e0ac48c453dfecfb6f46f65e0ff178960589dac7992945428f768c96da0aa299c3495a05f26f238d52fdc148de4f32296731c9b90ec785443d7ef8a3df6e8008347a45e0616d10e2ac7951a9a19bc9b685655f08edbb141d09a2a6d3748846acf187238b78c2c48d1f5ba145c7f1337c01f9c332165ac2611ae1d56b91eecabe525d9867d510326155d53cc2324c36277445c3e6986cedd996997aa84b243876c6a3e4a82aefbfeb8b069ebcc2fe2c3be026ca75f0acc345baffb5deaea2e1a499a5de1435f77ae29019fafd5f662765b705df110087c6e31e56e1d4a3fdf62661266c294c455dcc7bb2c3d6be8b436d6514b27c6a6a7d9f690756d8762bff7a34e41351a57b6a1d5c7364078725cafe69521c3532b7bb6ddad9f1e2", 0x1000}], 0x4, &(0x7f0000002c80)=[{0x108, 0x19f, 0x1f, "2dab67317eeedda7db1bacfc6e49197d40b9b4736a592bc601c66aefd4775818a74b1805b0d30a2ca2623dd2bc12637f721f2b06ddb0f1dbcbf46f75a30eb1c99a6c38fb364baeddd9bab55ba999900009b958180339bff60b77abb6b08b94fd48904b47216bf712329896e7bf832e3c7e2783f24a67e5fbef21ef304fc43f73dfaddfa4cf91950f07ec1dceb4c4f5bd03bd5db5c768ef772169cd94b9c3f55277eaa52338807c6eca39990a0abfea0b006b958b498eed73f914773310e3aab718a0c26ae361cb2c0e3dd0814667cccf8936ba911503e8d5b2bb24d5e191a8fd53c8308fb344ecbaf621fc3b585cdd11f4b1"}, {0x50, 0x119, 0x2, "11ae421ac885c53fb4489321db15eb6420fb87852ede63bd5271723aa8accb3103ab3fd84e1cb85b142e90542f2748df954089d970cecb7ac73677a3d0f0"}, {0xd0, 0x0, 0x401, "0cbd7ec1ece3124960c0db355b5d5ed33af7bb03bf25580bacf4c6856100d304ae679405daa97b2d0decf0c6d98b1f65c19dcce089568b0c92f0ffbd4badc0936bccf088dd33c1674a380dab0a526073761571aed5410f09a73520b9ace7bbc79d7246d016a83951752eb439f38ba2efa6235f154a8b8e72d1c421f266da9a08014f4cf45e0875cb93ab4891a635bc95d4249bcbdaddf86b293ed269bc15ede5be48a93b67d86546868b9cde0aa579d22fcfc17cc73e16b8ddee40"}], 0x228, 0x10}, 0x2f}, {{&(0x7f0000003100)=@ax25={0x3, {"8bacda7aa4e170"}, 0x7}, 0x80, &(0x7f0000004180), 0x0, 0x0, 0x0, 0x40000}, 0x400}, {{&(0x7f00000041c0)=@in6={0xa, 0x4e24, 0x101, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x5}, 0x80, &(0x7f0000004580)=[{&(0x7f0000004240)="fe424c878338bc94bab5b3f705944334de74268d99dd7a86c02e3e092a0fb2d0de770d463135ea05470f1de80c01fc1e9bdd25d5578f7b9b6555367b1c2b660229d46ba357a41f28a0cd05f33a5abb09e792847a1daa609945fd84ebfa29e2c551ca72fd3250a6a26474771a6cbf7ff59a194d0759c3b1920e1ee67b5158f47c4faf8179a74a86ccbbd9fb9612e55535011455e44c8aabca4be9b6179087b0cc186756234214d6428d33ae13853a81d2c3a36dee737817e44f81e58df5dc90ebc3e0bda385e4b6aac36229db6697e8666ae675baf9b2e9d1fc98422d8c3ad4ccd376bac8ea0a31", 0xe7}, {&(0x7f0000004440)="16d9ca2e5a36651caf0b812e38bd5b4f238bfdae97ca6704e100a181cdc359e77f0a2ebdae1734e41d446ffc08ae8ad0e06e793d7002d16d54caaaeaa5b46738f2f73c2e336a83b84e0cca9ce45c3aa7497ff086c19eb3451fbc5f3d09979401cf6f65a6c8cdcce13055d02c22f28b7910a11c38c9084bbe7319eeb987e023df07d5ac6dc1499b197217c7f2611662461b5d135707d741f2ddd426fd154927deb2e62241a393b4c7bfa3879a7e786e3be04fe8fd730b985e436d5db960ce13ad962030097458cee78ab085889b502983b5b5995206", 0xd5}], 0x2, &(0x7f00000045c0)=[{0x38, 0x19f, 0x8000, "b27266a0d4f024fe1618663b22539166c6d5f28246a1fd981971132100e7cb8e477466532f"}, {0x50, 0x11f, 0x2, "fa66186b48663776d869aceb221319631d744ce01ea3d2d849d4103d0429079e978fd1e094d2bbd9f261f2acd0f8a6eaf261d359fa2cf3eb731617"}, {0x10, 0x115, 0xffffffffffffffb5}], 0x98}}], 0x4, 0x0)

03:44:11 executing program 2:
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x20000003)
r1 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
connect(r0, &(0x7f00007a8000)=@generic={0x0, "8c36b043d081c3c1503af6a768406b9267f60ac286da2338bd8e3f6ba990189977170a0705ea90c13e26ba0b966b9b9d3289c8784f16963ce7c312649ce2996cd4e7126f704ab2546e516d216ed2fb7a95ff906185874a2d44029a01f46a380e73c5477efe9e01548612afd6c667be500d748038f499a492ef8fe4e62653"}, 0x3)

03:44:11 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha1_mb\x00'}, 0x58)
r2 = accept4(r1, 0x0, &(0x7f0000000180)=0x3d6, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ipv6_route\x00')
sendmmsg$unix(r2, &(0x7f00000005c0)=[{&(0x7f0000000600)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000540), 0x0, &(0x7f0000000580)}], 0x1, 0x0)
sendfile(r2, r3, &(0x7f00000002c0), 0x10000000000443)

03:44:11 executing program 2:
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x20000003)
r1 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
connect(r0, &(0x7f00007a8000)=@generic={0x0, "8c36b043d081c3c1503af6a768406b9267f60ac286da2338bd8e3f6ba990189977170a0705ea90c13e26ba0b966b9b9d3289c8784f16963ce7c312649ce2996cd4e7126f704ab2546e516d216ed2fb7a95ff906185874a2d44029a01f46a380e73c5477efe9e01548612afd6c667be500d748038f499a492ef8fe4e62653"}, 0x3)

03:44:11 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000003, 0x100000003)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000f65000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f00004aaffc)=0xfffffffffffffa1c, 0x4)
sendto$inet6(r1, &(0x7f00007a8fff), 0x0, 0xfffffefffffffffe, &(0x7f000006ffe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
sendmmsg(r1, &(0x7f0000008400)=[{{&(0x7f0000000040)=@l2={0x1f, 0x1000, {0x4, 0xecc, 0x0, 0xd, 0x6, 0x40}, 0x20, 0xff}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b524992aede785f8b922318d48bd444e766bca0f5bb8020ae2875481d56c6c3619", 0x21}], 0x1, &(0x7f00000001c0)=[{0x48, 0x1ff, 0x1000, "dc3f56667ee88ccc16a3ae37419d0555cbf5d9cb1a8700eddc5b53e8fdc374c0ab9b07da2a7a051a1527210ca34f56af5a7aad68"}], 0x48, 0x1bc994861b8f8b4c}, 0x92b}, {{&(0x7f00000008c0)=@un=@file={0x1, './file0\x00'}, 0x80, &(0x7f0000002c00)=[{&(0x7f0000000940)="80bf68c49a1de7ba879cdad7bdeac2e483f515a3f8ab340fab0f726dcb794ceb1a267df11c833e778c72e164a403d9d9cba2699dd35ff0a7f0c8b7c7167829de044e50287e4e4edb7c416c7e06eba2809633bd7e412a949ef89728d8e98550ae94710f3401984544fffdf2560f15bc01b17008cddfa8dc72a28472666c71a9dd92ab04369258c3cc968e51f9544a0ee58a5f7196e6", 0x95}, {&(0x7f0000000a80)="2ef322e6102c1f3ea5897107f72f63399a600c584ffe7ecf93863d2b6a01916e03538431e954a6d440f75d53d4359406fb1cbf0b7ec8e393518e7ad760eb0f636a82dc0c40c2c19230587cb9eb63d908b5f2f30fa4a7f21a3627435fb6fd21b71ae7944402e97c91615373536d96bb950826be585c6553c83f32f7b0c5790bb8ac16e0226b9f0ea6906662941da48f092e6b3ddbb9276d87456ad6dcfbb9ebd208ccdcda87fe1ac6b42a", 0xaa}, {&(0x7f0000000bc0)="322b7a8535fff9b5f9fe8b997ae0ce0f1601564e7420ad75ef3c316d8e5859b22750273c285869e93d9fcb204bcf423b5cd557d62783cc1e1812aa8b492e39d28d6263304c033b992a514145b6d8d0c4658a264bcaabf8330569dd4ce47d15036bae16af480efbf0476e7880cb0b424d72094c737342a3c038e6d632f801fb48e9902a2acedeee07ff09330c0744097d23c541e63512c7a5b381024b31abe029d82699150305aea84ecb9561fff69c28e93a6bbc45e9af7e040093bb60a6535fa266cb1eba41a74cc104bb81ffb10a0704e7e163a16744b2c9f6b6d59704bfabb47536394ef37cd87d980d7b5ce5495d76cd2b87a9602fde8563a9e5eb2d39e61c5db060e454b8ee7802214736799e892d4158874247d52dbbfb35588e18d966e4f4471cc053dc7d588f7c984dd25cf519775bbfa06ef46679262e682b8731d5921ef4beb183afb6e4c2419eae303e66f1cc07eda153fb6afd64eba1520e28ce42341ead88f616f9c4736c31d0166769aa3fef0d0c9ce231844e69953fd6890a30065bdaee4ba28ecf9c50580f0442bd0a7cc182a788ca52e007bf26ff17e9b1703efb682a95c8c4c76a9ceadf76adcaa56987ec8956724564e4d4bb1f5752027bb17a9eb4f6af2989bdaca99c8312f26d49f632814f5e4bdcca3226bedb6a32758c2c4c3a7d62fe9d9cfe83b2718cbdc57b2a606bb6d6ca66f3f4828151110687087e763e903c5788bc73a1a4d9c06bb1a2d1ae083322669ae445d0a0cd75b78ce7064c29709e65771fe85c858dc9180ac57f6f020a807b3689dd7c574bd7943a8acd54c5ca1b8c75c2a0a7e7156e5c4b0a0e0c8dd6ef63571dffc0c79ce670916b513cec9b09f46988fe6682201e3ed0998392ce356c0635f6e1fb892ac88fb9d17c186676861fd14f6eb4648112e5df87dc825eba6abba17a289a8748d6d01f6eac0d86e222f4a3214c75ffd0db4e3b9689c61422c8cd2ea5b78067f47a1879bb18d0fa8546bab3dd64a0c761a4c50bc724ede057b6e71060efa5ab97cbfb829873c5116f565d5410d6396ac8598df7b673625e0122157fa0e7302e939a64e45e902d661a5e2595fb54f4781d7afa40f3c5c45fee0e40571b78d447f73963d17dc18cefaf80e36a55654581abd47a9e6e4ba7b36e22685b2ef5806044387e8d40fecd637ee2fd1344053a62a1a84d62661276b4f5a9a1ef1fa88bd520fc8abafc6bf36045c467667865353a652614b2e9f39484c1c8c5f09ee18c7e5b87033218b544e6aab3c495b18e2ecde61fe10715911d865adcff4600b89a3c9557a504d3468e060e714e7de218d6cbc5aec79c275b4e61814d1f598fc39f84279e1e835a4411bd2b1b8d419bd68897ce5e245868c9246cdcb6ca081c72a377506cd5cb67a2133983e6868361b8ffaaed55d678441b1a4ddbc237641336d6515379c9cbf31f9df827c6e9801b8ac7a7db5d40ce6c4b1983d85fc3096ab7744bcb1ff5abba9179ba0e1798fd04c5145759eaa7acc8b042db4dfa5cae9c7b2420ecde4a06cbba8524166cc0045ab2a8f1ed02fef9b7a16983394848f008c7868c74a72f56e1dd5107f04c315d63c14c65958bae2d8caa732683ab5e4bab480503b01db2fcb8361c05222740e4d9fb661a487491c8b187b84e6625ea4e732ee67aa47a5a6cd46957e8a2e652c2e6a79fb0aaf2a2b012e0d364f571c86c7da3e073b2364033ee6447e96b76b6a858f546c0a3656fb807ed124729315183229660b35f5e18f6d5802f9af2fc871a76d1d7258a364b5ca7e901cda33e8700abfb404781be75442451a2fd6fd06659b18935a62da2b56054b933bfc0f5f48e389cf2bc21f4d7fbe63c459fca9212a16e0a7ed5ef902bbdd0a872d070f627f8ecaa71ac23556c3f1f8dc1b231ab4f6c85d6e6ec7a79d500792e1986472ceb61ec8be03b8c52e75c8ae50784e25ede4445fc40a4066fe7231ba53c401630a44dd63709449ef95d2cef189922a76715b4b0f1cab1d82abb21475fea8a278b836fda595cab52c601d1c67fea363064382f54ad918722f2dcc17f4b1e4c9143d6716a727dc0ac35ad9f1b064119295dd840d1b3dd459ac6e8292782e909b230675589e474a247a698886e4cd3bdfbeec60312516347d241652d87f3078977f24287d2100d6d7c2f3a1fa336f00f3ef1bc6a1982c705f6495a9d9f73b3234a8f2af51c510e5c454b260fa466765edb4d368f65c033c11b454d3fc50ba92255959b2f131182cf42c45b9260e3e1f6b7f67988b1eb555f01f9ceb15a3adb9d75691063a35c273a654345c91f1626414c30ac07ecb433bc98cc2053a8a469dfe3a66849fcb9470bc3fc1aa2b5945f4b57ae2ea912eb8f622e45a525dc32f3e71d0315b230d412b68f223087dbcc8400f7e890dd21834a49ad51bfb9723003247f795440f6da3a052f5248be9ed0520e99c3a13932b7d7134c5b63394a8f2cc5c488a98389d7b68d624cc2a16043870b30f3154050effebc16d86f4a10269a3ae2e53c3a31f9cb07c22dad3997dedca970c9b4292f72c0b8601fdf4d00779be581065e3a0df9f6793c367c4901e75c1e9a003782eb6311b2c2b5042efcb7ae9f902cd05925c673931f333b23c0f4a69c1fddaf1201eb370c068e21037c61b185343ef72584f133d61d773ef202fd374a6ddbc2c2edd90254dd1ba49a8253d6e63641bfe5a3de7154b170c70690ed433372f647d6537a8f379ceebaeb4b2765d0417fa61b548397b2b89b85c5b29ee425936d709b8817c18c306522a9b5f553cb2ce3497d6901bed69b95ae4a9f79b4e6835ebd993d367e407417766363db11683f3e1078703bfb760ca9875251e3b2d32cda3c5a7453888eb71e6e09004aceaf97b362f099ac9a518318aa35cafb5dcb9e1b1490e8c381eefa9eef2c84b52b6eed463b1e9bac326ded0dbffb534290c443594730edea3f90402560a3cceaf00f4f0156c166600558595b3e727bd074a98e572fe3aa880d46d48460c316c87e1d8e616582230f58b43b40aec53a6c71f077f1a810a84cf7291f7714de66b62182da97d1df13fc3648a0042b4900f9b1b1346dd024a5d79f8c9afeb08c11391098c80e255be8d64ad1fcf8811acf2d1e1cc7bb085707a9e299ac864ce0ff8e3b5a8fa3d114f7b05227d0752e41c0dc36a0fcd9ea35319cbe57a2bbe856ee0859978ceca7b9538442423d8fb92bf8c22668166ee72263ff9e2abbb1ce648445cbd0d7428d6d2f860917b0e8a549d6854ac69827918373e4f648a243d21d65cd1fdd44f25c0a6b22c8b041425d8dfdd6c4c4318f7f6dd573c07ec95046098a8007554cecddd007a478a2dd03c6c0e754f621026441a7b1651d1b31c8a54e98150a578eca9161dc7690cf7481bdf8a2f371eee6428b94f4e4c7b8d31b8eae3cd552f2f6d52bb60a9ec633609cc116c5c3d5bb83121abd4224aef8fda4332800af9941de05c6f6eb196abebfd6217081b7d52f767820274620e250601dfcfd7c80b2525bbee08c493a7fff10eb794fdd37d8a9355165beedfa043042740fb19496c26de1bbbe8e14a3f16fc76ac27844313bcc8dd4c2fb34e3bcde30f77b05525e9267e8bd893ca6fbb257c641768102696b5e3d48dd1684f0133a7dd3915b3f2a5077a9e2a4fa8531ba92de518d71971ab4a33b028c9941e9633dc7b7a6c0690e3f04024107f0a9d1e9cc2850a398ec3d54333089465223903230c14b0dc70ab6038dd46454db534cb7a033dbfd6f4af6e1a872a35b79245d658a6e63ae42adcd615f35216127412752b5c69216e1f0cc99954b3e0519a0492f0659c0408d01b6d224bdd9d3801e477d08533b16aef8755827980ee8707ff8603e43209a383800d56491dbfa44369fd41e910ee33669ed70294404cf89d940649f7725c9e006feb9b341073178bb2342a5346dbd10aa4647f6dab1e06465b42f8b6d77f7d4b254ca04dab32fabd17fb5b8d6b1124a32717b5923f01590e589945ede1221760f3ec3fa010f5cd4c6d717e3afab14523776ca4d519318d69743885d4dc7a77b79f1b1408fe3bce01e842ca0cd81e39e828f775572ea646af048fca57ef6b428deb80d2b75bef775d82da8e3196795e34c557c9cb565e8c7bf4a955ae305f9633d69d3269bcfaec69ced0da7cdcbf1ac18719292eeb58f379a01a61b060c9ba062f822e682290e0dbd19ec0c091f8028e1f7d7d488ff8084e63b63aed0f98aafc403cde7f12a6fc5e70fc7d4c000193c2baaefbba71d6fef29fd58a7391fbc1f0bbbdf67ff6fbad9289f74c43b383b8fa3dbba3cc55bc5739d691c40496895bebf438825fba0a7cb7ed073ef628fe8788c8884407dfbdb76cbb4cf15d6d3ae8ecbe4c3d618037d5eca6589a5495762feaee8e7f94c67cd4acecb075a57bf5ca9e8fae3ab090f222c7989b24fc8103febadb5bd3f1452def1c3da625c98488636fc15f75f13fb260b65a29fc2e6f578b79149174b7453d47b66ec6725b6abc2d40d9ccd257f59606df87adc73ab7177907df10c0e282869efb0ff2ad55f738b5abb587594d4f5a5380884cdce6ca9a588ddb62b5270c87b329df04aad5716e68bdee585ac38dcdad4d19ddc968ace69d4a6a5ab408a4da394234c9a36376f42c60a8d0924dd0944b1167bb31e3a4f01adeca5512ba504885b2357a5cd847bc63c457500771698dce3bb1a72707c60168e33176a2134e41126c4de0eb610fcc8207961ec161b77401115a0d26123b909187c3b0e08dbe78d569e2f0400cb133868fd689b28017de0886e11713cc714cf06ef2ff1bd5dea7487e0a91420c7bfe4f24077ba98f344fdb0707892390eaa92b8a7786f1a50288b0c94fa017dd4076b87f55544195ad1279b527dcf17d0cbfdfa4ad8ea1eb9972ff8b181d82a3a52ecf1812f329cf2e4088773dca0f75642120ee933ade87e39609581052a4cc521d18340ebe2a110673e545f45d36314ecfa33e15b813b1220a49a1e66f7c09c8332a63e79cc470f3813408231f46801281c5b389c20f8d96d40dfb3bc97b92bd6f063a50e8cd354b41246750f63afed05a3a7341d498977971dc21e1ec942690610db9100fe5c4ba3a9f8368cb3cfb72938f4cb681d94338b66690f6d470c80e0d815d45ca30d7795c0b5f513f33f3906a2db44b7a46083c6f07df28b51baa45dd38f4a7855ed5e05b6f257539877b0af38717ac4b83793cebac964408d680cbd395d9d6a4f881ecd8756711da04bd537061a70dc4f9080281bf6675ad727d62d74e5f42d84f32edbc4a98164d0a03a7a3d9aa63f6f47eed0d5cc61d6393940dc780f24e093c1e3a544c63820c710413dd863cd573657f4e5e3a440c76b8a0ed7c108cfaf800194738e9c15fbdaa2311414af984b88f46f7828c43fac0653db8d82d8b3ae31f4ee7fa64963808a0362d05ece1ad161fc9ccfe6b036bfbcbbc5d390828cbaca8266516bef5ffbb55311d2dbb6813d4089a9ef38cd45d1c2ea3ffaf04381d58cfb9d773c7de4c28b825c828dc4ba2687491200f1e40d9be077bb0043e850452fbbf960a9ab9865fbcd1bbbeb07a6b49989d16f2c7ad1660aa97378cfb1d267dad3afd3e0cf6937a1b12116d6b599ab732a6fab232585751e6b5e0d9f03820b05500d60b18a07d8969f3ca6336415e6ebe1dda363a552968497601f6c7e1261d7638bec814644f41048e3d2951f8794fbe3e96eb1d8c1399e9c18adc5cdb8117190281c8036220fdf3b550cd10ce0bacd3a98c46b401ded2514f41e0595dfcae77ad978ff9ba1e0a45c95ee9c", 0x1000}, {&(0x7f0000001c00)="549fb9fc727264db2346f50a23d1a8c00672dd0ef5dca20aec8a5557bb52d743791a2f4d8450c1bd2fbafe3939c4135b5628e0a1ce6668dd56ef397b7bb6584ce633d346f9dcfd244766f3704acd7c5fa777069acea6521722c8ca61a865d42b967c08a511e42d7b6862068435c1d3ac6c9b1af0fb0d5f163cef3cb1432191fa2baa113db9ebc03061183878b5587201e8e4bb276c8916fddea41558933afc0f357edd6bd349e69395baf9eb0d35469990e743ca986a3245b6e586d25c1c061d30328ad61c19b070c422f6618474d31fc735aa08a1f1b84412e890fa36b568caf1c63a64adfc165d6deda4ee8e608f32b8acd44e11d64aaf446172db19e4390dfdc04d9e23795572154c47159e0e8efc9721f7f05367584780640e609432a869c8d6215e0f894f31a701852ff9ec66ebf31165b841f3c8e9826f67058d1551963309d61196bce50e27ba70c47ede87b61b0005354396ace3d47d26b02c10a10de23431d01c34f8bd0682c37fb5b937afe217b9492fbbd46648ae34c96f75bbc3efed70a6eb98859c9321b2c8339fa41fbee5d09986cbebb1146eb419f07158b5ea3929eae266e9c0a976091026aef5e816dc3376f5a4b8120e6721039480ad164a634e1e9e473e1215201d27837e33dcd3cadefd018cc5d4964a9814cce38172234941af58ae526ace1ac02699735c9c2e06ac25468b9f7902c0832986ee7ffbb1ca0dacb29cc2ccf588558223fdb7ce2d855548810ce8064bd786e6b1b7bb53ca503268817c83d87ea274ed9ce93e7a76a991ef99a84ebb71c5efaa44ee0a6b81d2db4d321a6cc88523500c612203ed033f6b6dc1c40bfa3575483d15a312db56d4fd77a7a771d02aca874981d4d0a87fc04327adbf3ee4485cd97ed18cfcb1c912643e99f179032047e86e8d83d011ebcf8f3e0d5476dc8bcc9c2d7f8cec8a52922cca7684f0331708dffee66dd1ff2df1d3f790347e0b8973d7b175fada8b651e82445b2220217515eb57c5672d19b26453492cfd5e7b0252d1614914785e87e50897e8c1bc26edcfc24e6d3fe56a57de70ad396fac300ee37353619682911a0b72806f2d1f3534fcab915ecd8710e2f495a517e4e279b27b5bb29f291be800b75b7161327dad2941380a5a85d682897558d45a39c096c10f9daba305b32f41b00e3eebaf05bca816b37d0ad321c3175621ed237dc9b02af8ff69f09a3001ae50dd8ee6173621467d8be64ca3a0a9fd4dc551deffeff234382b1b7b2a3e997ea11e53b1fcf0e6e6cd8cd36b3877efc22fcaa63262dafb73884c7583de19041bc2e125fbf2629d96fc911b0b0642078a57c76f612368c5b03db80c0f887bb3345fc1ef2b88f2858e4cf28c6aadaabda31e67b1ff2f8969cfaade5acc802b1d07230b3fe1b199f19cb41a0501ed343744587e8e63d472d195a1e8b2c0c5f4cfa480c95314222f55a617f49902567e986d4d82672528402e9c55ff40120be4d273301233ed55f7f799cfa2df31d206eeb3dfb45cfd270614f7c25605eedcf8f9ccca25b082aca38eb08136371effa2e236eed654ca8b28087c2c3f3a6c8acfd28d2402d38ae649bf39807a2267a8685d8603985f9bce1d81f8cc633d9e07f66afa30b646cd62d86e95a826c705baa5b4421090b8fbffb862abd578d0c275a3f9c29e7cfcc19e2a601fc394ae9787cc1c43872fa2e906ec9812de3aa6be1ee299dc88cf6f16d3f3928f388739e1e030fb7377866eae6a6d3ae168cbc419675f74cf075c01a27933aab0b7186cdd9d9217ec96621893578d25be39e29991ed7887ca7022f51254078ad9759fcf2091c521c077775987922eb8c87ec86a94dde2e3b7f092dd894549b64388adc5a83f259637c77a3e314bd1f9496b30ecf3aa318dd3bb779d1eba4df3e4b911c344d3464fd73c775e202edcb27224d597cda091bceea96e4582e9c05d0428bd9d08f49ab2c723ca19b86c5ffb3a9433194c82916914e274fa92197c47c230d7bec2748a7fdf530410808ef8997d3253c9cdb8eae665514e7b6701bb60785e5283a4e438bb4fe38ca07a8a4e55581e2c8548c7897a6d211616b91f2833169ec586495ec8dfe7a1d9ae6e06c528cbbb5403641f79af9c92ca376b9f5053086d3c36fc905722a39aad8e637d75a632fc2c9c4bf7a1aed9cebc5d0bf6f524214f55eea0d4f502df91df83187a19b8c89181af579b45fa808267a3e27a17bc05bb0b33173e9a85021fa1920d13ae186022e27946d35c2db943065befca3c6eae647032d928e275e5524ada71908be395cc6cd18939a3ebcfa08f8b804f8383c966bdd8ee4c39ff0a7010936dc2175db30468cfa9ecc60de3d956b76eaf64f8cadc7364ec53714448c93f7221982d730a1936c69aba6d564a040486bc241ca91bb36972c96f9b21d43ba519069009388db799bf0d73b7c6e051b71686c34a87d5d341942db1240f7e0681b1e5d7a120007adb638e40c9c20f9de7a71147745ad1f18359bd09d4bcbf2c4ac6362301fb29813effaba08a19c020966e2d8ede9469c6aac4231714e5350971a564f78e08025cf6140d826dd28bae00f6560c0da9f04fcb628f8896b97106f1150e50b5f825d080249b76b3698d5f20430b41bd5fd0788ec016d8ea49c41c5b9ab37df0fba791fe022051aface508475d2f791a6458359c8c634e5a646247fa171eaf084c0292d052b5d030f1ef9d4e9ad9b6785be560c9100fcf83fed55d17870340a9ae63fbc8670e1de04400bf665d2c6f8c112c1bdc7b99e1094592c16224b599d68fcdf14a37125a2c89ca43802802c7ed0e604b55a1b3a8257ee9ab6a6f82e5be841c08ed8e16bf1b39f2f30013cb611f6451d7389ed818c0a91513ae683509e1f18d25ba5012a7ef390d0ea8b2c8f284795a7c04e2e3e45cd9fd4cc010f97be337b3964cf38bad9282064b202bc58c2aa4a6c8e24073d5615474645d6ffc1c34d86444522f820837324c3c3e5db55fa3bd6661067db5f29856033bee83c180e8ef5bfd14dab8b886c41780796790a8a1124afd809ed715548e3dc58c60d84831e3f6dae4f428a848dbe6c9eadd91356c0d080dc6e8904f563310902f5cad87cfd87dc8d910e46bfc3d41dbb9075240ae5712d42ea28ff193c6974a9ad7edb85221de99ec65b43cccd9e6224de373391c9ff58bc938834c5937f9dad6eeea1a24a113c81aff8e79b608574063d91fe6de8961906cdae188036402316522abf9d5297d889dd259456e0aad199a6a8c52b3fca4f69784c0adc8c475b327ae43d12a1131f43b12569aaa3d2bb56347d44303b80af52b79a5b0bc118887fd060367ad2b1e822c70803c9771f25c0b6eb6707706c9e79e103956c5f65e97037481b65bcd3ea560b21d3f0c59779aaa1b129f1551b606c138f1cd9dbcce8826dd5f1eb0a46e41118d2145e8df3d3ebbe36ce5f12132c13c737cbe62bae2d8dff92d462e91dd8931615f43b9e49230d43b9d6ae6a0510c89f0e8ceb4c0599d756d84423b56e911d74ef43f9d79cfdfa8c951081cab567b2650b40fa02e20e1396c927b861e32c6dd7f09b43d48d44874afa463760901ddd92ace11788b656fc7661ac89442852af87bf7c2cd0424688e9192380a0145590337b4628b00cc103d4f0462e180eeef2eaadeec379307f5db2a7631e08a5c8695eeba7c1994e89525e52d93c820c1f8834239c0e9af04899ac96722cbff025720048841e5ad84a0c441789762042c8438b1b82890d2040749cb67052fb549438744977a190aa638aba397f5d6c9e802fa4ce5844fa308eeb3eb6a8ac3576d51818462839a5c449baeb8ffa1be566685f1bf7bb3f0aef720359458d10495f2e406e754f89abd1f80b495bb8559429d65e641a86f93cc41d20406162655865369afae6449cddb3e5c3f801282eb13853a6f4ef9fcea87f80bbfcba1fe888e2cf8ae6ece60e74dd904a42137743cf4d1dbedbd95cb4eb9671f771aa6c81fa716b3cc876c8b88644ebf407c49e55ae99b32bfb774803c72231af4b1892101d70bb828b2f63823316ddee3c6459ad2f35377862468708471d44b6f44cc0c1d29b02dd264ca3c24ece069ab46c23c4c4887a029794af74b93c71f0b50932c9406fbc309f85f81ed05862bb58c9d921761aa8455dedf42b744bf09807fe79aaee1be137c9ffda295d72b06f5b65217b5e2d999c201c1faf48cb8500a642976a7883d05952a1540aa4f45fa95b64bb39e433a5397242760521258c99cc635d1d710485e9dd80e452c625567b06325c6cac3c765f7d1f44c280a19fa3fac6504a41ed5c2adec0c5bb7cc5fd804ec12d08f66185e590eb28845797eae3f428b1e148d005acbd58c4a8ca856dd8cfc5de21f09b8ed02c1c60a045843f68891846690b064c18273c615af5c535d86862c0f40339de83731663380f879e18e8829bba3d3d02ca15435e0fceae19cb28a0c614ea253a8a9ca26974149546efb3d7fcc3e92a28ad8dddcd6f817a3056f10b274ac83f5296ee7e49614f4fb62552bbd7d1c74e84073105af8d6a0dae4efad12afbb6fd94155b55fe7519960c5cf5cd91d16b739fa9e4b42a6a8792d7c9182fc8b7bd30c76b64d53a613ae568fc5fcbc7b69e786c2972e9f406bf84a036d33bc0c9ac01242ab835d5ee9345108531bede81e371548ea5a548ea86da5c8b33f4d245a0ba3c68129a0fd0aaeed956d5dbe1665824b1f45ad064c4664fa3244fac7e561b1f3e79c73452016cd7b5be3a222b2687272689c660a94e543b483779b14707a16ebd4107b70b19ca86812292885b59e6c2c4c5606924e815afc1e03c6fd65af75aebeea3720849a630a58b659522c09645620301655affb8f0895ea4522d9b6dac461424c5e18481b3298b6f831b44bb83b1ddb641f08c781d2df289ac68f7170ec6e64db81df69aaeb4a29bbb930d96b9daca51ff284d331030c0c919926669e586374e9428e3a709839cd24ae91917697156e15ce40ac9ada0c1c638fd3dc136cdca0767056842a02ca8355ce6bed58d38fe2a825f235143b46bfa532a2cbf8d1d74aab55481b61beaf2cdcb6f5ac981038f1976a4a4d4fa8834bb8105d5a9fd6e2436c0e585f9e2e96f979cb9ff5aa1091c0abb971826c352bbe0869ec762fd86a3990b2339fff3ef32fdd9fb88e4fd999c11cd7277efc806dff3bf8151cb6cb855a088fd7c7ff083b608fe411f3b0d07a937682ad2df0409654143b7135c15259e1f7205a073f8691276fabb3891b9c47d509620d759c79b81fe30771e8e9a0734f4298a0014163616852566a63429d8ec39abc7dca4a479dd4351d07d32c144776ccb733cd28a0fe4a8b5ed8b80828304150bf3aa6de75074980995b15879f06fd53ace235a7fc3038d9e0ac48c453dfecfb6f46f65e0ff178960589dac7992945428f768c96da0aa299c3495a05f26f238d52fdc148de4f32296731c9b90ec785443d7ef8a3df6e8008347a45e0616d10e2ac7951a9a19bc9b685655f08edbb141d09a2a6d3748846acf187238b78c2c48d1f5ba145c7f1337c01f9c332165ac2611ae1d56b91eecabe525d9867d510326155d53cc2324c36277445c3e6986cedd996997aa84b243876c6a3e4a82aefbfeb8b069ebcc2fe2c3be026ca75f0acc345baffb5deaea2e1a499a5de1435f77ae29019fafd5f662765b705df110087c6e31e56e1d4a3fdf62661266c294c455dcc7bb2c3d6be8b436d6514b27c6a6a7d9f690756d8762bff7a34e41351a57b6a1d5c7364078725cafe69521c3532b7bb6ddad9f1e2", 0x1000}], 0x4, &(0x7f0000002c80)=[{0x108, 0x19f, 0x1f, "2dab67317eeedda7db1bacfc6e49197d40b9b4736a592bc601c66aefd4775818a74b1805b0d30a2ca2623dd2bc12637f721f2b06ddb0f1dbcbf46f75a30eb1c99a6c38fb364baeddd9bab55ba999900009b958180339bff60b77abb6b08b94fd48904b47216bf712329896e7bf832e3c7e2783f24a67e5fbef21ef304fc43f73dfaddfa4cf91950f07ec1dceb4c4f5bd03bd5db5c768ef772169cd94b9c3f55277eaa52338807c6eca39990a0abfea0b006b958b498eed73f914773310e3aab718a0c26ae361cb2c0e3dd0814667cccf8936ba911503e8d5b2bb24d5e191a8fd53c8308fb344ecbaf621fc3b585cdd11f4b1"}, {0x50, 0x119, 0x2, "11ae421ac885c53fb4489321db15eb6420fb87852ede63bd5271723aa8accb3103ab3fd84e1cb85b142e90542f2748df954089d970cecb7ac73677a3d0f0"}, {0xd0, 0x0, 0x401, "0cbd7ec1ece3124960c0db355b5d5ed33af7bb03bf25580bacf4c6856100d304ae679405daa97b2d0decf0c6d98b1f65c19dcce089568b0c92f0ffbd4badc0936bccf088dd33c1674a380dab0a526073761571aed5410f09a73520b9ace7bbc79d7246d016a83951752eb439f38ba2efa6235f154a8b8e72d1c421f266da9a08014f4cf45e0875cb93ab4891a635bc95d4249bcbdaddf86b293ed269bc15ede5be48a93b67d86546868b9cde0aa579d22fcfc17cc73e16b8ddee40"}], 0x228, 0x10}, 0x2f}, {{&(0x7f0000003100)=@ax25={0x3, {"8bacda7aa4e170"}, 0x7}, 0x80, &(0x7f0000004180), 0x0, 0x0, 0x0, 0x40000}, 0x400}, {{&(0x7f00000041c0)=@in6={0xa, 0x4e24, 0x101, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x5}, 0x80, &(0x7f0000004580)=[{&(0x7f0000004240)="fe424c878338bc94bab5b3f705944334de74268d99dd7a86c02e3e092a0fb2d0de770d463135ea05470f1de80c01fc1e9bdd25d5578f7b9b6555367b1c2b660229d46ba357a41f28a0cd05f33a5abb09e792847a1daa609945fd84ebfa29e2c551ca72fd3250a6a26474771a6cbf7ff59a194d0759c3b1920e1ee67b5158f47c4faf8179a74a86ccbbd9fb9612e55535011455e44c8aabca4be9b6179087b0cc186756234214d6428d33ae13853a81d2c3a36dee737817e44f81e58df5dc90ebc3e0bda385e4b6aac36229db6697e8666ae675baf9b2e9d1fc98422d8c3ad4ccd376bac8ea0a31", 0xe7}, {&(0x7f0000004440)="16d9ca2e5a36651caf0b812e38bd5b4f238bfdae97ca6704e100a181cdc359e77f0a2ebdae1734e41d446ffc08ae8ad0e06e793d7002d16d54caaaeaa5b46738f2f73c2e336a83b84e0cca9ce45c3aa7497ff086c19eb3451fbc5f3d09979401cf6f65a6c8cdcce13055d02c22f28b7910a11c38c9084bbe7319eeb987e023df07d5ac6dc1499b197217c7f2611662461b5d135707d741f2ddd426fd154927deb2e62241a393b4c7bfa3879a7e786e3be04fe8fd730b985e436d5db960ce13ad962030097458cee78ab085889b502983b5b5995206", 0xd5}], 0x2, &(0x7f00000045c0)=[{0x38, 0x19f, 0x8000, "b27266a0d4f024fe1618663b22539166c6d5f28246a1fd981971132100e7cb8e477466532f"}, {0x50, 0x11f, 0x2, "fa66186b48663776d869aceb221319631d744ce01ea3d2d849d4103d0429079e978fd1e094d2bbd9f261f2acd0f8a6eaf261d359fa2cf3eb731617"}, {0x10, 0x115, 0xffffffffffffffb5}], 0x98}}], 0x4, 0x0)

03:44:11 executing program 7:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000540)=@nat={'nat\x00', 0x19, 0x3, 0x400, [0x20000140, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000100), &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0xb, 0x0, 0x0, 'sit0\x00', 'gre0\x00', 'veth0_to_bond\x00', 'syzkaller0\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xa0, 0x108, 0x140, [@vlan={'vlan\x00', 0x8}]}, [@snat={'snat\x00', 0x10, {{@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}}}, @common=@STANDARD={'\x00', 0x8}]}, @common=@dnat={'dnat\x00', 0x10, {{@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x2, [{{{0x9, 0x0, 0x0, 'ip6_vti0\x00', 'dummy0\x00', 'vlan0\x00', 'ifb0\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], 0xe8, 0x120, 0x150, [@ip6={'ip6\x00', 0x50, {{@mcast1={0xff, 0x1, [], 0x1}, @dev={0xfe, 0x80}}}}]}, [@arpreply={'arpreply\x00', 0x10, {{@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8}}, {{{0x3, 0x0, 0x0, 'ip6tnl0\x00', 'ip6gretap0\x00', 'sit0\x00', 'ip6gre0\x00', @empty, [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0xa8, 0xe0}, [@snat={'snat\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2}}}}]}, @snat={'snat\x00', 0x10, {{@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}}}}}]}]}, 0x478)

03:44:11 executing program 6:
r0 = syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x105082)
r1 = memfd_create(&(0x7f0000000140)="000000008c00000000000000000000", 0x0)
pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r1, &(0x7f00000ddff8)=0x40000, 0x102002f01)

03:44:11 executing program 0:

03:44:11 executing program 5:

03:44:11 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f00000000c0)="b8679a00000f23d00f21f8352000000a0f23f8360f4864c563b9800000c00f3235010000000f30642e660f2e188fc86095ff0066ba2000ec660f3807a431224a000066baf80cb83ccaec8cef66bafc0cb801000000ef66b880008ee8650f005725", 0x61}], 0x1, 0x24, &(0x7f00000002c0), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x10004, 0x0, 0x0, 0x2000, &(0x7f0000017000/0x2000)=nil})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[ 1512.241543] device bridge_slave_1 left promiscuous mode
[ 1512.247122] bridge0: port 2(bridge_slave_1) entered disabled state
03:44:11 executing program 7:

[ 1512.317289] device bridge_slave_0 left promiscuous mode
[ 1512.322799] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1512.409688] team0 (unregistering): Port device team_slave_1 removed
[ 1512.419731] team0 (unregistering): Port device team_slave_0 removed
[ 1512.428779] bond0 (unregistering): Releasing backup interface bond_slave_1
[ 1512.441899] bond0 (unregistering): Releasing backup interface bond_slave_0
[ 1512.461442] bond0 (unregistering): Released all slaves
[ 1513.423111] IPVS: ftp: loaded support on port[0] = 21
[ 1513.725567] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1513.732325] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1513.739380] device bridge_slave_0 entered promiscuous mode
[ 1513.761869] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1513.768277] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1513.775143] device bridge_slave_1 entered promiscuous mode
[ 1513.802307] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 1513.826530] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 1513.887422] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 1513.912418] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 1514.005747] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 1514.012882] team0: Port device team_slave_0 added
[ 1514.034797] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 1514.042763] team0: Port device team_slave_1 added
[ 1514.064036] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1514.087010] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1514.111482] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1514.135434] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 1514.142519] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1514.150496] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1514.338487] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1514.344911] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1514.351548] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1514.357899] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1514.364954] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 1515.153096] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1515.168150] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1515.230096] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 1515.307703] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 1515.313913] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1515.321107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1515.391241] 8021q: adding VLAN 0 to HW filter on device team0
03:45:14 executing program 0:

03:45:14 executing program 2:
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x20000003)
r1 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
connect(r0, &(0x7f00007a8000)=@generic={0x0, "8c36b043d081c3c1503af6a768406b9267f60ac286da2338bd8e3f6ba990189977170a0705ea90c13e26ba0b966b9b9d3289c8784f16963ce7c312649ce2996cd4e7126f704ab2546e516d216ed2fb7a95ff906185874a2d44029a01f46a380e73c5477efe9e01548612afd6c667be500d748038f499a492ef8fe4e62653"}, 0x3)

03:45:14 executing program 5:

03:45:14 executing program 6:
r0 = syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x105082)
r1 = memfd_create(&(0x7f0000000140)="000000008c00000000000000000000", 0x0)
pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r1, &(0x7f00000ddff8)=0x40000, 0x102002f01)

03:45:14 executing program 7:

03:45:14 executing program 4:

03:45:14 executing program 1:

03:45:14 executing program 3:

03:45:14 executing program 1:

03:45:14 executing program 4:

03:45:15 executing program 5:

03:45:15 executing program 0:

03:45:15 executing program 7:

03:45:15 executing program 2:
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x20000003)
r1 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
connect(r0, &(0x7f00007a8000)=@generic={0x0, "8c36b043d081c3c1503af6a768406b9267f60ac286da2338bd8e3f6ba990189977170a0705ea90c13e26ba0b966b9b9d3289c8784f16963ce7c312649ce2996cd4e7126f704ab2546e516d216ed2fb7a95ff906185874a2d44029a01f46a380e73c5477efe9e01548612afd6c667be500d748038f499a492ef8fe4e62653"}, 0x3)

03:45:15 executing program 5:

03:45:15 executing program 1:

03:45:15 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x201, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000040))
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
r2 = syz_open_pts(r1, 0x800)
read(r2, &(0x7f0000000080)=""/19, 0xffffff5c)

[ 1576.002198] device bridge_slave_1 left promiscuous mode
[ 1576.007751] bridge0: port 2(bridge_slave_1) entered disabled state
03:45:15 executing program 7:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x250}]})

03:45:15 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TIOCSCTTY(r0, 0x540e, 0x0)

03:45:15 executing program 5:
r0 = socket$inet(0x10, 0x3, 0x6)
sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002031f001cfffd946fa2830020200a000900020002e700000200a3a20404ff7e", 0x24}], 0x1}, 0x0)

03:45:15 executing program 1:
syz_emit_ethernet(0x72, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2}, @link_local={0x1, 0x80, 0xc2}, [], {@ipv4={0x800, {{0x8, 0x4, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @rand_addr, {[@timestamp={0x44, 0xc, 0x6, 0x3, 0x0, [{[@multicast1=0xe0000001]}]}]}}, @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}, {0x8, 0x88be, 0x0, {{0x0, 0x1}, 0x1}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2}, 0x2}}, {0x8, 0x6558}}}}}}, &(0x7f0000000040))

[ 1576.084554] device bridge_slave_0 left promiscuous mode
[ 1576.090103] bridge0: port 1(bridge_slave_0) entered disabled state
03:45:15 executing program 6:
perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
fallocate(r0, 0x11, 0x6, 0x10000)

03:45:15 executing program 5:
sched_setattr(0x0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='gid_map\x00')
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
r2 = syz_open_pts(r1, 0x4000000000000002)
r3 = dup3(r2, r0, 0x0)
ioctl$TCXONC(r3, 0x540a, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000580)}}, 0x20)
ioctl$TCXONC(r2, 0x540a, 0x1)

[ 1576.218796] team0 (unregistering): Port device team_slave_1 removed
[ 1576.236918] team0 (unregistering): Port device team_slave_0 removed
[ 1576.245815] bond0 (unregistering): Releasing backup interface bond_slave_1
[ 1576.261067] bond0 (unregistering): Releasing backup interface bond_slave_0
[ 1576.278705] bond0 (unregistering): Released all slaves
[ 1577.296283] IPVS: ftp: loaded support on port[0] = 21
[ 1577.674971] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1577.681396] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1577.688382] device bridge_slave_0 entered promiscuous mode
[ 1577.711745] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1577.718203] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1577.725304] device bridge_slave_1 entered promiscuous mode
[ 1577.747990] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[ 1577.773406] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[ 1577.837865] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 1577.864905] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 1577.890224] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
[ 1577.897103] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1577.921102] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
[ 1577.927972] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1577.993659] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[ 1578.000779] team0: Port device team_slave_0 added
[ 1578.022768] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[ 1578.029867] team0: Port device team_slave_1 added
[ 1578.052201] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1578.077867] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1578.104191] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[ 1578.111285] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1578.119809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1578.138419] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[ 1578.145530] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1578.153838] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1578.363257] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1578.369663] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1578.376402] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1578.382800] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1578.389961] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[ 1578.912419] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1579.198117] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1579.275755] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[ 1579.354706] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[ 1579.360908] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1579.367974] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1579.441214] 8021q: adding VLAN 0 to HW filter on device team0
03:45:18 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0xf503}, 0xc, &(0x7f0000000280)={&(0x7f0000000040)={0x14, 0x27, 0xffffffffffffffff, 0x0, 0x0, {0xb}}, 0x14}, 0x1}, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x100, 0x544bc669ee2f4349)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000000c0)={<r2=>0x0}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000140)={r2, 0x100}, &(0x7f0000000180)=0x8)
recvmsg(r0, &(0x7f0000002ac0)={&(0x7f0000001700)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @multicast2}}}, 0x80, &(0x7f0000001a40), 0x0, &(0x7f0000001ac0)=""/4096, 0x1000}, 0x0)

03:45:18 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000)

03:45:18 executing program 2:
prctl$setmm(0x23, 0xffffffffffffffff, &(0x7f0000ffc000/0x3000)=nil)

03:45:18 executing program 7:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x250}]})

03:45:18 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000040))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000140)="f20f330f3804ce0f01cf3e3e2e6426640f38cc3d66b8010000000f01d9a50f01dfdcf9650f017479b839010f00d8", 0x2e}], 0x1, 0x0, &(0x7f00000001c0), 0x0)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="144c48d61f66c2"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)
write$binfmt_elf64(r0, &(0x7f00000001c0)={{0x7f, 0x45, 0x4c, 0x46, 0x3ff, 0xffffffffffffff68, 0x8000000000, 0x3b884822, 0x4, 0x3, 0x3e, 0x8f58, 0x3a6, 0x40, 0x128, 0x1, 0x1, 0x38, 0x1, 0x100, 0xffff, 0x98}, [{0x0, 0xba21, 0x100000001, 0x2, 0x7, 0x3, 0x7ff, 0x7b5}], "03c6fde3ae54620beea891facd16beeac8d801f761212cc5dd4d8f910b00feca3e9341567470e54dbc6993e7ab965a1bbcb29960b30eda0c6170be24752ff72c9ae326425d53f53fdc3d65f7cd8eb3436297dc0ad0dcde5ef5f0a6a2e366c177d8f0c03a6d9ef66fff73035f0dd24fef128de49acf78322a90f0d5111ae3f7368ca858208caea09a6cd82b1997c08581acf34b05a5958dd97f94b505dacc8330f376682d14641171060b29b936799be141d28564bb5e5ff460ff704be977"}, 0x136)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:45:18 executing program 6:
r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x0)
pread64(r0, &(0x7f00000000c0)=""/4, 0x4, 0x80000000000000)
write$binfmt_script(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="2321202e2f66696c6530202f6465762f7663736123002065746831776c616e30202f6465762f766373612300202f6465762f766380ffffff202c2b6e6f646576776c616e3073656c6621202f6465762f766373612300202f6465762f7663736123000af5a406944d3832c646952bc87e1c6b7f1424717e404816a52989a7e89ab548e21877be51144824656803c53a3f3e65c56fd611000000803c0ab3130a305d3b918230e0caf58691be46e6fea512b3dbde9ca5de"], 0xbc)
getpeername(r0, &(0x7f0000000040)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @loopback}}}, &(0x7f0000000100)=0x80)
socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000200))

03:45:18 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x201, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000040))
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
r2 = syz_open_pts(r1, 0x800)
read(r2, &(0x7f0000000080)=""/19, 0xffffff5c)

03:45:18 executing program 5:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x1, 0x0)
ioctl$EVIOCGID(r1, 0x80084502, &(0x7f00000000c0)=""/33)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x40, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000005c0)={&(0x7f0000000040)={0x10, 0x34000}, 0xc, &(0x7f0000000000)={&(0x7f0000000180)={0x14, 0x40001d, 0x6ff, 0x0, 0x0, {0x1b}}, 0x14}, 0x1}, 0x0)

03:45:19 executing program 2:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000000640)="2400000002091f001cfffd946fa283005b580a000900020009000000000015000404ff7e", 0x24}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000040)={<r1=>r0})
syncfs(r0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f00000001c0)={'vcan0\x00', <r3=>0x0})
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000200)={{{@in=@multicast2, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in=@local}}, &(0x7f0000000300)=0xe8)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000340)={{{@in6=@mcast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@remote}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
sendmsg$nl_xfrm(r1, &(0x7f0000000700)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000100}, 0xc, &(0x7f00000006c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="a40100001f00100026bd7000fcdbdf25000000f00ddadb000000ffffe00000010d0004d5fe990000e00000020000000000689b801e560400000000000000050000000111fef7a89c9e2e", @ANYRES32=r2, @ANYBLOB="020000000c001c00", @ANYRES32=r3, @ANYBLOB="030000000800160003000000e4000600ffffffff000000000000000000000000000000000000000000000000000000014e2000034e0592ffc6b928e06b531a3d", @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="00000006000000000000000000000000000004d3ff000000e000000100000000000000000000000009000000000000000000000000000000e903000000000000820e0000000000000300000000000000000000000000000001800000000000000300000000000000000080000000000003000000000000008a000000000000000900000000000000ff0300000800000004754e5328bd700000350000020003004400000000000000600003006465666c617465000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a80000008ebf80fe9dd50a2e54c3d23298ae3c684a6af92a6d000000"], 0x1a4}, 0x1, 0x0, 0x0, 0x20044040}, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x4800)
ioctl$BINDER_THREAD_EXIT(r6, 0x40046208, 0x0)
ioctl$RTC_WKALM_RD(r6, 0x80287010, &(0x7f0000000100))

03:45:19 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x201, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000040))
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
r2 = syz_open_pts(r1, 0x800)
read(r2, &(0x7f0000000080)=""/19, 0xffffff5c)

03:45:19 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x20)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000040)={<r1=>0x0, @empty, @rand_addr}, &(0x7f0000000080)=0xc)
bind$can_raw(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
r2 = inotify_init()
write$binfmt_script(r0, &(0x7f0000000100)={'#! ', './file0', [{0x20, "7b23db2e74727573746564"}, {0x20}], 0xa, "2e632d35eeeec56a998463e45c9a792de1a0a5b08b3a61e5c38fa62b26a053cab23941b5219bfb18a1d0f9fce05ec143cc0c9d9838635b1e6c69ef5f54419081ad1eaa19737e2d23bf3e7f4a3bc32abfc3d3eca7f859da63decd83cb72a0784387b3"}, 0x7a)
getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000180)=0x7, &(0x7f00000001c0)=0x4)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000200)=0x8, 0x4)
getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240), 0x10)
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000280)=r0)
ioctl$KVM_SET_IRQCHIP(r0, 0x8208ae63, &(0x7f00000002c0)={0x1, 0x0, @ioapic={0x3000, 0x101, 0x2, 0x0, 0x0, [{0x7, 0x97, 0x4, [], 0x6}, {0x8001, 0x0, 0x8, [], 0x9}, {0x0, 0xccf, 0x3, [], 0x43b}, {0x794a, 0x5, 0x1, [], 0x400}, {0x1, 0x4, 0x7, [], 0x95ec}, {0x101, 0x8, 0xfc, [], 0xffffffffffffffff}, {0xfffffffffffffff8, 0x8000, 0x0, [], 0x4}, {0x7, 0x1, 0x20004000000000, [], 0x80000001}, {0x80000000, 0xfffffffffffffff8, 0x3464e2de, [], 0x80000000}, {0xd7, 0x6, 0x7, [], 0x600000000000}, {0x2d4, 0x80000001, 0x5, [], 0x6}, {0x8d9, 0x2, 0x6, [], 0x5}, {0x8, 0xfffffffffffffff8, 0x5, [], 0xb9}, {0x2, 0x5, 0x80000001, [], 0x7}, {0x1, 0x4, 0xd76, [], 0x9}, {0x6, 0x3, 0xfffffffffffffff8}, {0x4e, 0x83, 0x7, [], 0x6}, {0xfffffffffffff800, 0x1d378228, 0xe9, [], 0xfb}, {0x3ff, 0x3c7, 0xf4, [], 0x6}, {0x80, 0x0, 0x7, [], 0x9}, {0x401, 0x5, 0x9, [], 0x40}, {0x1, 0x5, 0x8000, [], 0xfffffffeffffffff}, {0x7b1a, 0x10, 0x8, [], 0x5}, {0x4, 0xb2, 0x6f9, [], 0x1}]}})
pselect6(0x40, &(0x7f00000003c0)={0x9, 0x40, 0x1, 0x4, 0x7, 0x7, 0x1000, 0xffffffff}, &(0x7f0000000400)={0xffffffff80000000, 0x800, 0x1, 0x2, 0x100, 0x10001, 0x42bd, 0x400}, &(0x7f0000000440)={0x1f, 0x9, 0x2, 0xb5, 0x80000000, 0x100000000, 0x5, 0x3}, &(0x7f0000000480)={0x77359400}, &(0x7f0000000500)={&(0x7f00000004c0)={0x816d}, 0x8})
r3 = socket(0x0, 0x1, 0x80000000000)
fstat(r0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
r5 = getegid()
setregid(r4, r5)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000005c0)={<r6=>0x0, @in6={{0xa, 0x4e22, 0x1, @remote={0xfe, 0x80, [], 0xbb}, 0x1c0}}}, &(0x7f0000000680)=0x84)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f00000006c0)=@assoc_value={r6, 0x3f}, 0x8)
setsockopt$inet6_tcp_TLS_RX(r3, 0x6, 0x2, &(0x7f0000000700)={0x303, 0x33}, 0x4)
getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000740), &(0x7f0000000780)=0x4)
setsockopt$inet6_MRT6_ADD_MIF(r3, 0x29, 0xca, &(0x7f00000007c0)={0x236, 0x1, 0x0, 0x2c, 0x4}, 0xc)
fcntl$addseals(r2, 0x409, 0x9)
tee(r3, r3, 0x8, 0xc)
r7 = getpgrp(0xffffffffffffffff)
r8 = syz_open_procfs(r7, &(0x7f0000000800)='net/ip_vs_stats_percpu\x00')
setsockopt$inet6_MRT6_DEL_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f0000000840)={{0xa, 0x4e24, 0x49c, @dev={0xfe, 0x80, [], 0x21}, 0x5}, {0xa, 0x4e23, 0x1, @local={0xfe, 0x80, [], 0xaa}, 0x8}, 0x6, [0x1, 0x3, 0x3, 0xffffffff80000001, 0x6, 0xf4, 0xf8, 0x7]}, 0x5c)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r8, 0x894b, &(0x7f00000008c0))
ioctl$sock_inet_tcp_SIOCINQ(r8, 0x541b, &(0x7f0000000900))
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

03:45:19 executing program 6:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x2000, 0x0)
ioctl$KVM_GET_TSC_KHZ(r0, 0xaea3)
syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f0000000080)='./file0\x00', 0x7f, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="eb64c86d6b66732e66617400020441000500077008f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r1 = open(&(0x7f0000000000)='./file0/file0\x00', 0x200040, 0x0)
open_by_handle_at(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="529e8a4be97a48212b604f3fa072b1ddb8af595dc0c2602a79e4feb8aad853563395650256f3da974cbf6bd98a6b5205b2621e54249e66d3fad57820b6fbd27ef06846e65853dc96b6e788bd3301d381cad3988eba15efdcb7516ac47923ece8da96936e47cccec5d88a38c7e01758d220ca57711d72cd7996a2c23a000000010000000000000000000012891688dddec43b6b0d01d8d77c49005951842e569e759adf61bc6e3c9cbd92dc908194a76eeed8962ce04b2e5db8858913b8d48d38f908ada7dabc3fdb6a1c6eaa532a61563fdbe41141053b3278034809913beed563bf272d6cf23c87f6dcbc5f8a1b20f440ad0ce3418f4391723d"], 0x0)

03:45:19 executing program 7:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x250}]})

03:45:19 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000003, 0x100000006)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
set_mempolicy(0x4003, &(0x7f00003ccff8)=0x10003, 0x7742)
mbind(&(0x7f0000008000/0x4000)=nil, 0x4000, 0x1, &(0x7f000000b000), 0x4, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0)
ioctl$SG_GET_RESERVED_SIZE(r1, 0x2272, &(0x7f0000000040))
mbind(&(0x7f000000a000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000180), 0x1, 0x2)

03:45:19 executing program 0:
r0 = request_key(&(0x7f0000000380)='pkcs7_test\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, &(0x7f0000000440)='posix_acl_accesssystem%\x00', 0xfffffffffffffffd)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
fdatasync(r1)
fcntl$setflags(r1, 0x2, 0x200000001)
keyctl$assume_authority(0x10, r0)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x1, 0x0)
accept$nfc_llcp(r2, 0x0, &(0x7f0000000080))
request_key(&(0x7f0000000bc0)="646e735f7265736f6c7665720005083f7605beb89ebb55f56950196fd8b8a6ebddf637ee27ef0fabbbad7523dacb0ab4baaf14787b652566f6eaf50a9d4cff3e30f2d07fd0118cf06573e05f283ef26ec0cc75cf93fe4c95c7185cb70df302c4c08871883fc063c014d46b8b27fd88a01e760bee664a475d69d12e2fc7e3dc680e3bb87b71d301fbf92cadf5537bc8774141ee7d7152d16c9ee500389b527a9b31679b1560e4680fcfd95743ed5305a984645fb4371e5e363f7df35cb72f6d9c953cd2ea3167c037567f7f99399e92ba02db513f40a4d44e072bf5ea9495287934a503a032610a0235c3530cfc99e27a1e10e28ed49beb223bbe910fd417a40e64dbdf97edb9363e6b5853e1323d6f78d0fb80969de2f5fec97acbb11c1ae97f54cf4e3ef9d50e1fbc4304780010d18452001232814ac3970ee2938175a91f4e0ca28b803a350dbea3b68d6a71bc65b011a81834b809f86919e4499a53ff8a35993b333b9b2761a44bb4a888a90c078d0b923e28cdbf76aa3fb68394de930dddf27c48926ab9c66951b70ebd4063b510ae453059ff71853bcf5942b5140a111d4a2afbaf612c6415aceb9578cb0d1decc8001f6dfc9d6829dbed2a8dbbc4bc9391960c1bb3fb451d52778143fb3c2f4d17df3c295117e13889037aff061ff283cac330aa03e7d189f01bfd03e68532d5594ef0e4bf1d584c7eacfd53a7ae8ccecc1901c89f4db4a3f1925610f22dac4570169b7f9f4cbf3fa1376f0ce4ab31605a16aff95c1bda1b96b9ded911a38594c3d9b42e7712ac377f377cd30eda00efd15d718e20dba3e76c4850966353c04a178e3b857719f9d81dc0ef8776c46c47d38aad73498289bc0240484644a2f51f5b6e893d035ac2703ccfef8cf9b5b46ded7a30d858b5aea551c50f059c7ee81bb3b51d87c36266acab20a198a7fb7afe25942c0d5035ad2337ce2ff6621b5ffd3a75f50b9f2cd6b832c8c7ba0f843db6a3ea1ef923eae3f5a8821d9a3e20cc7ebbf5a1652564abdd012af23c11d716b2293c76a4192b491e02dc1edd8a7c958df2f2a55c6dbe6ce8ba063ea6284291662e0f6801e4849948d7a75d0328013cd08dfa0e7f7f5320b9af33a9ec9713d8885d5b0194db60266a983ad1544fb5b8e37a97719f67cbbb604d3524bd2a6eabafe4dc581ddcbe2ad489bfc172850030745019a6a56d4a2b13922304c4930422f38733dcbaa317bf5af8b688e5a45c35de5a3e", &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x0, 0x10000000}, &(0x7f00000004c0)="af2019dcc2380b4623dc8c7a581973a96d57452035fca47b18e7992f4c82e608a92c747d6e80519f2f5a436783ee4e3264245238b946a4a11d39b7873e5f3296185625d49ae13974d13940d0c01a5029b35aec2234864afd4648", 0x0)
write$P9_RREADDIR(r2, &(0x7f00000000c0)={0x2a, 0x29, 0x1, {0xf4ab, [{{0x80, 0x4, 0x1}, 0x9, 0x2, 0x7, './file0'}]}}, 0x2a)

[ 1580.022000] netlink: 4 bytes leftover after parsing attributes in process `syz-executor2'.
03:45:19 executing program 1:
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000029000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
poll(&(0x7f0000000240)=[{r2}], 0x20000000000001f7, 0xfffffffffffffff8)
r3 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r3, 0xd)
r4 = dup2(r1, r2)
tkill(r0, 0x16)
ioctl$KDGKBTYPE(r4, 0x4b33, &(0x7f0000000000))
socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000040))
ioctl$sock_inet_sctp_SIOCINQ(r4, 0x541b, &(0x7f0000000080))
fcntl$setsig(r1, 0xa, 0xe)

[ 1580.076933] FAT-fs (loop6): bogus number of reserved sectors
[ 1580.083385] FAT-fs (loop6): Can't find a valid FAT filesystem
[ 1580.105100] netlink: 5 bytes leftover after parsing attributes in process `syz-executor2'.
03:45:19 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x201, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000040))
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
r2 = syz_open_pts(r1, 0x800)
read(r2, &(0x7f0000000080)=""/19, 0xffffff5c)

03:45:19 executing program 7:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x250}]})

03:45:19 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:19 executing program 0:
setrlimit(0x100000000007, &(0x7f0000046ff0))
fanotify_init(0x1, 0x3)

[ 1580.141743] netlink: 4 bytes leftover after parsing attributes in process `syz-executor2'.
[ 1580.160535] netlink: 5 bytes leftover after parsing attributes in process `syz-executor2'.
[ 1580.178530] FAT-fs (loop6): Unrecognized mount option "ù­§Ú¼?ÛjnªS*aV?ÛäA;2xH	‘;îÕc¿'-lò<‡öܼ_Š ô@­ãA�C‘r=" or missing value
03:45:19 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x890f, &(0x7f0000000280)="025cc82d6d07009b762070")
r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2)
ioctl$SCSI_IOCTL_STOP_UNIT(r1, 0x6)

03:45:19 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00')
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x74, r3, 0x400, 0x70bd28, 0x25dfdbff, {0x4}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xb80}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xd4d3}]}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x40}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x80000000}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x3}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x1}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x8080}, 0x20000000)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB='T'])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

03:45:19 executing program 6:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000780)='/proc/self/net/pfkey\x00', 0x400400, 0x0)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000007c0)={<r2=>0x0, @local, @rand_addr}, &(0x7f00000008c0)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000840)={'vcan0\x00', r2})
fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, <r3=>0x0})
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='illinois\x00', 0xd470041877f0fcc9)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xd)
ptrace$setopts(0x4206, r3, 0x0, 0x0)
pipe2(&(0x7f0000000440)={<r4=>0xffffffffffffffff}, 0x80800)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000480)={<r5=>0x0, 0x7ff}, &(0x7f00000004c0)=0x8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000500)={r5, @in6={{0xa, 0x4e23, 0x7ff, @mcast1={0xff, 0x1, [], 0x1}, 0x1161}}}, &(0x7f00000005c0)=0x84)
restart_syscall()
ptrace(0x4207, r3)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000080)={0x6, 0x5, 0x7, 0x6, 0x3})
ptrace$setregset(0x4205, r3, 0x2, &(0x7f0000000100)={&(0x7f0000000040)})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x8000, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000280)={0xaf, @empty, 0x4e22, 0x4, 'sed\x00', 0x1, 0x1ff, 0x75}, 0x2c)
getsockopt$inet_sctp_SCTP_RTOINFO(r6, 0x84, 0x0, &(0x7f00000002c0)={<r7=>0x0, 0xfffffffffffffffa, 0x6, 0x59}, &(0x7f0000000300)=0x10)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000640)='/dev/nullb0\x00', 0x0, 0x0)
ioctl$BLKPG(r8, 0x1269, &(0x7f0000000740)={0x4, 0x0, 0xaf, &(0x7f0000000680)="54dc1b97740e00e6684025038c6acb83bbe258693f25b8f3797822169680ccba9581e4e0a40a54ee67c72c34a677d1b318083ea8943854eb206fa487a713d3c8db58328bb38bb0097c513dd405f78f81384be81debebfe41bcabb0cb72be38b9713087b83a0e5d3ec9d05669a1db161571f1a851dce804041c091be6687dbce31e14672383dd8924373165f67b5f7f884c1b1f510fab6e2e1dca1fd5c3cd6f83eac44ff23e4d82c0850c44c7981803"})
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r6, 0x84, 0xf, &(0x7f0000000340)={r7, @in={{0x2, 0x4e20, @multicast1=0xe0000001}}, 0x1, 0x5, 0x0, 0x7, 0xfff}, &(0x7f0000000400)=0x98)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r6, 0xc1105517, &(0x7f0000000140)={{0x3, 0x2, 0x3, 0x0, 'syz0\x00', 0x7f}, 0x1, 0x40, 0x2, r3, 0x1, 0x7, 'syz0\x00', &(0x7f0000000040)=['procem0\x00'], 0x8, [], [0x4, 0x7ef7, 0x1ff, 0x9]})
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r6, 0xc0045516, &(0x7f0000000600)=0x80)

03:45:19 executing program 4:
futex(&(0x7f0000000ffc), 0x84, 0x0, &(0x7f0000586ff8)={0x0, 0x989680}, &(0x7f00000acffd), 0x0)
r0 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x101000)
execveat(r0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[&(0x7f0000000180)='posix_acl_accessmime_typeem1,user\x00', &(0x7f00000001c0)="776c616e30e600", &(0x7f0000000200)='@em1keyring\x00', &(0x7f0000000240)='vboxnet0\x00', &(0x7f0000000280)='system,GPLvboxnet0-&selinux$\x00', &(0x7f00000002c0)='em1^^\x00', &(0x7f0000000300)='trusted$em1+cgroupem0+*)vboxnet0]GPL\x00'], &(0x7f0000000480)=[&(0x7f0000000380)="6d643573756d6c6f76626f786e65743117657468302300", &(0x7f00000003c0)='\x00', &(0x7f0000000400)='cgroup\x00', &(0x7f0000000440)='&#wlan1ppp1\x00'], 0x1500)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x80000)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x3, @remote={0xfe, 0x80, [], 0xbb}, 0x2}, @in6={0xa, 0x4e20, 0x22e00000000000, @dev={0xfe, 0x80, [], 0x18}, 0x2}, @in6={0xa, 0x4e23, 0x101, @mcast1={0xff, 0x1, [], 0x1}, 0x3}, @in6={0xa, 0x4e22, 0x9, @loopback={0x0, 0x1}, 0x9}, @in={0x2, 0x4e23, @loopback=0x7f000001}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x11}}, @in6={0xa, 0x4e23, 0x4, @loopback={0x0, 0x1}, 0x40}], 0xac)

03:45:19 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = dup3(r0, r0, 0x80000)
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f00000001c0)=0x10000)
r2 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xb, 0x0)
ioctl$PPPIOCGCHAN(r2, 0x80047437, &(0x7f0000000200))
ioctl$EVIOCGABS0(r2, 0x80184540, &(0x7f00000000c0)=""/228)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={'team0\x00', {0x2, 0x4e23, @multicast1=0xe0000001}})
syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x4840)

03:45:19 executing program 7:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000008000)={0x1, {{0x2, 0x0, @multicast1=0xe0000001}}}, 0x90)
mprotect(&(0x7f0000007000/0x2000)=nil, 0x2000, 0x1)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0)
getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000008000), &(0x7f0000007ffd))

[ 1580.334083] program syz-executor5 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1580.366643] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
03:45:19 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:19 executing program 7:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000008000)={0x1, {{0x2, 0x0, @multicast1=0xe0000001}}}, 0x90)
mprotect(&(0x7f0000007000/0x2000)=nil, 0x2000, 0x1)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0)
getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000008000), &(0x7f0000007ffd))

[ 1580.403557] program syz-executor5 is using a deprecated SCSI ioctl, please convert it to SG_IO
03:45:19 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000180)=ANY=[@ANYBLOB="e700000078b056677a"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)

03:45:19 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047"}], 0x0, 0x0, &(0x7f0000000080), 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010028c4e247f9887200000001"])
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x0, [0x40000073]})

[ 1580.448142] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
03:45:19 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:20 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000001, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = syz_open_dev$loop(&(0x7f0000000340)='/dev/loop#\x00', 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/tcp\x00')
getsockopt$XDP_MMAP_OFFSETS(r2, 0x11b, 0x1, &(0x7f00000001c0), &(0x7f0000000040)=0x60)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, 0xffffffffffffffff)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x793, 0x0, 0x0, 0x0, 0x0, "e1d3f877e5eae453e55d7d64d00d4901baed21f7de92a8669b38ccd6260857dbf5ae46354569636517b50f805ae208258dba7d0abe8d208f0f1bcc885c8ba93c", "fe047b3177f4fc2eb04172daa8e7d1c4c4cf144a23173b7605afb988de9bba6df5fdc54d81bf6ba5629eef628582fba5bf4af44acfe05900", "ee42e3ef1d1772a9432c220303b70b708ad791137e2982fcce5d747a3131995a"})
ioctl$BLKDISCARD(r1, 0x1277, &(0x7f0000000000)=0x400)

03:45:20 executing program 5:
r0 = socket(0xa, 0x802, 0x0)
capset(&(0x7f00002d0ff8)={0x20071026}, &(0x7f0000000140))
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000040)={0x0, 0x0, 0x1, 0x1, 0x80, 0x4, 0xffff, 0x2, {<r1=>0x0, @in6={{0xa, 0x4e22, 0x7, @local={0xfe, 0x80, [], 0xaa}, 0x81}}, 0x0, 0x7, 0x8, 0x40, 0xffffffffffff8825}}, &(0x7f0000000100)=0xb0)
setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000180)={r1, 0x1}, 0x8)
pipe2(&(0x7f0000000000), 0x80000)

03:45:20 executing program 7:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x101082, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0xffffffffffffffff)

03:45:20 executing program 4:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000040)={0x1f, {0xffffffffffffffff, 0xffffffff, 0x2}}, 0xa)
r2 = fcntl$getown(r1, 0x9)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000000)=<r3=>0x0)
kcmp(r2, r3, 0x7, r1, r1)
socketpair(0x4, 0x3, 0x1ff, &(0x7f0000000080))
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340)}}, 0x20)

03:45:20 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'kw(aes-aesni)\x00'}, 0x58)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=<r1=>0x0)
getpgid(r1)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10)
r2 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x167, &(0x7f0000000100)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000002240)=[{{&(0x7f0000000300)=@pptp={0x0, 0x0, {0x0, @rand_addr}}, 0x80, &(0x7f00000004c0), 0x0, &(0x7f0000000500)=""/3, 0x3}}, {{&(0x7f0000001c00)=@nfc, 0x80, &(0x7f00000020c0)=[{&(0x7f0000001e80)=""/173, 0xad}, {&(0x7f0000001f40)=""/89, 0x59}, {&(0x7f0000001fc0)=""/70, 0x46}, {&(0x7f0000002040)=""/106, 0x6a}], 0x4, &(0x7f0000002140)=""/207, 0xcf}}], 0x2, 0x0, &(0x7f0000002340)={0x77359400})

03:45:20 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x3, &(0x7f00000000c0)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x0, 0x6c}, [], {0x95}}, &(0x7f00000002c0)='syzkaller\x00', 0x9, 0x4ae, &(0x7f0000000340)=""/207}, 0x48)
r0 = socket$inet(0x2, 0x5, 0x41b2)
ioctl$sock_netdev_private(r0, 0x89fc, &(0x7f0000000000)="28251a81e18c80da2d808436e386b3a8e0caf161eab32ea068e096d7e58c41a1a7ba924ab6960d7c0a160a316fcfc8cc258af5f72258fcaa9c17f882ae7d4b28ec1b137d751ba5b5a7c4cb724775e14ecad979adde05988967ae3bef8adc580654ad2710ace9a69b26d2f21fc39a3fda37995bed57222a0a571cff6f528bb142233fb467b9")

03:45:20 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r0)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:20 executing program 6:
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/nullb0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000d, 0x12, r0, 0x0)
mlock(&(0x7f00001ec000/0x2000)=nil, 0x2000)
fadvise64(r0, 0x0, 0x0, 0x4)
fcntl$setsig(r0, 0xa, 0x39)
r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x800)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f0000000040)={<r2=>0x0, 0x0, 0x8}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={r2, 0x4}, &(0x7f0000000100)=0x8)

03:45:20 executing program 7:
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000003c0), 0x0, &(0x7f0000000440)={[{@fat=@dmask={'dmask', 0x3d, 0x800000000}, 0x2c}]})
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x200000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f00000000c0)={0x7, 0x5, 0x6, 0xd, 0x1, 0xffffffff80000000})

03:45:20 executing program 2:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fallocate(r0, 0x0, 0x0, 0x8000011)
sendfile(r0, r0, &(0x7f0000000180), 0x5)
bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58)
fallocate(r0, 0x8, 0x0, 0x10000)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000100)={@rand_addr, @multicast1}, &(0x7f0000000140)=0xc)
syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x9, 0x24000)

03:45:20 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:20 executing program 6:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
acct(0x0)
fchdir(r0)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x0)
rmdir(&(0x7f0000000640)='./file0\x00')

03:45:20 executing program 5:
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000140)=@proc={0x10}, 0xc, &(0x7f0000000440)=[{&(0x7f0000002000)=ANY=[@ANYBLOB="2002"], 0x1}], 0x1, &(0x7f0000000880)=ANY=[]}, 0x0)
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = add_key(&(0x7f0000000080)='cifs.spnego\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffff9)
request_key(&(0x7f0000000300)="a76d315a3b7ce12d696300", &(0x7f0000001ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000100)="520972757374e363757367725665783a4565", r1)
r2 = dup(r0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000200)={<r3=>0x0, @in6={{0xa, 0x4e23, 0x5, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x101}}, 0x3, 0x7, 0x1, 0x3887, 0x7}, &(0x7f0000000040)=0x98)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f00000002c0)={r3, 0x101}, 0x8)

03:45:20 executing program 4:
socket$packet(0x11, 0x3, 0x300)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0)
ioctl$SG_GET_COMMAND_Q(r1, 0x2270, &(0x7f0000000040))
syz_open_pts(r0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x2)
pselect6(0x40, &(0x7f0000f33fc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f0000086000), &(0x7f0000349000)={0x0, 0x989680}, &(0x7f0000f14000)={&(0x7f0000a65ff8), 0x8})
ioctl$KDENABIO(r0, 0x4b36)

03:45:20 executing program 1:
r0 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58)
pwritev(r0, &(0x7f0000001380)=[{&(0x7f0000000000)="707f3d", 0x3}], 0x1, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000f3eff0)="01010000000ef40000000300409d9254", 0x10)
r2 = accept4(r0, 0x0, &(0x7f0000000140), 0xffffffffefffffff)
sendfile(r2, r0, &(0x7f00000ddff8), 0x3)

03:45:20 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
prctl$intptr(0x200000002f, 0x1)
socket$inet_tcp(0x2, 0x1, 0x0)

03:45:20 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$sock_void(r0, 0x1, 0x1b, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
r2 = dup(r1)
write$eventfd(r2, &(0x7f0000000100)=0x4, 0x8)
ioctl$RTC_WIE_ON(r2, 0x700f)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r3 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x4}, 0x1c)
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000140))
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f000014f000)={&(0x7f00003c7ff4)={0x10}, 0xc, &(0x7f00000bfff0)={&(0x7f0000006440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1={0xff, 0x1, [], 0x1}, @in=@multicast1=0xe0000001, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}, 0x1}, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x21, &(0x7f0000000000)={0xf5ffffff, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}}, 0x88)

03:45:20 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:20 executing program 2:
r0 = memfd_create(&(0x7f0000000040)="00000600000000000000", 0x0)
read(r0, &(0x7f0000002300)=""/4096, 0x89d)
userfaultfd(0x800)
write$binfmt_elf64(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="7f454c4600000002000000000000000003003e000000000000000000000000004000000000000000000000000000000000000000000038"], 0x37)
execveat(r0, &(0x7f0000000000)='\x00', &(0x7f0000000280), &(0x7f0000000500), 0x1000)

03:45:20 executing program 4:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x1, 0x22000)
getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000040)=@assoc_id=<r3=>0x0, &(0x7f0000000080)=0x4)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000000c0)={r3, 0xed, 0x7, [0x7fffffff, 0xa17, 0x1, 0x0, 0x3ff, 0xd84, 0x81]}, &(0x7f0000000100)=0x16)
r4 = dup2(r0, r0)
ioctl$LOOP_CLR_FD(r4, 0x400452c9)

03:45:20 executing program 5:
r0 = memfd_create(&(0x7f00000002c0)="23656d31842b00ffebfa694a0ea3bc97d9e2e37ad315bfb1f23a31664023ada5357f5334c9426a75720c9210323df1afa717f2ad6c324f4df7caab8c57594d542468e29a7a0e63512b8c8450c712cb5a658aa17eb90835bc0a47ce19964be2bbc9c00a0151427d3232be49648f7770249a2141f66350d3208d6fdadcffffec525ed6d7bf2d2263f06a0ef36903cced3eda0d28194d382e42526f7e4875dd6c314123db214931b07d974f6f003c3e67e8d316fe16f02cf308122dd5d9f79e38126b67a54d002e02dc3b07fb90d3ad37730fa5dcbff71b2e7e5eb3e851424c19b08c8bc5252e4f78aaaec4ec61f93c39d5d70c3089a0c5609af91f51b742e3211321daa9f6ad00000000000000", 0x0)
write(r0, &(0x7f0000000080)="abf5b4", 0x3)
r1 = getpgid(0xffffffffffffffff)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x5, 0x4)
ioctl$TCFLSH(r0, 0x540b, 0x9)
rt_sigqueueinfo(r1, 0x3a, &(0x7f0000000000)={0x3b, 0x4, 0x7, 0x9})
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000100)={'veth1\x00', {0x2, 0x4e24, @rand_addr=0x3}})
sendfile(r0, r0, &(0x7f0000001000)=0xfffffffffffffffc, 0x10004)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r0, 0x0)
r2 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300), 0x0, 0x0, &(0x7f0000000180)})

03:45:20 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x20000, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r1, &(0x7f0000000180)="1b781fb76b613063ceb0bc69f094dfc78a8ea263ca3ccb72934a6fdea8bf2af8f53330c5e51614caffd66ffbf328162dc43a22e56f157b4072641f845c05c66743902e33", &(0x7f0000000100)=""/14}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x12, 0x1c, 0x4, 0x80000000007fe, 0x0, 0x1}, 0x2c)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000040)={r2}, 0x10)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000000080)={0x76, 0xffffffffffff8001, 0xcb33, 0x4, 0xa2a2})

03:45:20 executing program 1:
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x13)
write(r0, &(0x7f0000000000)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27)

03:45:20 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:20 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
unshare(0x60000000)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f00000001c0)={'security\x00'}, &(0x7f0000000000)=0xffffffffffffff49)
r1 = shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffe000/0x1000)=nil)
shmctl$SHM_LOCK(r1, 0xb)

[ 1581.378846] binder: 15862:15864 ioctl c0306201 200000c0 returned -14
03:45:20 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000001680)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia-generic)\x00'}, 0x58)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
ioctl$RTC_AIE_OFF(r0, 0x7002)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e3010000000ced5c54dbb7", 0x10)
r2 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000005200)=[{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000036c0)="c6b64e03f4b5870e334f0bee3b2cced561ec79bdd8c76fafff1a4d08fec8b36d0675cbced940beb7abc8a8685e1822cbec65a166a937b0efbb08d4875371543613906b63e3cb09a65efbab12f5e758303bfe2df9a21a2df3fbe94ac2b46b821b16461f4043d2c38e6aed4c3bd4b430e41e05603587905632cd74572fccc885204779c850016df1b8f3ef0c28543c069b4bba951d548e760d7706dfb8a64e6f4423c4036fda03c760fddda4b60275a0a5a94748f8d2047c58d486efe8c61efceb5a6f0e295b39f396edd5cf2ffdd2ea9364a03a8f1e44b976e99b4c5d4282ac2cb2458704f7d0eb33f89dd3aa21ae9a0dd1f9fec1574d44d2d3bd6c1ea7fae2181570400b35ce38f7e68ce3928d674d7203f5c0e450a16425cae53108e95e7e2042144fad87201137e6a7bbb78999a5c61059885f6fe5d461afda4245caf53e3b10f10f3a0b28064bb48120e1969cca210d6447ee91887c6338c62e1e0eecf275187a09197e87ec0e6dd9dd92de8a9380c007820e7ec9ec430c7e006bcdb31cb220d9a80a7f0ef2d43dd5fd801726db2e8a982b20f349272e3be301c6d10c2b0f81186c5ed54cd5adde2002737043d745dcdbbcbf8743c9d54e30450637d4c1b65527832f527f55f175ce0389f0356bb39d4ee6b819169613f80ae186528f7c14ab6443e3629a61daf797f332d6c2475604bf37942dd5fa4b9e1435283ec57071f8e2edb379885c7dc77ae731a53d51b18620b16264343b479adc7acab84d2315eacd892f56f4132333505942a4f627758de6dd8902f9042d4f97a8b9d1c4befafb091c5dee86ee5a1bb695bb6fb92e1f5b5f353a2f4bee67a0a71c03e2f9a490d85b683ca31896afb243b56a4bdcc154629237e2e1ed36ec28bbe1db5b91f799f58bd55c4e3c80980bb4e75e84f07e0918c23f51412ffeaedc115d51f16b5ceebff5fc0febfdf08629e7f6f6ae2a3d670eaf120e790240d09728e2b7def35eed8cfb1b00914ad134c39a6c19bb67b8e0bcb55d0bbfa8b22365ccfdcf517655b22d669ee7260bcf8903053335c3592bc8ce40819872d8a8d8e0d64f998146076b1a082f1297f436f72942ca389edf6b19b840dbbfb8f5e03003b762ae4fa128ab21954a0c9c58ca291d690b789ca2e188b6255ca774106bfcbe7fad9cc45022dabb15ead45aee2cfccb2341ca676cd18ff3faca74ab3259c21888d43cb651d2448f9b6b6b096742d4f3843aaa6a2f6ca885983fb8dd083d6194e44c9ec9cafd0469b23fbe02f2241d93e3736b75015708f37deb4542239d30724ef9b153c32b8efb27fc4a79487bb22ffdf3f4eebc8c695307e38d976760284d580604e3a1a055e117c991966611adaa74bbc04171731ff40e0999ca7e8eddb3c30639ccd81ad9b964c0dc19b27deff9634d14f52ca5e04a598691304d390b6d05cb0442ee68ace13a9f56e4478686f9e34ac0dc598be346d7c7b75561ca84286e49010c5f95c0413c6f2e3f0ee655fe064053e3ba55c6f9074d6423326cc233fef05e0719b68cecf909bf42d5ea6394b2b2835f0ca7269af3a918aa543acb10014c8090d7ddca72e0ae43fc08af213cffb97a790703586541fecf9f45afdcb06e4ef2f88e4556760fc796adf12b70b2ee26f094f13f8beb463b41b7062074b43c9d442f34fb53110fdbd9cb307db9e6070a686b82e286ee30612b9668af1c5a4c01d5ed924c64c5bb4387a62e16126c02c252e1a5f603e818f9aa7ecd5239688b501652390b69aaca6b58d64b179a929a228a294be2329bf9b6010c18605a0057b43f80511a64d54668728f21d363f263fc7a2f8055765cf349195925181dafdb9b29b33b4617df61d8580127958d1e94880569c53f51769f472fd7f1314c22fcd591ca396d832c98ef736ff2bb70c76634b3b733e185cd6d917b98eaaeca39e44c33c96677c12eca05410ce04c630ddb39ea5ffbf1960a4da06639dd38b3d89ead091ca2b324edaf4d9a27696ecc46bce6eb95d916fc7cd2b73ca619eeeaf05f8aeb41b6ccfba0d61b952fe403ec98f60604b001c4ef4ddc84870c25f29541bb44c0ba3dc67222599b6b92d83ca3a094f66b05593bd1fc0574218fe490abf6b8a18c1cdea95fb528d7fc9da3eae51ddbf6c517aa41fee7960fad7b747b89e98c4c764e54d9dd599844304a87ca9058f44ba3fc0cbb6d6bb9d400daef4920bbf967df1bd0d5378e2584df7f6bd3c2926a9cdc9b275a3b26e8faa2d79005485125cd54dd839ff9b6367b61e154e02aaf7011cbbd6f1ab8dcb32a20c1a9fd2975936b77a220e0c2c06cc476c31e71a7ae83a4298c5549bd99f5815aa2d76574d257dd464af5bc33d27a7bdf74203237b919f291c47168ad2c3b1470cd942ca2cb361bee044b6502f58592f911917c829ca2e3e9f7e8dd66ee4aeec5e96aaf13ede57696dc8ecb36d0fb20808fbc462f95fb36bdc8bd962bb321293bb042b4ed11ef87eefa4bb0b1e1c49c2112bb5443991da9357d5b6a94a6f06a8f03bd189f22bb2026f913fe530ec270dbdef82e6291f4f4b7f830dac80ebbc3da99f9a425dc59c9383548718029ae417a2ff102b6237d4b488411d3be4f87d003acd1a53b4ee281ef16a69005059140d1edee2b97e273b0f79fbfb63bf36d38887941afe18264b0911dd8d3effe4525b941940cf08c710d9bf7f8973cb609851e9cdc3c208349ad5864d36c281e714e8382376583095a5d460b8a4732d21aa952d1a56c55348fabbccb32f495451bae83628904f40900ead221e6d1327087012ae4c05cb566e8d5ad4f6eaa0c31f38cfba535cdbdee26cfd692cd24d5847062595ec86f1fce420552607ce283db00bb51a51f0ffbaaf7da1cc810472c849800433b00a545a22408eaec49570b6ac1859a7306a9b19528bfd127bd024b2f924a7c00d18d6f1ed5b4aff4bfa2fd22aa2656b3d69d44bad3c5cf92711a6e859dd0d15ec09cf96ec40967272d7189e627846da797b7c21745a8999958a5779b153fbb46697814232eeafe4b799d0fd3379e821044d108d5cd07ac9ed8453ea9d346ffa98bb5c7e9f350296ccd2f25623be905896f9ece8b2026487fbe0f931119142614877fb6a8d6ae3bcaab83fd694e7c8aa7b2d01cc6455b692be5ead148703b6f2d60b2798875788df301a9919f34fdc44955680a390a116202992c4301b34e2ed20aaa9f15cc6d19cb4e00f74f0050d67a91ff2938c0d4cac3c82a0ebfef7188e5d1c1da31c5e5df682d133db2169212d4b78241e7850dffd2cab0465559876f04231a97960cbf9b5ff2f4d2475013d9384700226b54937d6d8bea551e4ce5d79867c3ae3342c2bf1a4323fb3321bfe28cb303351718fa87c391c2177950b6872bbf36d97e386ba1ac97abb33a0cf11eb474cb0a0818e6e22e2642abca9612377cb46aae629f063df510586fedea4d75f0ab41d945343cd43a408b7fad323f96d62eabedb00c0f3cee0fc3152552eb01153f1e622a58cd4efa80e6776ba2d6f5cc5793528176d77841ffd5e9166d297d0439503eea95106f858a3e609b25539aa08575eb54e76276366ec24ab55036d166378eb3fa721378a31281d311f953227ce6e633b9e47ca0fcb85d70296e73d412e9c6cadb1c9807c53a6083c4b44076d3306de92abd325d6e7cd6e13ae1542da5d1e109be66e2516984c77943aaa972a1a866ce6571a6f3fa4f0ec656da9d8af6a7626ea50e5e8ad0626fa7943464fae231f8a6591f02e7d01a9c2dd9ffea2a8dd471cb023d09935faee3db468489f2ef42e4e9e0bdc7daa1d0236555f1ecc50d19f82481276f98af0f7fde0cbdbbac368da5b09e4f9b6302abc972a6319fe62d8ef1c23358a5a89494875f2a640e316a8e534291145619c79890b9af0925e63a9e5f691f88237550873d7ebc5c6dd208ba0139323bbe7c3db4b0a09c852adc093f54000c7a2fe2344502d364c9774a58e6ed378aa8addd232710eb218d84fad44c03ac79144da885e689a6e065dda134c4634e3f53a98b086fcb00b8c2798acb3b3ba7f43c1f35f69ac0d894891027374f71f6d52b80ae9f6a7b177994802303a1d19e8f3a3b6abc245dceb6c763835cb78294338bedc7b7e3a022be264739b26573df2c671fd5b18160f287606fee4da76c07d8c1d9698554812b2b5a5ec239f0654f3e733b35658c2642b13ac8842dd1c72c6743e78adbd20bb2ffcca0485f3ac2bcc898d75ef4c5c343c35cb8caa663686ffa9ffa51404048c16c1c82c2a536985c5a77f6853f0a435b50c141a19aa44cc10925c61885a9f62b690ad25e7e4993476d6e10f9bdc9345dd2db1b010ab42d050d1bb71ef1f85b27254fcb8c8a7749189058f7a85e0a9f7c8df7835052689f8423508c8fa75acf9f130ae3e2da84024ee450c32e1547d067250b5c190f41278f8e56b256a4b8e57529cb5a765ec6036b69e8a324c1213d8d", 0xc50}], 0x1}], 0x1, 0x0)
recvmsg(r2, &(0x7f0000001440)={&(0x7f0000000280)=@sco, 0x80, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/4096, 0x200013c0}], 0x1, &(0x7f0000001400)=""/6, 0x6}, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x410201, 0x0)
accept4$inet(r3, &(0x7f0000000080)={0x0, 0x0, @broadcast}, &(0x7f00000000c0)=0x10, 0x80800)

03:45:20 executing program 7:
r0 = socket$inet6(0xa, 0x804, 0xffffffffffff7ffc)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = userfaultfd(0x0)
r2 = dup(r0)
ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r2, 0x800455d1, &(0x7f0000000000))
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa})
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x1, &(0x7f0000000300), 0x6, 0x0)
ioctl$UFFDIO_UNREGISTER(r1, 0xc020aa04, &(0x7f0000c22ff0)={&(0x7f000001d000/0xc00000)=nil, 0xc00000})

03:45:20 executing program 2:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(tnepres-generic)\x00'}, 0x58)
r2 = accept4(r1, 0x0, &(0x7f0000000140), 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000000c0), 0x0)
sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000400)={&(0x7f0000000300)={0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x14}, 0x1}, 0x8001)
recvmmsg(r2, &(0x7f0000001bc0), 0xfe, 0x0, &(0x7f0000001d00)={0x77359400})

03:45:20 executing program 6:
r0 = gettid()
setpriority(0x400000000000003, r0, 0x0)
ptrace$getregset(0x4204, r0, 0x7, &(0x7f0000000180)={&(0x7f0000000140)=""/16, 0x10})
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x4020c0, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000040)={<r2=>0x0, 0x72, "57b34836a3df4e03f88cfbc57f87dc2a2fec161b8f6b0830f9844f8bfb5486b5e99dc000c94ab56b8a6fea419b39c7dd7db7023590df51a5eed34101558f4eecf92539a4e85e8c55d3f1b5c083b27a9fae7f2ac482c30d570b5781a0085657d03cb96f37fa16422e14d4b81daf6750666e29"}, &(0x7f00000000c0)=0x7a)
setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000100)={r2, 0x6, 0xa2, 0xffffffff}, 0x10)

[ 1581.457368] binder: 15862:15877 ioctl c0306201 200000c0 returned -14
[ 1581.466889] IPVS: ftp: loaded support on port[0] = 21
03:45:20 executing program 1:
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/2, 0x0, 0x800}, 0x18)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80800)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000100)={<r2=>0x0, 0x30, &(0x7f00000000c0)=[@in={0x2, 0x4e20}, @in={0x2, 0x4e23, @loopback=0x7f000001}, @in={0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000180)={r2, 0x2dcb, 0x9}, &(0x7f00000001c0)=0x8)

03:45:20 executing program 5:
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x6, 0x3, &(0x7f0000346fc8)=@framed={{0x18}, [], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x1, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)
unshare(0x28020400)
mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)="4b70660056f8d0ad0cdb588002a56555f8467b7708000000d6", 0x3, &(0x7f0000000080))
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000005c0)={&(0x7f0000000600)='./file0/file0\x00', r0}, 0x10)

03:45:20 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:20 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r2=>0x0})
getpid()
sched_setattr(0x0, &(0x7f0000000140)={0x0, 0x2}, 0x0)
r3 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x2)
read(r3, &(0x7f0000fb6000)=""/28, 0x3f0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000240)={0xbf})
write$binfmt_script(r3, &(0x7f0000000340)=ANY=[], 0x77)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f00000002c0)={{}, 'port0\x00'})
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000080)={r2, 0x1, 0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x10)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000300), 0x8)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000100)=0x3, 0x4)

03:45:20 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(hmac(sha256-generic))\x00'}, 0x58)
r2 = dup3(r0, r1, 0x80000)
ioctl$SIOCGIFMTU(r2, 0x8921, &(0x7f0000000080))
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="2eeac3929fdd476833250a2f954907cca034984484b39199a4afd828857013ea194b8cf6052bce9e643a551459f35173e9f4b90d32c4c5e500afa0436b3323febb74f64f34c22607455d77d31c9f83806c223f56984cf4627f4dae91710db298bf4e416de8c4ab1d24d442bb367eda897d41a21465dd37b4", 0x78)

03:45:20 executing program 7:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00003dd000)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f000082ef0a)=""/246)
chmod(&(0x7f00000014c0)='./file0\x00', 0x127)
preadv(r0, &(0x7f0000001440)=[{&(0x7f0000000000)=""/166, 0xa6}, {&(0x7f00000000c0)=""/90, 0x5a}, {&(0x7f0000000140)=""/58, 0x3a}, {&(0x7f0000000180)=""/183, 0xb7}, {&(0x7f0000000240)=""/99, 0x63}, {&(0x7f00000002c0)=""/138, 0x8a}, {&(0x7f0000000380)=""/162, 0xa2}, {&(0x7f0000000440)=""/4096, 0x1000}], 0x8, 0x0)
ioctl$EVIOCGREP(r0, 0x40047459, &(0x7f0000d1df52)=""/174)

03:45:20 executing program 1:
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x68d0, 0x0)
unshare(0x400)
pselect6(0x40, &(0x7f0000f33fc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f0000086000), &(0x7f0000349000), &(0x7f0000f14000)={&(0x7f0000a65ff8), 0x8})
socket$kcm(0x29, 0x7, 0x0)

03:45:20 executing program 2:
r0 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x800000000000048, &(0x7f0000000040)=0x2, 0x4)
getsockopt$inet6_mtu(r0, 0x29, 0x48, &(0x7f0000000200), &(0x7f00000001c0)=0xfffffffffffffd0b)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in=@local, @in=@multicast1}}, {{@in=@multicast1}}}, &(0x7f0000000180)=0xe8)

03:45:20 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='dctcp\x00', 0x36f)
sendto$inet(r0, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10)
sendto(r0, &(0x7f0000001540)="17", 0x1, 0x0, &(0x7f0000001a40)=@rc={0x1f}, 0x80)
sendto$inet(r0, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e399aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0201c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x0, &(0x7f0000e66000)={0x2, 0x0, @rand_addr}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='reno\x00', 0x5)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000000)={'bond_slave_1\x00', {0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}})
shutdown(r0, 0x1)
r1 = dup(r0)
ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000040))

03:45:20 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000000c0), 0x80000002)

[ 1581.703197] device team0 entered promiscuous mode
[ 1581.708209] device team_slave_0 entered promiscuous mode
[ 1581.713902] device team_slave_1 entered promiscuous mode
03:45:20 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xb, 0x7f, 0x7, 0x5, 0x1}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040)}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000000)="827021baca", &(0x7f0000000080)=""/98}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r0, &(0x7f0000000180), &(0x7f0000000080)=""/140}, 0x18)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200)='/dev/zero\x00', 0x2, 0x0)
ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000300)=&(0x7f00000002c0))
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
r2 = creat(&(0x7f0000000180)='./file0\x00', 0x100)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000240)=0x7, 0x4)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000400)={r0, &(0x7f0000000180), &(0x7f0000000300)}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000280)={r0, &(0x7f0000000180)}, 0x10)

03:45:20 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x800)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000002000)=ANY=[@ANYBLOB="b70000000000000007000000000000219500000000000000"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000000c0)=""/195}, 0x48)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000008ffc)=0x57bd, 0x4)
setsockopt$sock_attach_bpf(r3, 0x1, 0x34, &(0x7f0000009000)=r2, 0x4)
dup2(r0, r3)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', r1}, 0x10)

03:45:20 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(0xffffffffffffffff, r1, &(0x7f00000000c0), 0x80000002)

03:45:20 executing program 5:
r0 = socket$inet6(0xa, 0x8000000006, 0x4)
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000140)={'veth0_to_team\x00', {0x2, 0x4e22, @multicast1=0xe0000001}})
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp\x00', 0xfffffffffffffffc, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = socket(0x40000000015, 0x804, 0x0)
setsockopt(r2, 0x100000114, 0x1d, &(0x7f0000000240)="66014ebe", 0x4)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={<r3=>0x0}, &(0x7f00000000c0)=0x8)
ioctl$KVM_KVMCLOCK_CTRL(r1, 0xaead)
setsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={r3, 0x7fff}, 0x8)
getsockopt$sock_int(r2, 0x1, 0x2, &(0x7f0000000040), &(0x7f0000727ffc)=0x4)

03:45:20 executing program 0:
r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000540)={0xffffffff, 0x3, 0x10}, 0xc)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001600)={r0, &(0x7f0000000580)="cb63b81ee17625e8365de7dff60a4c7e1f7a58f0410c4528fc0398bd40abf6b002978cee4924f1bbfc9c7255639b206047c464bd117826543271f819b9d82a0ebbcf5ec7bdcaeffd65b7033f17eb14b982527fe40e0cbd76ba20995f15601df35cdc7d4dba7233eeb9186449d92e2a114c2b69c315141b04b6b7ba28064d5126603efc52dd91e944a2a6aa0c5b8350b3a0944f133e2f46bbb538b2719e2d6722520052770a395ab6448f4542d468fb561622cdbb66d8ef12f2f726237a662d3b6a5d2ae9fec37134461803534a47e338df75565e68ee63af6fe2fcfb435d7fecd199bc6256b241149dca0c630600394f555fd89490ab4b03b7556ee2da2dfed8f101ec7ed5049fe210a282c377cf698869b20242a321e97734827e7f777266d08bd6a4f9c65cd3417706ea71872708a302321a4a2b8ccd1a4843e2014aaa7826d0765c6641690fd0b95b0d189052fe4b3137a2e7eff87b89c56708eaa09bd542e1722000bc51323c91e4ba8b8f81c060e087ac3782d4051e2dae92d2757c8bfd070bb03bc7e348e74a0d126e8c9511de58fd650a8b511416574358b196f7d7b2574889a4e9337e29a76370234ea88472586da74cae8b42ffeee45b06d4faae6462092daa7b27c3758cf2144124b12b7a522302b5f116fc810175007c722aada8ada52582f7864279510905d32f9e38065a38ffb244a0c72d4220b53e1fd24ad8391a124b9f596f2f359832a9868d03991ab39da8592f5cfb28cc06420bd579e23d2cc5be347fffa3294fcb50fb162ed03ed20460a2d088a18d60e31ef940d396cc74f1f4a547ba31105ce15b50a44787414619e4a4cc934dadec91f7231fa4caafea55845e15e0b1e7ac46fff4ed1af5bd3962610d027a2e4029a2fb378532c2f76d76f55b739001ba9f04f56d95dcd2c26bc9c2b3ee387a584227cb46b6a3cdadb7c423d57b4f79cd5b826f9caab05a04d72d98b0a6aa384a40c285836c9be04ed5bb62bfe17afb18532e3535fe0cfb90cccc42bf972c792c461b1a8e76d88bb94e76df46da5a9f27ac815c00c2dd4d3dfcb963b23d41f7b2047ba30196c08b06acb009ec9e560bbc87638aa61b2860fa07d678238f6b62265bbcac0fb3c96df6459c9b6bcb64a2142c1f518aee0e5958938a2eac982e6e86254b0fad7b020069fb345b12e3e4256b9ac4e91f339028f5a40881a0f14a71867f3ebc894e7d39882ec4efe843afa4ef2faf08c68ca80e7cb12cf8a6478d1534652bbd715abea5cb613329bde044f1352a9a2922402934f512b7a181298ed9459ca14fa0e6bcad491ed20a2bc2bff2d6655bb81e4501d504509eb41c500414e0d645230b72ed92cc24d8eae9e2e33b1d04cc510743cc7c68fa0c3d36c400a8aaaa25a4b1c0fc140740079426077e77873fb5a7b0a05431891f5901315bf0b2e2805d1853d7743596c6a0a2973067e85a2228c94c850919f9adf95e942e9e45f0188e3784557f8b6928b152a0e604f8543b9de05e3b2e1c91f9fa8db1684c651814a8917b3797bcff7d1681b4ee1280788bf97aade6815d3968ad79fcd911264521d9e3bc690bc94308efa8da1020800ab928c44a8ce897ec26d61e1e443ed770f572bbde406fe53a42706177a5ebb665ffb627d3a02afc78d0c1d6f94582d1521949946af6d6f5a9e6075ce83c5b9f3526f8f2f3e86dfdf3620376d7bf0f6cde675d7ed7c30fb0bf5ad5fcc9fd01ecc027d539102567aacb2f86e5ec64112365bfff03d73a06c4e9def068b1c6c6ba48aea093398e93bf7fd003bb825e81d7b9ae0bfc5e536d02e84d422e7d80d5be0d65f0fac20431790cc35f51484169b1291ca8ac36e86657eeb410b8400f29b6991f4ec33691510f58366b70e9cd60313f6f562c5637c7e76b07d841680c0773129a71a9545885d4b8b8e0c8bff6e5c484f32ffa116e728709e971991753e5ceaea8ab80ffe4c906d11a811338467247dbc665387813fadfdd88c142e982e752049047fcaaed99c878c5701cf9a61471dbb10f64a2d6a094f7ac2cd4b9dd6aee6b160268c7fa1ecc99b267a84e33aee21e73e381407021f62bb852ebb98663ff9b8e70240a7fd18b62ec537b4457133652ece54694cfcb330bff5844c53055474e00e92243006efbd7a07f72913f9f0b57e9fd4179f53cdcde52db2e7d4151583c146629415f29725287025f7f8194b6945388fc6cb096fd9ee4ad49332b7d86b5f56eb0f00264ce52fbf2477d40b7d461bfc3008433a5585060ca91786844e771f51706ccab685006c409099c58beeaf46fb2c480c98d1b9a595a77f826df40e6adbd7c7f1a876b35034706c8b698d6e63de030d57f70332e826c22fa3d3fc78278a7c473a72f8cd8d71573aa35e80067ad22c23341a999458f46250b0c268cfdd52cbc4a2333d9fda52628aecb04b00f45fabed2d3c462d4895b42b86eb3b99b47382d0e29080d1c02d67030f85ed4f50e494f647a650ccdd24dcb212f0d78350813b8e7bfcb4303cdd551894702a7609794541819f618e2defd68aeeddfd5324fdbf029e7f32f3fe1c8b2ee8dad30bf9a933eec5010e8cc2784cc5c816e55dd698d9921d35a622c24c99aad454fe246b5f946eaf7c74eac4263a30e43fbff820252fd8f17f22529541b4df0f93ffd967cf1755a3aad519e49f386897117cc4fe46975c8b1429adffaaaa3b962d7085d8f59f364e672762046bb8816f26d31f6350116c1278fc96a99f356ef5a6e7f37d8a4fefb3a8e9a93b0187e80b2a9fa9bd856761ab81562512657051bf1d0ab802dcf3d2bbcab3dc36e3f3d7b9499b359bac5f9a39cd9967c569c93882bb58f80007fb1410908e596de44bff3184b62643c0af43cfe42ded13eef477135a1e92a446cb68f8753c3f02fa18f2ff4366ebe63005c4f37e58fca49874b9c5dcffd4816d11c614ade1fe791cd8238518c49be2fbe9ebdbedc73d520a3c82370b7c041c2b02168ed06666184688fcb038c9de330d83d4759f39eee2cb4f5e3ae4f52e97f43ccf3cbf4d0770482998e41527b12fca633d583ac00d8a0a872081e28ab1fd8e0d6255fafe07e8d43decf37e88dfecc3f49f5c9b4c471128d38c9cdc6cef0b935854a6680e029352b6cbe3341df744edf71aa648a955f9db9b4d63e9c9d6a4e9dd640a8d4b0bbac9e502cfb31b7583da94f58b328e0410b7507f4136a7ff03aea9b7914d00819e97896d0c7f2380827c5f3587095e0bdac52eff5dc19b20f87fe3e35e597886d1763fa5398c29ebe5601b7dac361506816574f5a33a545b3b822d2301499ba19258b3fba50166a448143e0456a58fb22be02fe7a96258257087e231823caa94623ebc4f830e8edc8557b97e034300a3337d6f2d7cdabed347885f0573d71d57dec9563e2c28381a2c5706cb4e6fa33b23fb670263c721116a53a9284e56c79285c6c05f476740514ac7202aa80c1dc054827f0231e1a2f43f8122940bc176107d5b69c7cc4cd48d043b7c49c3c8baa3444831b66fd31d75c66c439ac57b529de52244326ee0aec82d4c365888342b3aa664f58b203038f46b1300e35cb294826fc938bf9614560b5f151acc208dd3ba20c3f67f13f472911ad26c12ee70b2990d52ad2a29ed6b48b66fe19f64b47e9aec51d7eec244343cc8e932d74850124bfa754d3e4f3e6ff0078b2c66f09aa1510b5b8146a70df966bc43285e94e50eed9667df616c5f98abe62fdbb215a019be7356b5dfa991a1231350b0b1f34f72039d5c605e70d3c695035d4d4283dcd3b1f043831c0b1c0cc9774e1d1b79306e2c57fc2efc2b3853041d443f85160584199cc258f75ab36b6c8c5cddbefb0e623606ed7f3f4b0bbfd5f1b355a82335b068ebcca994acb16b6c81410aa8f900d03aeb7dd115db87944d4029a99bc58588dc986c52d624e9929c562aae9c53763c140ee451e8f9b91025b85fb26d7ea8f9b5ab4355c59c02f361aea769b1243e90670cd78fe9b331fbb78f01ed026b97c6ac74a8a01113e3c4002283c3ec1cafb03954d154a791ddb9c8075deece09c65422f35af48e74e73d739eb132bda3f12c3fe884c89dc5da9e7bd30b88af57f2e0d9b2c5673d230780811bda132a0b9e36eb34b30bff5bd38d96933ece5ce80856037912521398d52ef21720705e8c1f7e661ab44f281d61b054ddb54273c0f8e28a0c87e3c85e835dd39c0f85c1b1b0a9e6484911dc05e98ff0b435cae1020bb1a5b3761aec09f9df075e40c8c98f309d8f2231fad5cce4db97b3880c4918ac4bf436528044ecfc98fea0f951e7f29d280ea368cb9a3d754aed6386554698613690968df693ca9cad4fa6eae3ce3ef4b97711050b22026080079d1af13d79eed1d4bf3e9dffbcc0b7b223c29cb28dbe25abdeb8eb1ef1b2bbe15c68dc4c1037ea66ae5a5c84e7dac214eb18414b70ae48c3fc3c1a9aa2caf28c88a97d634b87ab5d03eef3dc82386ba95e4f2e67100a8bfe3c5fef812a9e4036f0fd6987ee8a29133d1c91ce339000567fc60606ad0a544088b6409141f8c5368d338770f93d7089c19bfae63616c87ca80603e758cfe688f1ebe94027e72f440367b19b71db6f2d4cfe18bb7db71ca34174f7be20841f5ef213d48bbfd08ee254ab934c9652f28dd2a55df5e1d9ae52d5d0a3857976c893f0554eab8d4000b642e08e67fd86a6c4c0fc60165da8d1c73a414550550aa74d7e15bd31af8a62aef2fc831703ff5da533caa9b7d37ddd0158a7c3fa4e5a29cd4290546977511df7dbcd6e6248169abe18218f1008845f121bfb053fc25c5bf94b0033463df8008a64ad85bfe47a53f40751f1a69da62ca133f25aa1a1dbfeb82493c8b71e7dfffaab4b5189fed6b6f096dc610374eeae72bab4e976379ec37df491b433abed5817a46e941fcd013d57ab7d44c5888f7c53e7bff13b62156d690e9a39b0c0c482ab7820a56bda49a9994e59190c47b8784b1e1691cd29a8b6a3d048ed749f0b4dafe21fd1efc68687886154376d60eec2a602d4fa2f6c14c90d3211dd6b67a22e8c182854647e6c00c51bd42d9d2eeb13acc5c8a24018977cff0dd2d8660fdda9960cf522475c06a05ab388f1c72b7e81b0ffbbc60247917e8fd72e90769cbf15908964f0dc968a5e501fd2d53166105fbee12db550ff60154e16d3cbcc854361c2a87141ada0f8ece27731940de2eb47a765586bc4a4ade16509027404171dadc9cc353fd48073a0adf6c2838577c62013cd47fdef48148285b981eb62b630dffaeb9700f9be120571c841169c1e7e02432fe5aa04be15c53983b607e7808b1bf4fd55233cb31d6261580266bbf92c6de0faa687c5765637d5f93dea339a97ef6948879e705752cbf3b0721721049f51cd75f8268eea2ad7004eb1e5796626254fe99a45e35cec9e8aa92d080372201ec6821c0fbd3464e4f2a0f52445845e2f27147764141b87c4b9ed269e561d1c70fb1af4b352cb6b65a27e9814b197aa50d66c83085c653a1f5125252482404b01fb713cea7a435f2e5ea56e7e527166c6a29f7f95a2e7a624e63a76fa1975671aac03edc1a6a848466b0834633398458a3aa3f86f6fb40243152fb2ba4781e42f0671802f7e2eaa40f33e4b2bfad695be0be13bba35f5e2d29ab748a1e3e71542fbf5f0c6d3560a0b50720b9754842ef866e0a5a59e7f1219cc8b855c958dbd2c5ff757f6c508a1d596f510c98529e927192c4c3076ac2d56dea25a315f22391a9a2e21fdc61f1ac0b08564b5b30e6cb7062c0a07f3802782728d93776e08d28a0d0fdac5b808ba45a", &(0x7f0000001580)=""/77}, 0x18)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x5421, &(0x7f0000000040)="6c6f00966fd651b959a9c84a2c00d2970403dc0d")
r1 = socket$kcm(0x2, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)="47501a00f9d3c471b4a5430b11691d81fb4b9c49106ab3a01eaa6e1494e10112f6e527a746961b2da661bc0517d1fed124f6efb4292dc4c6df52a2c0623cdc1a18767d961c26d3aa8c633a234967dfe047b15997efc5a3bb522cb0393846dcc3f6e76a288635697c642b3cc7b3b36b3d1354dd508712a1f15e3b542d8a0c0c9a73d19d952bcef7d7d5cb703b44c4f17e5f76e7a2f9c44e076fb1000000000000000000000000000000", 0x2, 0xab93031f99fda67f, &(0x7f0000000080)=""/251}, 0x48)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)=@nfc={0x27, 0x0, 0x2}, 0xd0b7a20e2b82d5d5, &(0x7f00000019c0)}, 0x0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcs\x00', 0x300, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x890b, &(0x7f0000000000))
getrandom(&(0x7f0000000180)=""/28, 0x1c, 0x2)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x890c, &(0x7f0000000000))

[ 1581.862996] device team0 left promiscuous mode
[ 1581.867719] device team_slave_0 left promiscuous mode
[ 1581.873135] device team_slave_1 left promiscuous mode
03:45:20 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(hmac(sha256-generic))\x00'}, 0x58)
r2 = dup3(r0, r1, 0x80000)
ioctl$SIOCGIFMTU(r2, 0x8921, &(0x7f0000000080))
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="2eeac3929fdd476833250a2f954907cca034984484b39199a4afd828857013ea194b8cf6052bce9e643a551459f35173e9f4b90d32c4c5e500afa0436b3323febb74f64f34c22607455d77d31c9f83806c223f56984cf4627f4dae91710db298bf4e416de8c4ab1d24d442bb367eda897d41a21465dd37b4", 0x78)

03:45:21 executing program 1:
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x68d0, 0x0)
unshare(0x400)
pselect6(0x40, &(0x7f0000f33fc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f0000086000), &(0x7f0000349000), &(0x7f0000f14000)={&(0x7f0000a65ff8), 0x8})
socket$kcm(0x29, 0x7, 0x0)

03:45:21 executing program 2:
r0 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$KVM_S390_UCAS_UNMAP(r0, 0x4018ae51, &(0x7f0000000000)={0x6, 0x7, 0xfffffffffffffffe})
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}}, r0, 0x0, r1, 0x0)

03:45:21 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:21 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8911, &(0x7f0000003840)="025cc83d6d345f8f762070")
syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f0000000140)='./file0/file0\x00', 0x8, 0xaaaaaaaaaaaac56, &(0x7f0000000200), 0x3000000, &(0x7f0000000280)=ANY=[])
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
syz_mount_image$iso9660(&(0x7f0000000200)='iso9660\x00', &(0x7f0000000240)='./file0\x00', 0x43, 0xa, &(0x7f00000036c0)=[{&(0x7f00000002c0)="3a3c41988b9925b2015f5297e51e12d5b7fc00b36e7f8e86e24fdfbedbf2ab3e91f0814fad99f90249bdc103177c325e66295b91258e7f7f8d75f53ba0502a9f4033b96ca9442471d97f892385f2df699b47eeb807da49f98002937a6df8873a0294b29802a4e0df1033ab4a1868efde3c8518", 0x73, 0x7a90ad9}, {&(0x7f0000000340)="84ad6154ee39c8e84349a567ca9f8d61f65a5c0bf45b2b498443d6326c1cb5997d4ffcbb84330ed7997a3905d863cac8bf3d75df85d2427afecd81188c7c8b26b1710ba0b4cf4b1a20968ad3b0c9317f429243b41a2cf8ace7f5218c9e4aba59274304ac57203c7bb2065e86097c668e9f0031a3b963a230ca62fa51cc5848ed5734cc8d2059e32c1aa51ac712870e8cc9da4303ba42dc9700ee5c77fc5522104732f3e4f2064a1b594b1971dfd66adb16d1daecc35f68bd8d83bf6cab984f799edfbfd775e8ad61c9518f89686e2618dd5b1cee79ec58144245452e4ce24c1e2083eaf2246307721ce7cc15063d30f0335aad29aeaf7c2d981dacc3afeba6ecb6c3a069b761e786df58b18400d23bfb1a8e3ae81984d53841b41589a0d1ef11bfe9e2eab866b86b669b900c74b2199a4dca948784b065928d694ad64ee28642fdf5b570188da5bc0ab6cfc9ac5e34f00faa916d07da0f7ed8a6c76bdc371147f0b1726bab847ebeb8b6fc611259c19645061b57eb3bb6968f35579a4871aa9e3b7939f325f7d56974027823317ac65f91a673ed249b6f3b8d55f19d2a8f1e3177125679e27e34c18b05dccb2f6dc108b70a1574383b8efa820fa789fc15f568665434454879b25ad5594d41a0fab95e687dd7b5afc50c49f63cd004428edb875e5096582f1178f23af547a581e4c86a31f63be7f2d7d28700a2c91cf5c519239b71ec9dabfe5c15269b666a84b203221f1529cac4488776065fe5277a3b728c26bace6da1862d1a5db28e9413c457e2f029842ad9716e92b4601b929fee20122188cc28391cb30a736d797d8299faef32db313b884249b8bfd531be67439ab89d71ff80a7d0c352c87e0e920a699807a24dbd67c7d6cd03018fe8697ec8f33fe541c2a08afa135011c83a30fe123a6adbb058bec66772d336f61b049fbca177d09d4628bd6fb690d21728a1665c0f61c4bbc771a5db2b1cb6ad927a15e9c6e94cbcb76c9574b74101e095b00563a4956898f8eea8ebaa7cbcd0aa1999e8e71193350af70e92f127ef1103e28b501aa462a154509a0ca978e0966c43faa3f4109d24da2dee3df32bd21914a8f360a02ff4765eb0fc13bbe999e6081202d42ca201deec9eb272aa51c796e94d96a0544fe842a8485afa9a705fa3e1da765fe37866da1ca88ee0e38a79817622d0d0de536cceb17bd8b6494c271f3028692886b1b2d244e99c70c92810705a3291a33fb447d85919047d080407dd07af63fa7b58f0853876ce7f42349e929b5d1c9762400a7ac94651f08da1b95b9f88138555375f9121704c6c237c8a06bfc762d4adb121620b4e03ccee8f37998205d977a4ff13362772f52499e4d3b30fa4d4d7800bf06813a3a84b0b4676597bdd22b001df0ea28c1de67e541e7f34f3db94604778b706222e937ece7f7ce1ae2e72aa8192b6b91a36cfcfcd347ebc619cb0bcacab1bb29912697c38753a79a210bee9c9078429bba629ae6d9143e627a80cbc32951fd8949c64bfbca08d989a2bdb7128b2a07e9ad85ad2ecd465a74862bf3fca156ea1c10f7f6068e32d439d6ce7e9f37ac5596c5c7934cc70e78e8ab5db6c4ba5c7dc9d093123e6cf87f697d46d0330656e1545fb9f329766b695711a74bbdc6b8274b011e73c12f694ba243a4c3ca983c9d6a3036305fb000e32d822220e74871391ccaab39524e252bcc5260bfc8d4b2221e2b21ec61fb60d452c8d6f727e474cd09eee49c2289b73bb1d8d6dc716654db2099e9dbb9c1c0fb08a79ef5d1add906760528558518a149a39929835d71816fd2fdf9e490ea097a583148b810b464e7d2ac012faec84e21037768577a6f967d21f2e8720be3a56d02aa874627f319f7c176491d42b2a62ed00c190f4cdc6ca2ad0a22f56e6abb1917b267bf6158a53f5ce35e4034bcd6bd2eb4306b34f673a49cfaf4d728c3bfd41ec91cd8719e7f023096870351e6556efa18d89070e4c84b37b4f7cdb74ad6570442d74c25318a7175ea0f53aa2f7099770e87a573342459f1c3ef2cbc68c770bdcf50b2b9016527a527bb9ac5123203e5b414ba8c0265a587b691a7cbe3553adee56ca4ab1d4237b3ae72f27ca269315f59087eacb6fcc84476c6e8bf7c72d0f193925cf0821df16f95a8f2a5c5577ae399dff45957a6eb2d7adbfa9d5dc91d3629b6745e6f97a214b32ac8cd8453a19aa5d8c2f811e7c75f020e5abdec038f1b50b4d058296617b76c87a92673493d1ad4d5975428dd32b9afee2e6f2ab5f55c99421d86d84cced586420fdd6628d60bfedd1fd89cc446e2c9d05b238ca89cc6e9c00b35f6a1ad35b382c86e8c7b5a051aa7a968f9d11abca3217ddc7614b7e98ae49bc9c2d25184fe00f387c0246009b209e9c74f49642efb873e20f089e52fa2f27446da1e307ae9c9f5aaef3cf1577c4defea5556fbed7cbaf861d39b2aaf337ae964d8702f761ac8d004c452bea815c5afab020ea6976d919c68d81bb0530694b64554de47c962fa880828b81524a6576cf53d1f8821a5c608b2a6a8850d15bab73cca80c3a5c8b43e38c289856fa6e98f491081a5dd36af9cb42e68b66a71acf0b76ceef1b643ae30d47527b557f22d3646bcf486a1a138317af76e51d4b9daa7452d2f4347e1f573471074698e861caf8f08382fccdf7ae2f9d6d0810754b6fdd43d74a6f2f3e98f2371adbc143f413a6acc73c3a02e359eac03e98e048c50df9c72e1a280f5c074308294e4c3f29a317826757f6ba7e36f5e42e93c1271717b427c8e96577d4bbbfaf7ada899500e377aba7ebb3b6fc0f2c96ab34bba6444bf7e6957978274701ceeb732854377c3ebce3d13a7e47de8802aeb2b67018f51eae125737480a6c14bcbe96192ceeaac07fa69bed01bb88fa6f0df9965e47559006e6a54c4afdd409b1ae4aa9e4921d036c9a270087a476080119dfd586adc5b94ac8b48454440391c4f1d6fc80f62e059b7a43533788d2c5dad57461958fa5f2dc854ae642c5aa3ee06c26241fbb4ae23feec184cce13dc82d1002dba9334fa7b1f26ba4cd2f79838775d787b36d017af1fcc04d3a8f14e977b26f0c90cd91f9963c0d43b3027d76c01f530f452da23b4f879a5ab427f242faef677f18e16001109b4f54b05adb7b0d58718e53aef815a0806b3615037c86f3893946492696b342e1c67b46ece382f8f44b4c866621dadb94f74143ab3f25c82f37f1c1038138dbea08e98a5e56160404f4b25290b79292a2a99a27007d4f23c55ce8135b16ee2e218aa29b9d5be3a863dd0f0e222554355c55642416ad5a26ea61f59c1b40b451f39d1f62343176544644ca56e207bf696ab21efb2e5eca1e45addc2ce942935ae95ec0e9663053476656c6abfa057446ae7dcd009e2535694af577f67a67beafe8fbfce15824215455a959d617cc4438ba0cc878382844c66d003d2ecd3d0df1bfebdcb174722230c92ec58cb3a0f5656585775dc78594253605715ae3d8168e227ccfd8d47e26b30235ff6779ab59f2931e4b21a8080a197a6081039e1ed55878cada66539b6ebe0e64fa893d393c60091e007d2a45cd42368c2b944c731aa20aae2051a0b3822ef27e8330eaa698bb4242fea408954bfa3298b6da69a76bba5a8c0f11fbbb3dfe9da0e67e143e8d9ad50c3d5997ad8779549899b6526e1d3bcbd5ce8b6c177b459913b52d195afd97232d1b6640bd332506fdb5e24c00b5d2c1a2fa2867421a88b55fd9cbd7aac139f6d65f7c7260a06041fcb50e018b0c5aecfac8cad4a7d6e4b4f4d909137ed358d6e883a05760253a342b2f069bd0160ced3e610d7cc9ec369d6981345dd2d88735132364833a4df7a52bc35432a67c7baf4cc73c070566014b5b242ca5c618054fa749b0169dab37b6ddde33b7205c4c5e38ec7a9a2c907ff00213ef05190fd219c5056a7a3d12202e1bf5c81b37cf796d4cd102fba006ec9646d2593788c3a23d64634843e2ad719571966591ecb6340a96f3597f84a2a46cc1ec64d37f48ec2591a1128e82afc638e4e90c15c8816e605053293d1aa57bc5a11fffd72d49b2330d197aca91e0ab7d8bd4b8ae5235e7a00db879bd56c23819b94f459adf93587c5bc9fba5b666dfe59d7235e1c5d8e2c49972fdd75509033d510bd73455c169b0501fde782ecdc145a991f44ac7d0c6f5f64ab7d2ceb46c7ffe82120e5b3a80bf0b39906b46e732e47a966a76f02dc2e6f5fd8995d782b34e6cd7be5aa7ec2bf97c4c66623d6fb1f6c3529f94637500004b88a1d537f201e010b3f6fffb59175927b024a3dff3fd7f2e30e02c120acfbef5767adc9d6edc4ef3a8a968109c35ffe5aa98888fc53df107a1b5314d17e51e0c3d38c66a96afa795d91010ebde4a5255b89b62899d1d04edc48b82a9d8c0b700f7f5aefd41be2b336e274652288a8c61ce7d6f0a5cdb07f0356b73f2cf5361545eb92d4dbfd32a01bcbe5e470d782a9fb1c10e0951f5d1cf94b9ed0699ede48b6cc5b6e2b50480cb1c86736e60aeee02f30aaa5ece5e9bd6075d4551918d3e7fdc8bf6f47467d5fbd7aa4e475ff3f4105c8a7405f3bb6934e1cf13c32efb23ba33a1d385cf9c91be456d15372a239846716fea3538c4b0037ad8496602d825c147200e392223a5d0cc651d67bb4ce983ecdf01fb72262c10174fc615084755ba342ced8f16906701628eb3059a3fe2e159fab42a9513081247da4fe58c4c81c722b29eee9111981634467b4a52668c67bc53d571a14d8c86c891316d373d833ed053c7f2098e1f18dcc9a4917bf186bc6a7233c11d6fda21fb895e16cb96d75e64c91d76f7f321d94a6cf436940cb8c59ca19cdabf5544c1664daa157c170f1df83145b1adbdb6bd34673835f2bf7e869efb4866a9ede869d8324ff4ddc1fe412b30244fda94ffbad6df8b8f04c49a58f9a71cd69ff1f2a9b386fd842fff00ac8a19e1363e0d75b97a7bafa61caa56edb5d9583965b43a04f32633ee19eebd0a4348c5f4397615bbdbae2e0bd0b22844a0bf4fdbfa67cd36c5172ded2db142333bbeaeb567f225ae2225ab0096c8528f4b9f73d4c2fb0afe6cd97ee0c78035e06beed136dde480dfd0a2813b1086c8cd2d84f00d9f88d4eab5c8aaf14a53b21508928bc872825d407cc88d8a84906433637332baf089bc50f909dcaf6039e7fc36470fa19e6c6282ca649afb4bcb7b82f6ec59e3b3e9fbc38f7cba0b1cb218f5fd620c338967ea1ed177398960cf6dc7b85bbbe3ceb2ab7a48b71010f6a9c0767b4cf88925d42157901f84777f6a22ccbe9b3b812be284352649d15be36618f81226f4dca9caf3af6812cd0afc5a9fb26d9922332b0fdc0972688148940036c3b26cbc0d3ee580578b6795939c08f0b015eea79453d54d1d192100bf980e3105d096b4c343cf62a4e1135f8ce121c29fbeafc4a171d127077d36e9d9fcba8286301f25427154b9506b8110a9045fc7a750552409fa8de7fab71a088314364710ee3cbd12314558a150d32f653d34d79ff5098dfeee9f92749043de96d2da4b98605003494b578a1fdfac0e76ef431a40f6eb71a5b5a67faa5c1a4a2747cd929d3494dbeaf44cff2f090bc60d72a81ad549d3d4ad8116edb3af03e570c6e30e3d1a804dc472eeca8844ed498b027c662be8af0e16f8fff61ce0ef354f0d57c88796dc1132744dbbcfa21b8066689b2bb59aae01b432ee8b59fd13284a220b7798e3b34ad0f0e1cd1170ab9e74081386d5befbd365fb264f5989da5c73559b491ce0393e8128529023fca4b0058432672b", 0x1000, 0xbe9d}, {&(0x7f0000001340)="988f8ce1ce4cb8a0e602aee68aa1832cdc058453a7385f89598bf7ab58ad769f702a97c16a0bef154a5d7f1048c3a9e625d9363d7be7d03e17b879fe7b1db97dc15d177f67125da3bff5f0144db59a3b44755e24699738d424c5445655f6f85e8dd5f72523852fc8214f8936854f4cde565aad109bc02224a27b73c937b5f8b3fc116025be2268d59b4730df576a7b3d8e69012b1771b04d3b3d4d2f3fc391219daac4e9799c73f750ac825b81c0807aeb811b89d9bf73efbfc41c6f104b4b5c269c1981912817a6e28b1c1c0d5dd0369d89198fd330f39e9719829c5c16c880bb941ec9890222b784f83a1c7de0780d52dcdd786808b81bbb6963ad88b66dce00946b9c2a7952a1c9161ea8e5e229f8e994e92b933be6dbd311128beffd0905757105ba175aa51b9697717702e3140c330d3288727ff997a99d32cc2d61e4aaa5bde868424b7e84015b88dca35c31180aa27fd91f26c2214431c6171bcbeb8314402fe1aa9ab65d169519fea6c17809079134becc73db53d21cdc71313d6955616a91f4218afcdf36d3c0cb6b87882819394537c4b32cf5d48ae6c254e8ad59d360444dc378c1b4968695d74e1e70a0978ceddf2a7088e59c06520205dedacaa1324ead270e544fdab4111c9f1a56116998453357dafbeb5363a109d0bc60b5a7636d27cdedb0406309074c25a103120cbd1184f471b230cd7df730385ed0ad5d6033a6ffffe4c94e2fb61f7c2bd2ed34682f9651c5285356fc05aa02e2f551430ba060c477ee30acc4f3e09c60a8a8797e848c90d655788191bdc0d08cbd707f88a97ca552b93819d2f0c2f0290695af29f04f93ef38ebd8b79101f3ce3bcaa797844d26d8c6a824f31751b99ff8c8889894d61a0a240fe80d4172ab1d61e8339f539fc9bc8925b1512c2534da238f2e98a70ddcf1c81498b0d23ce92405498630b9ad4a2156ecebc49e3378ee23f1ce3184aee4fb4ce679dbddebce467cfe758eb211655a38a934263cd85152bc31254f43ea6e4933f6ca4d7e48d197cd5222cabd0356bfb097328342f9734bfaee1fa88e85997e3bec7db0384610b6c2a0bcd0a78a21686902dd50d878f1b9d9bb2f78e90d6573eea48e6a9fc76ac788f88a4ee9c0bf696b0ade72191207d31892db5c9b7390b71685492e6050f665e0633c97480d8fb28dda70bbae3ba04999104d5c0011845d6e74a17c7f78795df806291ac61bc9e5900202f66077e41cc7245f90c318890cb39ab9377e074ec3a46e398e53ab30bf26baa659854455bf2994f56627c51ec35332c3e41e5a861985c94d1600ea585a75ca6f208d76981b3c10ec050ad8d30c439a1db1dcbaff63713832fd132f499a59637c93d984ac464f8390aa4c7e8540ae0ac610976d15bba81e9bb74364746a296aca8b19e9d059c0e78c680281b682b58421194697e121a5cd4e64f552fd5a32d273138887658156592daab0d2faa94d06092f52de57cc837bee7e26101cb9c2c9599f863ee1c1d9f290cf82409bbb55bf6e807ce9cf6889c0f64884696141f7798f517b85f1f978ec214e1c3d7e41e35a5768ece69970f6f770810300106927bda3589cfba34b4b2d6e59b118e0f138e7fe07a06259d96e0a30fff1878f773d5f5ead171b67f66b1dedbd1be3818637a74c641a56d01330a91c9ee2cd18d8fb6c04b3a70f848daf34f33d6693d991464d8101228045d4e5e4a7705330b09ab4688e34039659f82cfad1c6d42d3a6da94271bd0584a10d2e8323e349163a0e665f5cf336cc48394bd6b643c420563d7fc11a9dc7020dd6a3461845154ca30c6fa048c04cbe85051373fed312da4e4a41acad50fe56cde17fcce8e0bc152c3353812c4508a33113fda9ca3168945a4fb08d16d7e857d6ae13fcbc4ed2d8ff4b528843b17aef34c956a86885cd1de79c2d752ac7988b3cb49a34bdc9d93da5e744c0aa30e1dda0732c2670598e6873ff0eb527421f07c32b44d57b581a70824bfc1759181aa835726b4967cb73823ea5fd868ebffd0e81485aa8b535cbaa960e60a862fb9fbb9f6a237d061db0662b874c9de9842c216d7c93d84fba592f796a944844e278069d0cf844746b88dc3d64346ea00c3c5159fe666688247205ec60274f9cf7025b44cba224e94ba968da8e4129447b4ebce5cd0398edb62e1d7bcb07efe1a813601e49e68f4c221ee859e7a78c52257a4c22f73d467112035b74a8aebd4087d4ab9c1d650f76355e4156da3d1a92c3b31d5fd93199600e96ddff83b97a192fc1b8b196969f64bed0895bb4cf73a189485b11da96a50d5ed7cb781a6fa188b24efe0d930ec8df6e9bd4e7f2ed4deffd0f38a923ee1aa4966aab2236c86855ae8100c89c1dd5a5fd98b52bd70a6b98d501ea10bf326292ec35d5c3361f8cd80945ef08f9357cf6d17249ec7969b8104fe1392c966193fe091dc1cf5244f0f5857fd06db8a9023200d33920b251924fe544d2e00b17284466f218547ac4931cb728a348c51b5423a308f38b230774b4b64dd26e7575bfc3cb18c140d6fb46ddeb8ad24a9402f7d6534a08aec11989f004295834042d8e009f53cf830e4f35c155bcd4444ff10e0c453f3dc81eea1f7b450c76b9cba188f3c04c9950bc3a9a0dc890fb57aab0e8dc252eec1a7f44d418e032ce8e55ddaee5790b7495ca541833ee48cd61244d95791f382615b9c61cf187091cdf8c60f6a89b83c7073a741a93f7a1414ba7cdb84c0d2bc4fbd3c4df3f3d0657afdb99da2378d698007d604e1c12c536b367689be75f091c72f1ab4954719481a3a32ef245d00f1731313914e9f12c82ac58bcd2ed8d7291c0de086b33158c43fcb18e255a4c7155851dc9abab6a8d7a444b557ef4b8e831be5101525219c6a9eba36dd089ee4e9f02ebcc6a6f5372ed3c92f27bdc743243488d73e4ca090cf74ede6d51b12f82c37243095e6b690ac6652d49a2f9887b9133b87cef42fda716d2abb579337f4b2b9ef06e86167da050425bf08bd39c29262891e67e155b8575c95b439d9e0b42aab8226e267c2b41511875e529d10362645b3d56a63eae3a6bc59e6abfa77c7aadcec37607a4c632a53a459cd72c07ddd9a2455407dd4715001a7d402ec6e2ea2b47b44edd0e01f6b8ed457bfd99f401314cd0f101d7656ed6104a0d75f9bf2b8137e19234fca36fa115b16b0d60e1a4f60a1f7f2911f82ad6a69b736168573994c889465d1ab41554e019863423f3019c2d90886280ac549e3976aee76b298dab67dddeda5b9708cea3201f64a2fc383b186ba4dcb9518d9e839e26f184fa3502958c7d696a4ad979b0f8e19f528468a375c4d55943b03bead27c558d08eca1d00bf84b99a76aa1f0dbeeffd81d3c72d64fa565223d644f0fc5b71ab456ec5d69fc23d8c4699f2ed00acb5219f0e813f16bd2ab5f2aa58475554504e5c825d3e572aa7318fcfa837ebab6ac7705e7ba43cbb9e3f24cb03deb71dcce8f9778a02d96dcdf62cf6e426dabca651d53f5cf05ab8c8966be41cf850dcbf46076a56897fca1e824f02033cffa5ee0869432e5403bfefe84bc05c04f2e75a814a8e4a9ab307e391221b239767d7353bf6e941c34678c68869b200bc43079f4aaacf98b021a8ddea47446e30805a11195477446ff9d1327334bf019ac71d1136534b1146a6c527f8dcee6d33af64070137ff78cf6e09ef8b07ef68dd52a3f1e3becc4daeec03f7081c3d02b7f3628fb4945f01d5f220d4b9eb26d148d9349bf89c76bdb74c21c10d576af518ca2b833f729892fa6f67007a2ce75967cae781d034873ab8634753017c8356ce9a29ee8fe6e44b6069eef9ab515a31056296f30e0f650135834393ffa6fed007f476267a22bc09ec9bf7d5bf4be55e30bc8ee670428969f872719b30691ff92e7faf2f4c564d909c3d4534826d32a8bf86d641d88030fe0b404b105a24beeabfa95ca4cd41b86be4bf18585175a37b354f3bda11aa258c064e9b56a778792d8f90aab768d9fae2ad8d20b8fb60ae21cf35213170b5572f67de0304823d6ba922e5eddde7447d8a71e89eb7c9086f8bc79d569a1d96bb88c548027fc1264944b6eefb173412fed60077e49a1f02d176e65f6e4106673d39c853c00e7a735bb3cb7adb3ad618500a7f4e066f8ca26034ed42bc8aab8f25f8bc53274d971eca8ef47758f177088b116214a0ace73c704203e66f82cf1ea0f14c2ffe9884220b793eb4529484d1c692663fe9a5c7d5ebffdc6376116be8f882a9bec9841c493ec25eed71a0758ec3b880b59d279ddac1675e82dfed7bdeb37bf7c6e486b442056a945ae1adc226fbe53ac6de8a3525288da1cd66359e44cbcb45427d0e855859ca45e1e59daf510715d6bf0721c28b95617e5c4fe0ced330745267aba307fd63db11752339aab3e3ab3317bdeb50428960ac1a406f18759f084d89dc2fe9d42c06f39ed29290f6d88edf3e0e9ad973270597ce7e45c203abbef7b955dee1537111f7407087a57dbb9d23a98643432974e68ad88c119e212996a13465ff4c7b0fa3e44159bdc29af7e566c632b2458687a7d1a8693cb0334639fd760ba8b9143f2845766614272e2086e36cf4a873bb03444273404b20fb9f7dde97f0f6fd22daf4b9f7e6a593f47be2f210bf43a0f3a2a69d366f41e50cb98c1bd808ae9421318ff188715fc4502a13e5d6c08fd81e830add3b4defbd273831787e6ade2133f5308217f3e0685a5eb8574d282c4a6ab69a86d4c865d028bb0f98484a378ae284c3d11d8b9c470c63ccb1a7ac3e003aa62351f7c6fbb9ebb1fefb8e3808000f3d3919f8cf0db0c0e173b755e23da58d5f51463f78f44cb672eecd6a94b6135290b6963275d72fbce6593c1862413f8f8530472871e13cfcad136b26be0870aed2a7dc68a673660bbbab8f4fec2ef7ac06c7414aeb67448e23bd2d6935f3d89ecb4e86dcbf9d5faf1956b1e2002abb9a9b2587a3c76c8b5457e8dab37b7f1bdf7ecebf1dae265371060ebbd4f78d996d67b84766828224b9fd3846196e56527b72971de637e65a701e2ba0cc74efdb14634576611b306e75516643d47f54b1e387c1cf2fcfd2c173b99e61622422b40d23d1a3f8396fc950ed086710c14475892d0577f8754df4a3e13bb5357fe8124c49d346b10af76afa785b93962e508015a53a8e33a58922b5c0ecb5ca087d3d389cdf06803e6d528c9c26c634646795ff57a5433bcd284543cc599dc49c5731a8b41f02e62334ba502138c0e7cb7a4ea35aa6a56a522ca520a7e03b29121e5afa1f7ec21cd7cee8f50409356b7fd60323a2fa6613dd8c5e2d0d02fb3c041f770f94530d052271a0fb5e110007b0e18e3cac9275f83b7cea36f18b9250f6bea890c5f9a74b3f4c578d17b73321d433f8a9014c099124452d1c9f540e88dba3ecea23544f7722e82990aa1ba1bc753e041a4ca8cbec85326e8efc34d3488cf30fb527ca351f6ae0ce50f19826525911458f01edd99a9dcd544543df1926546238282fca4be74a6a5aae3ffd03bdd4140953dc4b6bb800cf57851e6e226426066f03208265dc2352b05ae7496b10a829a122791ef6fa6096b7a134e363ee60bec24c89de7a1ba1ad50f04364a1e80c2739c66c952c9e726a411e2ce2e06d15dbb4e4d6acae6c661c08571f936e7331121d88332977811a889fda68bb6f179915536284f929df082a32d11bca6d9fe2176217b63a9582dc422e87449a297258f061036cf3baf7d97869975a6ca24069776d7b4892525dbe95480338a6f72f50cbefff705296f4f878d35", 0x1000, 0x1}, {&(0x7f0000002340)="442a838ba30ff14829732e75c0da1d730d8af3fc45c83590096c677c6f85eb798c27e73e6e7e345ce61d46fad7d2ddff27ead4749445c2cc277517d89e8877cb6edbacf4db083dd94da78d9e0c988adaf286c9942ac76f87f44a8fb524291b8d7e9f6d4efa235aee4d669f948ab8f335c36d5041d07205a39f794a9ac042522d637ff5201d6ff599651323c089a21c02e738399b3463795ed64c969c0790ebd95e15a1f54e043f598c1d933d56d76e06e5aaa5739a9a5ee6d152bf12effc37f2f14ab07c824f7075d7e0", 0xca, 0x800}, {&(0x7f0000002440)='bl', 0x2, 0x1}, {&(0x7f0000002480)="fc01581f4ec97a3cbba126e1d147e9911779595b45eb4717cfa0aaf2a1ca78a5c1c6e0276f", 0x25, 0xfffffffffffffffd}, {&(0x7f00000024c0)="47156a5d053c4f8b15403b3d70b35bf5370b57df553f763ce93556d8531b5bc87f0334798421a27ef0d503988681b22172f9d5b798ba2df4161d89b7ff950ea78a149df16a57c12c42b59a1111f0ec4e36bf72584847b9d3ec6b1b97515652f21b9570e30eddeaacf94c89d11b10a0f1d267d45c8022faaf49088eb38b2dda7a4fdbe7f3b63c2c268976b0e67b99df91159a444913f3fc66e35c9724fcf056b5706ed7283279c24af152ca911dc852103a6a5e3b912aee605909190c3c95e341a4c961e5a1f551d5072417bae7971d3d694584dc163dc81ab2120ea3ccb5367932308a4cf32a07297c0a17c7a68588ed4291cc5b8b4d608c6d67c4ca4a6718bb9b2ac71f3077b75ab9c58c6748c13b57e9ea427b1aac154ead8c61b7a1190c89ba5af4cc29f7d69cccf0458ca78fcad95f069caa1f4e46a91667adb721aca68e0bc77a0942082d2201d41d80bc28045d2e1749aa8d352b09f787e01d9cb5ffdd966033a1ce0922d646f9f60f93971e87822401d8607d62d5268573700f898fd44db8841a5758f4d8ae71f3622720739c467750ffcc55c4a4f2f8525cdb57a11c6a6342d1e71f8c8640d6e361b926b7c53d64b967dd56a3ddd86ff137e018ecacfe87d1fdd01be3e2961d766a4e0c08e8e44343ab7f6238a3036ba40cdb040713d6cf58a79c9fe0e51c994b483e0118afd8097d20e8fbbbf303db1fb9bcf48ac746cfae6098e225cf9353126a3ee50176a26d7c86322073ef4daa0f3ce3cb10abccc0cb3525b49cb4c0ea8ec42432259801247ff0cd81172565462c012ece719b204997b42378aa8c955d7e7c57cc9e4758846c3bcf222f9c7840cd4d1d238f4b7398754fe6ddc1414932c451d1f7ab36e9ed3f88e045460b0c9dd14a2aef609e8bb79e86f903fc52aa291efaf2c1ab02ce23701dd5844c0bf63728f2f735c7fdb1e369ba568e81075a8c09644cc7a5d8dcddbc8b18a0f378f25c6d35b70b18d35bae47c844c7039c2961410d488009be14d3e3511fcaca2cea24d00297298658c4cb37f9e8ab88c21ab35220a5ba961dae1a196c9b9806c342b3be473894b7881daf31b099ab46ac46ce6c3d820f05c431a40a3f8b87437fd8ac604eff2126a54003521e7c84f57b146464f7d400087af0519de173eece4fc7cf8d5a7a5aac58c98c71731ad5ab932f7d0ed386b6bbb42ceda42302840518f35927c9e36f883a7220a39db2877de86105a7160e597b7936b5138ffbfb2c6fcdabea656add806690ddba6880b7e112fc522a79daf4c8c0a42861bdd53fac12b957e040a6994fb6c9492cb22502a74ee013b8e51bfb93f615fb8ef7f08297788e3aaaa5194ba53b390f7f8a943a773a72e86c01cdd6939bf75c86a845a69d29229dd15096d854577798ee3aaa14a3799ede86f8230ac6cdcf14ca044fac507aba6c0f2d7747d60180f0ec008b281f469a2615776ef05af4edd7160f063c881e1c38064c566ebc044b03a2da5a6e69d99c4f16ae5b070a0be983afd180b528f9e6b8703ffcdc14df4a49f9398153d4eae91217cc5b9309846146ac596fd6c8af6e4f37cac7107e0184db4e3d052753986b06c366aee5e62aa7efa7d6bd2677ca9371428be11f04483a01eb394398afec595b6f0e989075828a10cd88ea97dc4758285358474b90e90a3cdc85367fcc426f38d4380c45e1a83a3584fcd5559f208fae61d609ab47068e8a4a74d4b1c3e1ab538b7b9dc4828e2978985fcfda4683d7433297f02d741f5396e380ab42f847524098c41141da237be7b5c3bff71f99b1c7d17e2eea0877b039cf2192d0b4aa07c4d05bf41c20b3de3c7b04a17fa011a3085bcc8387c3b5a2359f5ad709d9b27f5d454fcc5f2cd0d72f54c2a5259b54fd6c52aed8e25fced6217c977d097742ac39d816f992f9c2f963b595d28717169ea7594f61131c273492f74604b5820f7ddb8db9dacdd5b0a58e1ad9c448a62c45cb55c287d48b262ef90d235ab3a18b2ef769178cea9af599d7e35f2812e776bbe7b6ea6845e83f0efb84e85d952b0cc467fbd90f0200bcd7af5fde0a3c98bf9b9701b8a8948053c8ded33783523e012536c46f2f84247ebca21946700021918c95b9f6581d2a136ce3e11917b1ed42d501bc0c8cb9ee1947b553b8c05854b29f33813e5d61f7a36ca79adbc5664500ad69acec7ac1e01d733f30bfa42a4943e4b169eaa79a575ac25ec70f3f19b912fa100928a21723bb1229dde5017433fb5051addb2721b7a369c56afed6489e3932846475b99eaf2fe2a125cc44cd8332afbc664f5ed0937ab2e56441bdf2ceb13cb31fc840bb0709fe4ba1fd838dd39f478427e32896d121b3486975482e21427c5c79b0ca91df75a9decb8dd982ac88439e3665f3a0c9e53e921164b3fdfcd089d3b3127d72c94986bb55f3be2644995bfc31c3ea8d03849725ec65065ed503c65ffdaf9d8ebf27426fb5905efa1cd17267c2a68f34cd5f80a8dc5dde20ed7bedfca35287ce9fb5243a6bcbb0f3f8466b285a03581ca2f855243a8a388c9ac4eb746c8d843e0932d9f1a370306586d4ae0e3fb698c2c86fa7bdb40471680bf496702c06ae2a2880d25bbe97ea869c91562da7fa5617377651f5aa8927fabc863be815bf1d0144328b1e8929f5f6e250000302925fc1156068b1c2b79cf9788bf680185b6c7e8372b72eea06c05d0471b99880a34f0370aa3e9ea678075d4053fd8cd3f4435467a850080a0f9ae3821faece0b5293295fb6962676499650c559c11cb430f8ec62c349f428e3ebca139b78e32214259999fedc7d025aa84135c174e9b60c90c03da913b2ffb1adac8a1ace1b21858429b5ee2150930f4400864bc9db7f4e912a2966366407046fc697a962a3e70c976f0daeb1a823c960dc00bdad6702690658d97aa7b50345c6d04c365cec2c14220492d110ac2927c36f66ac0b727e6f3bbd408511c104240592f9988a4f668524d93d9564b474d548d7c87292123a33b345307e2ba5ad6ae27cac5bbabc27732115a4b1d926f94f8f3bf68fbaadf07d5440df889f987067e1e63c5c3c606ac0f5c3d846d07e3e2a1f7a70fe82c3c122bb72be82d41c83a7ec3b5891a4ab68fa16faf8d06dba07e158391db5a41343c4f042594257bbf2bb161a837416286c12018b6615a8ad35e5d5ba7c504f97ab62d02da298497d7b86e87be07d469cccdea361e1f0f17d2847dfcfef077748ccec16649e5eccedde6c92f088cae9004172ee5a0f68f947c8ba016c96207c16b6647f60b99469079be1f0a5755cb9df2aedf60add719f941a09a39bd41295599ccaa3e12cd441c63d8722e041d914cd190da3081cc12ded1fe344f20de6952da1ee53c48f62cfd07f25c9401d339bed169250563d86a3662fe6f67d4197cf264aacb22a477ea27d962ab41610a59efa64883f1daf8746539de2cfeddbd2cd696719ea1e44aba28e1628b0bc0bc62b29be183af2e910787ea5aba1a8c19479ba6a85fc5b2d84eff6e4fcd73a8a1db8a7a6a38606a3c1f41a738fb48fa679f42e83d89185fe1e4393b3f643d92b36e9cf3bfb6640d8e137eff582e329cfde0a19910f330a0a31f8fc8cc22b62ef9dd5829a6015761b3485423675bd574a4ae69e31395f511d595c212bb48515070e039f2bdbfd195e95116c6244232666ea456febbbad34b3f0239e45c8b62eb6a22eb7de21f358cf4e24d4d58187a82b0ab5931caa38cd6f532534f28fa9db9c708a7c3a395e6172400af399e001c9fdcb9b9e561deb29d0e53ba7abf6b743b39d84fc3b6cb044fc582bcba5599a1ac21b181c699f4580a2c1494b78a274c886652234ee8bf328b4a86016645e00792e9ed9665d725d6a7114b526e988274e047b50a12e8c9ba10c07aae8457438cec944cba924fae4658f435965825576f0ebe2da5eee799c6acbcf9c81bdd371b3d8aef9aaf2f66d25c3acfdba96e2be3bba73897214a70a2bdb78ecffdde4fc481793b119468ba36eb873f078fd4d8f40cb607253b032c5c667c6069206016f016656a6ae02fb09a0b2a8138cf24ac004a3ad87114d8e1d8e24a56d4be62598a5352eebfba3f58591b79b3c024068721072140bf6050b054835689aeeeff4fb3ffc188640e1ba9917f5dc48a6d489857725b7aac58b4d27c89a707a56b14f928b5648f720c6de4ddd183e1e6853c739dcf4d6e9312a0ca86241cfaf682ebd9582af1b93c422424f828a8478e03b2d9f1eadca8bf0f9adc89bf0147be50cdf0568e5d4a19b4de0b7e21fae844013fa8a4874683e2f31631794edd597f647514251c3b94c4178d997e0166d5eb3aa6d8f7d7904d7b7c22ce857353b2ba365388b7fcf342ef4f8100237b0ca6fd0fcb51e8666d03a57bdcd914630ad8e6308b2dc36b9c08ef52c42b7c3e4ab59ba884adb9a374f26e1aa683ce182e997080fd5748fe2adc61821819928c01da2fa0e118787430ab0865cb86ca0c63cde7277fdbfbc5a58b33c2f645d22a1918ac6a37409034effb7b11cded3f8ad0748aaeaf8b0ec626a2695813881dbb9be0fbf1f677d492d85ffd542b9361d2c3d12f4eada6f65e7a96906dc62d917b56704a1f7d79831f33998cdfd80a4c2c3947711c03df69ce94868e20de4d699812cbc27dbc323b8056ad0dc07fe24b33b4a7a299aae154d648c84a7cf77e3b95536210f99bc1ac8b6e5ed3bcd6b014b897684c211abe7be1b536a35292096596beb62142b8d868ffa20d55c8093b10e3e5ab3b5443584e8cb31795f51a133208a8a1210b87ea2c818941f7d6fc9ad8393812c168dfafdb34931f918d7178dff8d7fa42eebcd112e036c20dbbf2cad74a0ad1d7fde0b5a9f1bf424f711ff272414b6b5dcc0073d8b1ccdac636ef42ac4e8a72491c71275705af5aeb9ad257f85a0c0933af5abfc5399e97c74249fc7a680260af5e4b70db2771980a2cbc74bedb96840535c5cebe17af29f6f11e1aa0f7f5056f396f317954a797a798797989a9e0b3b4b9b46b51b53930ef32f34ad710afb836d766e4f7901fc8b96ba55dc3df25ab3cdf1d48a09244dbdaeb477da2589049f4fcc2e3ec9e449aa0f7d1ced8bcf0156c0f0b0c99488a74363e2f2bb876ee7d06ef331f56c649cbb223d3776d1bdc39bc7afcf7df8500961abc3693520f621815961fbd0658165d5975706a9c3f1f234d7841d7777b820e9bc45c06fc33bb8230a66764ce063316018ecc1635d3e0f7d1a35fd92c06f564ce1c4a24658d2a219bd8e9c3df74babc3d8a626b80f6f4262addba3adadbf81d65822e907016e38c9a310693ade0160019df5bdc788c4222118076b3f50bd279fdd5b3768112997dbb8501c18463a2d2ecfd36e034ca10a16f967a0f76694012b97585b9045a1e6b526444c3317867a298f2cb010662f19baa2d5f4b77dfe01d2cd50f172087b044e9da8603971b28e539a118e8e8f8c8da69727656031037c17a89022dfb020461317fee64db3dcf1895148b98c3cb32a0eac3217e9fbd63479c32161ebb21c37ed3575c41de184d5b13023a6238b5717301a157bc3874b6ea0a2025852333a76b546826bdc93ca235613dcdb1adbae9dcc4f97ec064701388ee1ac9ed0a2b7f1c4c24fb9e65df2e9b59e82f7c2d0e2e4b2d13c3165568b6a2932a153aa4c909c58f0a7d857f6dfb999ae70b0e895811366b57121983d4a213cc1caa3316735e1a2ff24610b5b45e11fb1dc835c7cc7df749bc08ea73413e6919dc3fe33ecf4c59bde0cdd10525b43bbd9bdd7e030063521aad1409fcd0002ef4d2ff457908d39", 0x1000, 0xfffffffffffffffc}, {&(0x7f00000034c0)="7fa49e959bde2b71bb57abf99341b36452fd657bbc9d0edfe2813d8a3ffaaaab7ef59f3f28bc7dbb5b92af5eb302a147ebe4b985f62b97383698841a8190ebf862cb3418fd9edd0ccf04de0900cd412f428465a8fdccac90f667fd495445a8d0f67e1ebfefe322349136a5f74c00643a0d863906976288c27f0cc0808d596ae4bd5bcc19226f8d6552b87392ccb2366753957807b818", 0x96, 0x1}, {&(0x7f0000003580)="0d96e6bc610180394b179c3ec474dd0e1e4f0f17c975de6edf73244ea51dcc2bbe02fb6fab3a28832d007077b3fbd7fdb6227ab191c3e35322db2e1ee09c0338fe86f3e0d6bf37c47c0da22f56727681ba8bcfd3329bddc2c4d94f68d0d832140c1ea12e02a0e50bf77c1bb3ae52170b9a326456365cffd5fead08c34c74a8c711d97ce19221d1d47f083f18f6dce9dd82a58fabd7154efad06e5e647182d6fb92ca881c707b116a965c5ab1f2d96d79d2fe8eecca2f1c258b0519e25b6cac3e437180d083dd95f4368d593a", 0xcc, 0x401}, {&(0x7f0000003680)="e89e0e409ea0046947a8348b4400dd55c45ecff293d416b3d02b3fd76a882f9f5d807c2d04", 0x25, 0xdc}], 0x8, &(0x7f00000037c0)={[{@overriderock='overriderockperm', 0x2c}, {@session={'session', 0x3d, 0x40}, 0x2c}, {@norock='norock', 0x2c}, {@dmode={'dmode', 0x3d, 0x80}, 0x2c}, {@check_relaxed='check=relaxed', 0x2c}]})
r1 = open(&(0x7f00000000c0)="2e2f66696c65302f66696c6530f0", 0x3fffa, 0x0)
creat(&(0x7f0000000180)='./file0/file0\x00', 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000003880)={{{@in6=@local, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{}, 0x0, @in=@multicast2}}, &(0x7f00000001c0)=0xe8)
setsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000280)={@dev={0xfe, 0x80, [], 0x16}, r2}, 0x14)

03:45:21 executing program 7:
r0 = socket(0x0, 0x801, 0x5)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10)
pwrite64(r0, &(0x7f00000000c0)="06e048e353c9acb4987b7cb570dd21486759e4f63995aa02f3d286a44403776ffea0bd8a12cd99c251ce8f1ac23a0377486bd5aab69b8c5dda44c8830f03d8c5dcda7d39b378f08b727358dad8fb5ab8b5fd63f2a368c49ae42d7b55e2824c6ad1501aba1ea4520bbd2c21700f982b4c2e42b7e547e6baf7f6c5117ec698baeb24ce6382e982728ee61818c1d194f876de5a1d860aae27d28c75c2f28581263f23f670ef4dbb2ca5258290299d19952366253781a33b1103a5371cd94c7bf65fdb079a1acf7e5e17b3a29c91190844df", 0xd0, 0x0)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), &(0x7f0000000040)=0x4)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x10, &(0x7f0000000100), 0x0)

03:45:21 executing program 4:
r0 = getpid()
sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='^wlan0\x00'}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000300)=@mangle={'mangle\x00', 0x1f, 0x6, 0x580, 0x2e8, 0x3d8, 0x0, 0x1d0, 0x0, 0x4e8, 0x4e8, 0x4e8, 0x4e8, 0x4e8, 0x6, &(0x7f0000000280), {[{{@uncond, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x3}}, @common=@icmp={0x28, 'icmp\x00', 0x0, {0x0, 0x4, 0x8000, 0x1}}]}, @ECN={0x28, 'ECN\x00', 0x0, {0x20, 0xa86d, 0x3}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x21}, @multicast2=0xe0000002, 0xffffffff, 0xffffffff, 'bond_slave_0\x00', 'lo\x00', {}, {}, 0xff, 0x2, 0x42}, 0x0, 0x98, 0xc0}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x1}}}, {{@ip={@empty, @multicast2=0xe0000002, 0x0, 0x0, 'bridge0\x00', 'syzkaller0\x00', {0xff}, {0xff}, 0x0, 0x1, 0x1}, 0x0, 0xe8, 0x118, 0x0, {}, [@common=@icmp={0x28, 'icmp\x00', 0x0, {0x1e, 0x6, 0x4}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x1}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x5, 0x100000001, @local={0xac, 0x14, 0x14, 0xaa}, 0x4e24}}}, {{@uncond, 0x0, 0xc0, 0xf0, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x2}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0xfff000, 0x2, 0x100000000, 0x3}}}, {{@uncond, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00'}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x4}}]}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x8, 0x7}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x5e0)
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
poll(&(0x7f0000001080), 0x0, 0xffff)
readv(r2, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/202, 0xca}], 0x1)
write$cgroup_pid(r3, &(0x7f00000001c0), 0x12)

03:45:21 executing program 6:
socket$inet6(0xa, 0x80000, 0x200)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000000)=0x11, 0x4)

03:45:21 executing program 0:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhost-net\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x200000000003e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000340))
ioctl$VHOST_GET_VRING_BASE(r0, 0xc008af12, &(0x7f0000000000))

03:45:21 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
getpeername$packet(0xffffffffffffff9c, &(0x7f0000000180)={0x0, 0x0, <r2=>0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000001c0)=0x14)
bind$can_raw(r1, &(0x7f0000000140)={0x1d, r2}, 0xfffffee6)
setsockopt(r0, 0x265, 0xfffffffffffffffe, &(0x7f0000000000)="ac97f0002ba2ef00", 0x8)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x2101, 0x0)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000080)={<r4=>0x0, 0x2}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000100)={r4, 0x4}, 0x8)
dup3(r0, r1, 0x0)

03:45:21 executing program 2:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
r1 = syz_open_procfs(0x0, &(0x7f0000000040)="0465742f737444d28d026215a047d755b9bd52d6c15e9ef6ead4636b73")
ioctl$VHOST_SET_VRING_ENDIAN(r1, 0x4008af13, &(0x7f0000000000)={0x1, 0x7})
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/.group\x00')

03:45:21 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:21 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = open(&(0x7f000000fffa)='./bus\x00', 0x140042, 0x0)
write$fuse(r1, &(0x7f00000001c0)={0x18, 0x0, 0x0, @fuse_bmap_out}, 0xfffffdf3)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0)
madvise(&(0x7f0000004000/0x1000)=nil, 0x1000, 0xa)
madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0xf)

03:45:21 executing program 0:
r0 = socket$nl_xfrm(0x11, 0x3, 0x6)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x4000, 0x0)
getsockname$packet(r0, &(0x7f0000000080)={0x0, 0x0, <r2=>0x0, 0x0, 0x0, 0x0, @random}, &(0x7f00000000c0)=0x14)
setsockopt$packet_drop_memb(r1, 0x107, 0x2, &(0x7f0000000100)={r2, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x10)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}, 0x376)

03:45:21 executing program 7:
r0 = socket$inet6(0xa, 0x400000000006, 0x3)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
sendmmsg(r0, &(0x7f000000eec0)=[{{&(0x7f0000000080)=@in6={0xa, 0x4e23, 0x0, @empty={[0x8dffffff]}, 0x100000001}, 0x80, &(0x7f00000001c0), 0x0, &(0x7f00000003c0)}}], 0x1, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x105000, 0x102)
sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000002740)={&(0x7f00000025c0)={0x10, 0x0, 0x0, 0xc202000}, 0xc, &(0x7f0000002700)={&(0x7f0000002640)={0x98, 0x0, 0x279d71486693a5df, 0x70bd2c, 0x25dfdbfe, {0xb}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x59}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x5c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syzkaller1\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'dummy0\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'lo\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bcsf0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5}]}]}, 0x98}, 0x1}, 0x4000)
sendmsg$inet_sctp(r1, &(0x7f0000002500)={&(0x7f0000000040)=@in={0x2, 0x4e22, @multicast1=0xe0000001}, 0x10, &(0x7f0000002480)=[{&(0x7f00000001c0)="23c8fb58a5c24a7764486cdb91bcea663f707916ddb6929230ee33a5fbaf4cd821f27949eff7ebac1833f178cf4a5d91ccb5420b1379fe0eed039cb2d5adac70043ec46512b0f195a1a523cbe49018314da99216cf1a7adc706d9dba577e49b9ae182b09109dfb9403bf48e131670ee4e90dd82538a83c8ac28bb6d4c664c6ee484f58874eaa32602118b94142d2d1f0e197a22d459b1064413d0294f971c8f0", 0xa0}, {&(0x7f00000002c0)="3f1bd524de72ae0f84ffc954571d844a733e5e4a7aed678df83384eb260382f7d4c8f6095c1737e604f331164952e3ed4997d72ed6eff13817642bb47101435dfb939efc227944ecb97d6972c66031eb28a8ab98df8d998890b19927b65d48fc73a14f1c7b50611010e5627843ec03a488e911c7e0d9476a29b5bee585971bd7ebf5cb4d94b3db9748189b3545f6db15c5ffee34fb621c17d4af02e217f6541d83d126d6b30185356f715c8c4938cedf838de821b3c95b7d7fa104970808bdbf1ceaf1a816d594256b01adfae70d549345a65ef32048ffd40f629b500c60f0a739f995484168d7f1cd6db90d4b80e63f156a061443ec4b46e71dc32b54447ec8afbaee162f09db2098201b0420f0c2d714020d5aa605b1d206f4ee170f83c2aacd0468fc641010ceb32fb527263807272ef0a14384537612ee9e0d0094a76a9790e529f1361acf3cbc7c143d482d12ef1045fd8d3ce172769f6dc018bb0e1fda4e7c0212e9113beb47c6ffac1f82367aec1957579e286613b914bc202d720a4f33a0fb5195992e472263779ed58f5e2dcd6afa96c44ea2dcaaaecb3f9b5f42e79722fb22c05ec6e5856863cba73d9f18521be8fd0205a0274d9a2bfe2c6d00ca37284f32991812c759115deffe487836d6f9a1833a46c4c8cb67b1f9d309ffcedd359e4a9f397bf04ddfacf8e1d91532b24d7393562e6c73a3a31b667e50beaaa4271af8aae5926f11cbaddc5ca2ee10de7fd569f29f7779daef9f64becf08ede1259f09eeaac4f9b3385bfcfbf9919acf05aca486269bc7a279937b166f8760af7d9bd3a3a66b30543071dff0753e0cc4d5803a567858d2d1b5eddd2d93cc520ae56adbffebf0f67568c117353f599218adc67dff519e331ecbb125b0a2790a42e223b46ed50e6b07ea2a0673115f53e60aced24186d246ac4e18e99f18ed59c06c671d10093a5b591320919fcd4b6b9042badbaf5ae656971f901a29f03a13baa238644d6315b00daf136fea301189b349ef300ce1823b7c17f6e2861920642ca147363716de0ce0669cf6f0af1fc5cecb699aadbc50509f50c1c4ef35f69903d9242795db64dbe5002f659f4c2f41388d48cec2056311111662b6e41a610afbd027eb3f86c5e27a88ea877112624e944018bf51ed7fd35c4f88675deba0cb94654eee0d5e1869355c87dffcfcae9ccab692dfc0efec524d185bc6246f3eeec7b3ebaf433298f0f2ecba0dcdf06be154174010e1b0bdf7ea6380d19bf8ea269680a92b8d0f1f5262d4f3d85db8caa8fbe425a807e5e8fc0915ebbeaddda8f03910fc05ed11c38ec2c08b6017b207fd9fbdf9a3fe827fdac91a2cdba0bfa899e79255a4edea452e1c96cbaf9c5f6b262d11f9d68cb476cec4c9d041e1f4804429af9a85ca3a28a59ff3b5cb72e446eecf27380b84d9f288baaba638563296b7e7c9ed2af873a2d6b9031b69028f4e49b5ecd6262c3603b17511fe5cd2a016676a88c0e2e7d4ccbc226e0660fe5d5038049c536231034e904a2c82be9071e03f83328ab8f8cddeccb309476940731d531807f9a41d79d2bb0d50c3052fbaa753c3e5af3cc4525efe1efbf4b86812801c6d9c1dde4fbbab73e0915178dcd6de4c06f3202fbaa5aa702f46607bca2c93b92c4325305229d7c2cbf6500948e5187a2696b7c94f72163c2c7bf4db34ecea6dc5b94a527d45e39543af9db9f4e40411e30999f98eef79f4428b32621bfa52c047ae1054f58b1e64f9cebc7b521669ad0950c668ac9b1f7eb9efcf44524148664ff781dc0c9c81d5f3b7dd55e4603e065a36444814bf344c9cdb3d4506a19d26f9a2a59d84dfca39f5491d44593da309ebed50248942e610618980e98ce429cab059b8ccc36a1049d319518c791fc27dda4bd38a7810102ff7e622726db036af0bedcc3874491e7e1c74ce379f370c212c3c2f8e808155b7bc3cb562525ffcdfe00cb471422764701481b1d9d2ca1d7bec95875c64149d26fbca18c28b3f24738c1fb3721d397907c0b7adbd676bf7271e7b32338e6a930c1f52d64c06f681e231b87578b83bc564548841194b72dab120b1698d841636d581febd6baa5fc55829241a7aaa4ce66358c25ccd5a0621e841f1d99e6415de8138eca71a331cbf64912ff9cd4e95982993a4ae7d21fb3181774cfd6eedcf2a43957f18f408eb5edec454d942cb9399fd66c9b7dd05ae3b85b94f469288ca0de7d0c0f9b9a4c563d01be5c4ddd80011abda32ca61dd0c2852794bdf8307ec0faf3d89e5c471c00d91a4125757646b98cada9d1f79a403671e78f917c5ac171fd78138ddd1c6ed81c10e03625cc48333cac8bb99880268c66767a0ee9b450fe386de1ae1b0362302211840f7b960b3a5e8527d89a9346c7fa8a516d8ac40fc062c110721ee3085be102f17204fac6026a05ce2580507ad4a45c8e0f53aca173ae35f4840aa2bcb8f484e3d8fb849308a1767d2779a4189abcc4c4954d52055bd16aab83e27faedbf4e2c67212bc73bd8a97889f6efff4c96e5fb49f8484064d1c5a58780e2690b68f63bc19e7bb4d0646ef332390dd80dfd42e85d4d68314488dc88982cd2d8576e8333c9a33c1ea62f07b68c3c4bd00d726c21e14e7178f87eca9baa761da22673784afb27eb1f88c103671adfc924b0c667c7e85b6b1798b735a617e3251a422a61c01e969ca4765015209e7d370e69f76daf5e27ec9eab93955449a4256c2b3376c1206cb1055658b7a02fa75bcff9a0dc6cebcb70c970e29cce75f0f6596b1b8a95724f4df65e7a23a1df3ec0263ca6eb4d5ea6a0d00118e2dd1245aa65038d2a527c5137612e874e651021137549467cddd69af4cde65786e2809502d966fc37ec00bc710f9a5c7dcd5776a592f115dec95e9ab0965a47f8fc4ed5fce6812fc79e71c1b08405c8254de7a1cb5544bd89a8a54f2391eba6e66cb19de36c9d65266602d8f7b518a8e09fe56687d8f940b0740d670852fc2868f35da670678f72049c1bae9c061022116f49279818d3a8eac4476a14bb4acc5682800ee7b4838e8bbba12b26ffb1961dff5df5e8d356c8e4b007b01e67b15e20d6195821fc713a1252733b00ecb0576ec71eaa8232957eacc1a0a3749d1505954185f4191cdc8a45efc3432fdb623bbd3aeeee95fac0899484ad38fb641635fc5b7eb005aea7feb4efafbb6b2403cce19d769a47132b6bf5cb4118974645b5656946c05836776a5fbcd48ffaa872cfaa046b2ac96f580ea24ec4adfc6e15c76d84ef46a62b510245f6e9ad4711bcfaa4da5454dcaa31c6f7a893ab8cc7bee9276e8e91cd96e48c0bc6375e98541c020eb9e44bdf6c186ab270bad8f94d722e5299dd0d607598476c1796382f442aa6a1f1ea4da5bcfe746d4e9463ee00d7d6c799ef2c91a480cae3ac63c21ee520b8c089bc8de7f5b2c576e909095d6a888d1fb62b30cd4042d9fbae5343cfc596b814ac1265292f6fde5cf4a0e4b4f96b7af2183e3b4da8a50ec8a7e88bc3fc5f196db0214e19c9e243522e4a2f5ac89298e1d41d1309d824214ab21a49dc71b52b569bd9b6be6fa614ad13179c5916b898202a419b067346a12c1538f31ded9ffd559511a28f51d754d74a8844586a8b0f9d20f46183348be3a3159e12a45be939684dc3b06ce3d13d4fa49d8a7e482a9fd7b620feb9e0375b1973f9cb0cba4e0c4e388fa10616dd6169e1612c2b7faca2e58f4ee72445694f56b32c2ce794a9effcaa0f839f528a7710cbb247cf898b22a2efc6e63426ecc613df0f45e7f4c9fd23ae3abb81d561097388fb87540a8c062571279ff9855ad82b79c101be7512692c051cb209c680f34e09165c95cbeefeac725383cdb8a2747a77a33debc51b7dea3b40d754215090d20f11fd470dc9b59cedbe08039c576efff359702f0c5eb0973eca06e760a008d2516339b18ecfd50170f4fab330aab867214f1789096d26603fd5c4ce9cf1f363ccb9ac9133f3343edb892abe6cdc1c439a8eb71fbba648498c0f895b44be2067504d9976ba91e594e7fdc95e13e1862cff5f08ae81150c3d4e516811e44b2d275a8b91115270b47695f9e8d77e803d1d3d705bd49e4e56a750b918567d530b9e1b61299afd5c1774ebf0b6aef154cf6efa79f9588b8430fdf744a39166ede36ea68a9b0ca5def16bb240085266616cd0aae793db700d9bc009bc060c12ef0d48e651bb4e31a464020a127c27a10eed0be44245a0c0718fef97c0f840cc2d0fc20fda913dc39be316da67d17bd5ec343c36d130e367c6893e587aa6feb661ce5709fdb6dab7997e66c26f97462a399cb6259432ff4747e48214d51d2a220f06ac07060311f484603f9f7b236c74aab99a4c587ca9f04c60e45f2aa2f3a1b02e4a8dcae97fb253881c67a01861806608d3829a2a0b2be6e8816e9ebc3904288f9a439bb81e671a36377fea58db588677425f4da97fb04fc64987388839afd25787a582c9c65faeec769bb23c4de260f7213c2d05858436c564389c5d99802fa3730b85f742832b5ce71df5fe83c9c20757687197565bb22c2afb53461e30c7cb4e31d612128813f22a0ff0e04c766246c175133850f820a00e128eb2cfb2191fb9bd2b11cf2ce2147fb67ef51f2c9240efd155c28607c0be915195e9a6dcdf5fbd38bd263b706eebfa65f7742b588e8d47190abc2ced20c6838375785ec71d87a5cc822afeed46f456d597a3d6cc968a7d4f44f1c82d716f9c7f76d044bd057dc9ac499f8a72a5e84da3682e3f4b0faf21a3fdf9f5de62eac7e66e87780288385936bc4bb8db01e758766951ede3bd8fb0e95b25c28c8d7a760c43b8f4cd4be944fc0cdedd72e58ea1d2b1f7f516cb16f2165da2856ca7f87886250d810b02c8476fd6a4bf1669cbad6201fa717b075ba3d2143379588f68aa388507e3cff6e961e3f983e9c70f29c223e32bc59f6de509bf8dabb161deba42e327475d9f810061229fae36ac0f958cffc83da32381881932b7849d545ce00bc3590f5b0d0f01e7796d626864f92c70d159e84f0849af0aa4cb9996480b2ef5b66c04861a66d77499d458edd05122d195009c1a6cb5286ce71122ea707c358b16cdd76f04dc589a58e182b4631088490450f1a530f241b39bdd2d0650fbe440c84966e4a11a67b91f5ad8b08e5cc9ad367eb5b1b29e3f5eee69bb9300bf83fc2e949373fce96a97b6ec6d1947edcc19f230b02c9e87e6369c79b5cf29d2caeecc75a599a54415a4bcffdc54d8f4c460189e878ee713d54ae199e1d0a5feeb394b1e3bff990aa19f3f8b339b938ec6e89491615f6a463949af8d7834398d59b0faac1dda98f7f58a8b89530a5f4d5555f4207429be96a33d8f2724326c7174cd285c61bed3c7f5939e2afa07c8b043fe01c2dcd81d1467695910c4bd1a912327c418781817d397e1e0b7de21aa3a363de697b87ae860284c87d225500e7160355f47cf4f338b6ee697f9e14ecd84fbec090bed040245cb2aef1a688a7522a1d9dfedf7cd8490af7a71c1189e743cf54a383d75bf732f6280c3db86c5d055df4c22aedc7cce3a440be01968a8d9f4165894d16a5f0a8667badca8b59a8bb6894c8fc2746e311b5093803c03277412206e56fab4f1a95466b9a1b5f5bab7c3bbabcea0178916206d0c062d52bdd18d5761a29c0c1ebd29bb8afb644ebf280e05d32b4d852eaa538b35558e6aeb1ac72f2b62f2a133a6aee90be82d0ec0b258c6db7b02a1802c86de121433e73a9c371fd6cf23cdddc52f6ac8a8d2a35396315b7c8409a5abce06764a", 0x1000}, {&(0x7f00000012c0)="fa8bcd4454460bf0de1885fcdc566f8c684000647d19652ef458fce9c24aeb3508d160a3fd5ffd9debf2d1bba4a19d1b9635abae90bf451866fa14032c44985183cd83a1937333c73d0016349a54450b5860a9a332abb63cc48f264aa3fb551cc85717f326754dbfc84832f7a62c1d0303d8240f7f2d266c416f3c6320bf9c5f5c18aa13008e9d8167a56073cfeb70ad4354225953e9b8bdde550b100e85147a6684178070f2298351ca28567e5c76c1c0527d558a85f53610080828c07277687e95adf527f703db7a24b5918a28af0a5d94bde4b6fba1088b4678bc", 0xdc}, {&(0x7f00000013c0)="0bc481e6b576b8de7a0290899402d1c0acf6038d3987716af50a2367e766cea954db6d37e25d19f00de5690ff2074f25d7dc11331926f44ff229ca760f7a8768dfc396c88d56ba723ad958b3ef9f27517210677443d47126bc5f5bbebac64f43cb98235fe6eeac918121f1830f7b6d85555d0f9e5ea6c9578cace055d4ae167a0b242d029bdfe018426fb7adf04e972bcd7a6dd7c8772886bc1c0ffcd3a0dd3d25ff52d15c20", 0xa6}, {&(0x7f0000001480)="38147043b4078e0fda04e9d13b4ceddf7c944feb3510ed41ac894bb89017a38b262d7d52856d90d1609b4036d9f6cd93a0050020046d625f75de6a994693ad1e5760961b8f6fe29d1a2c02094c3742b7b9784aab4006240a64b231d2a6de520df656fa349bdf76f45c007f38aa7121877e928ca7a9010ed8edfeb3d51a90e913070129e090a3f1ca0ea29a9645e730453d931414637e3da5b442c72bfb48525741945d7124f9866f95ed83482154313574db5a8439cdb23c85594b04ac62ab414a893c20ed258ff7166febb991416a309a27cdbf8a85c6d0624fe8dce2b2edd5486ac46651b104850774642e6718f9454737c7b397b3998361d64ccd7ac6d72523a70ee0b878417b59bc34fd7fece040a29f0f8447e04c26615ed16d73cebf21a7ba95661fcf65334c05eaf55bc3c35ac8ebbda39c2869e5ed29f2572aff6b1a53684e3318aa997f6379b68fa8c6c0d48a99cfd27fb02f7ffc7645ac1d4cc5df39201daa1f10f194b8a707542bf9c70bcad5ac0544a9648a6fc28496b91b634b0bd05cb5fd285e859aae50312aa516de4a180a3108511569328c38488c6dde3421b8b8caa5eda6ecaf11d68510b144f45fccdad52d77a0913417d439bfd933ac380565ee860b8e5e3289e6848b1dcda04c6df12487bccee3d284a7cd17ab3277160436c0c7daaa9ead74830202d601e0fe13e0d3e1d819e3489d3df284218a331f9feab753be050b93c94b8fa2ecec93847e66c9a608bc0d137c1c1aec2c7e626293231e00b466a28370fc30143d264bcd870f6914354a71587a0785d53cdc06c97f98aef23454375f5b00bacf53852836626522d3f5e8bf7fb54a13afa34ff9e9fadc84da0dc00a83e64880f80a2b4174880c53bb0d519e1e0360986ccf85ee3848273173d57bc525aff95e8d87ae03510cf160235f88d363044797c4d8c36e3fe03399a0ebee2f953495847fce2597ac6b64f8d0c9f70a9fe1e47d6463be3a4a590175b5a36cfc92b3507eaae160b13ec5ad0ff095e37c5de65e01157431d4a2754e81c77986dd856d1aedb448f0700b2b189a3e047f5fe0759f7e4a552e43745c8405cd6747afd1cce65f47b657ff0f7923248405fb8a64decdf7f24d2d361dc19e54ee3500d27cff36ad5c565c19893053aea3c685c9f16c4cdee302126eb691ed601a18bb51e6bda86e9ece82233e91322f618bb7b50dac287b80a678a9d045421d9a1571427bb3b3caff90e3f199f87f2464273421685554bc4eb82cd3fb09ee2b2220409ea308f9bb5b2f294ed9f5ecc35addbb68ee1806235ef9a2026c9f3f090bbddfeb4c1a93f05d85ad4e070fb2b24acf6aeaa6dbe1b3d144ae5eb8ca158309c25eafb2a6350f772c6e890ff65f461f192ddbbe174a0a990e2c6b829b7bab384e1a7d2aad1788a62b537becada657d2dde2b969bdb6a75a937c1128c3f5bd87e4f02f70b7fab0308f498e104e32b17d6df97bc6a505a5387a6290057468aa2f12642d144a635815bfee79a40fe52611bd18d35623cc4d588ece731dc0f01a884e64333d756e4fb5e5e211819665ce3934fc03ef24b02c902902a1c2294886ee67964b7e593bca686d3afd27360ee925572284be97cea0f67df24684bc167fd8cbc9b791648668fa7504f95a0a7202616c919918ab8ecef83736f3cd72a4def8ae141ac4efd2d576e421d965d2c212fef47c5fa1972d4394ac7e9648e4938dc00adaeed1ef5bdabefd8622e6c41dd1905b617cb3133fa1dffc1ba6d13728d31b9ade538ab775d89148127e7873fc9e0ac0227e817244db616a99935b20474743c10c78eefe423576802b297c8cbcc6867fef901054345f13efc993e811c4e754e9698c2f1724b087992ca156b2835840128fc113724c78cd479490eef290ac9f989a9e417110819548ffd99e355a2e1f07ad45a8ddf4b9a5e328566d059c333680e3cdcfd583f7e3e728111be64dcd8be9f2fb2a4c502e1895a358bfc68bfd1f25299e84f5452bf752967b76d86bba455e94bb24de42696a0ce3ba8b486b8d1b1cbe7756c11a2d9d7a5a748500a2066ab06322c7ec6b537cef8df21ea8ef5c276f36f81255612dd3789d188fc808f8b4f42b424425acaa93ead0822bd5f040f1d1f90585adcf9ad1084bf49cbdfa82b1d703cd6b91dbd4d1334b7f1db77d075beaac6e981562a2610eb8a1a20ed39116adabb353d0b2147a24dfe3f4920fc589e52fa2364564ab8b8178d98a4858e30082c528a37a21bebeb305ae3cd15dbba75a90b96f2afbf2a421c2813d954963898151035cf7196b15125a279d94f2e21310361efca38d2448ee7139a59fb719a030fcaa73d47bbc7146782e8683907de0ef1706458da566ee060f4767a4ec9cba37f980c251439dbac5c6b43c66f3f308aa91d230932ef74f4d1e6551f117a4c11720ad9b06eeaa56a01c1d9dce86906d00fbe27b02b7d3c0b6edb4292d9115b449f4f590e1f557abc5be22d5a647e1c37dacbda6ca8ea61f97e32b8c9ed752ad826b12b0147cc7d207fc1867419cf330c5f2c7bc3e6751b8f30cb051dfc97cfcd8494e06c658f74ee0a40185359b939bf09c7da2afaa70110046c6a81163a020ea62e3b575e744a8a6284a10b21b747ddfd650e01952b306d0317d223970687cc9d9122bb4065c5d3eb41ea184dc8c2496f940029f2c8fec403cd7b3595b796203a047733002a11412825a4b6a870c030abc2cc1978402569de8cee00adcd08f6fb12a78920672ad8297fe3af8508b3554d63af2d3d3d8e6b99f65e9979512fbb6ef39b0244cd3db78a48c6bed244e25a5e5ef831efed1927fb13703eb9b127a5ffb252ecc31cf68630fac7ab42ab03bdee879ead50decaa414134fa40608d405838d09ce934f9b303526f73f82cf36f6bfac1d3cb4119422d7c8119094706a394e8b9b42791e34146e52b58403cf1eb32d05ca367f32b6febf833c98d2d4f87c733e0a24f593d5ae282729b995155721aefe8908410b84cf39bc5080b35cc4b81ac42e1bbee24e6524f4f359f41cc53283872278e56676a15e0572d7416f33ad04a4d10b4b3a6b4cb24306ac31ee45f91a5d78dd7dc8d238dec0ca2a34d878ec83360a6e25643b65b4c25a03ec5842b202820547385ab947003d493845bda0c865732310b3ee8eb41e13cfadc79a92332d4ebdc3d4995c14db1492c2206c47e224f59c4fedb6f180aad37bb94687b02916541b3d3321fd677ab76506651e5e8345eabca2d73c7b270f67d9bed336937d12a6963cbe18446d169a3608b9ced0b8f1896c8c17698b95e4a194fa09ab5079e7664bb6bfa529a2efa0e59ea56f13be028613e99be9ef02d0dcdda106ff1cd3385d9ab30f579d53e0d0f1073ebffd8de2c9ffc0d4ce3c0490c0206a4fe65923d486980480da617f302a02ffe1b3da49c763e387f85a4470f16658cc808b1e4d74dedfcba24c4a7fb91cc42cd643fcec1755b4d741c85344bd7fdbfbd17cb6765181379f9955c13e8d96e5e10a6424d053254d45ad0e2ea488ea4597011807106c65ad15d9b2b28271894965556dbacc379471cdfdf5da843a7fcb3b32e09cf3a4e10f14901310d00d98d419864f7ebb3bbded4ba46e0a16d76e66ea1f28639be6e507e9d065a8152d6df1431ff2f1f260bda8db09ebcfcea5dd49084d9c192f07f9cb5c79308176b964e04ebb2141403c4a531ed3b63b6a9da75c3849a91cf245913374b8669e03262080d3a9daf49050422c2e029a87d27ad81073c665b6ad29f006b3e268e103ccb250b4daba2f97bf6fc91122b4eecfd1f5be16cf0077075f91aa62caaf5903f43e0f3ba188f7917b7f03c55f87ea6296d2c669423d759bea906df5d2c6978cf10e008f48a634d13a7f9cf671d7cae63380e0e9fddf96a867759e32ac23af7ca9fbc196f634b51bb53d60e85044ff64c588358b43ab56d519a061ff96d02ea9550499f013bbdd2029af5f3478cb88d592579cc071c901814d310525965da50a442096aca7cfe0d91f19f5cbd85f29b628fd0bb8eda2261f412e818d7466009ad3389f7974957e3e149439a9036ab13c4a352e26c67b4a67a457778630c11db61202bdc146982c62dcf2441aa1339dad6affdf541a4d581746f67eda3647079e6cb0d0ca32a71ea836868c1e1d7e0ec5b551bc5a503b24070e0b2688b64c67ce70c7845375d2ce898d737b464ca9a229d0d1df062abe5c2fef1632131cfcdbcb4397ea05193fbb5865ea6132c41ecb285d21785075a1da0957d2842dc0e3570b104680d29dc8196e1c4b0d869cf09490e2f2c84212148229ea84f913249ab4b87199a51bcf40976e3ade87a3b7ea14dc2921007b7cda222ea1614ef89a4a0a066c7838a724a6a954a68a86b223b4f23df499c7a7b4bed05d4ebc3fdf7e8ae1ab4f72526116a86e6db3c2fc7f835efa4b1aae73d25a1189232f23b8d9cc143acec52e5ea4764526761591932bf44ad7f51478ecdce9ba341347e4ec14805948bb0b5c42ef570c4fb8c4ffc188c60605ad7ba5b91e565bd62691f1e2f55e9ee4c82a95a0678ba17b60515119fa3ef1a6f575ccffcdfc92d5042ac0e833aceabcc84a51a578e12f5ebc620b4434bd94cf5693540bb06adfdcd5586c9e53aba51287dabde6430a9549897910e3a6e2afb338f0ce5d4fe314cf78ffc6adc825e5f498dee23e69db19a5fda8fe4a589b1f0d5b9b47f2f74934ec720ea8c46a7a4f7715ea39b04921b1ab6c9e4e57c0d065203d975d522676cb5f00da34cd32d5c3319c39b630cddc79ca858abfa480247dffb72374fda60c6d8d881e15c2835fa2084f5fb4ae978e3731b2c27e58219544e9dd1661eed06d77c663b72ab7297999452c15bb25949cda83432d4da0b473aa1f71a8171530818d2b80e7568d45fed6a0e8e61b1f3da3d489facadbaae6600fdb3efd58bc66e2c6092fb7d8e75abb5ca7c8f8239e466628f5a2066edb99773a8817c829b5cfc64936a5a2e0e57a7bb5332c07741e4e578978136bd48aabc1ba6ad7e99718367e3eac47849fa9a9f34a7e23f08511d322a1ae5cec7b0cfa71d80fc56aadf8692837399503db01575576ea40e3754d1c26f48d425c7fdb88794577c437528a35fafbcaf33f126c28a427604074183ffffe90296b5bd7cb5a237a64249ef1f842d25ea3b51a83c2d92ae9366140d880bce693dbb85695c97a6d648e216050202b61a055e3241176e26b9f5b56555f09137706dc7cfe4decdaee7bd739b5dd52da436d27c20f5d2d2f4f55455ee40a783bd8ffeadf43d3d60094e921bb8769ed794f3cf7a91e73a5670aaacea05d5bfd32bc094c2eb15af4db959341cc41e4f077f09a4c4d96e2835be2cff593741b090cdc05f20ba57479ab808162bec1c082749a3db01a054ed9d94ab672956d8a0e93e7f99f0da89e99e89baa3fe3f0f0531e75f7a5c92dd4bea9e52ea05a271026e98886f3aba0481fbefc14cd8da4ff25b7ec03c9d5aefad3873d9bdd52721da594db3475341412c94ec85760611ed1681314ce092922099ff13018133306cd6bd35c885c5ca354ec6de83844c1b943cfd9e1d315ea512af043c9d47a686b10a951dd1d0cf4217bd247479bdcf2b3a7758fdec617a6b1bb70c2ae101800eff69b3f541df2b281a3ed41ad3f0c68d3d1a084a9667808f5165725b29d38716025f17ba080ffba2766953abbf477e5024c2c6aaa827d034978746e64dabf678767799d4283ed799b4796f705f231adaa894b9a99f786e96232ba7882216a48c9e0fe364924288ae5b03549e915e57fee29f", 0x1000}], 0x5, 0x0, 0x0, 0x40000}, 0x800)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f0000000100)={0x81, 0x124, 0xfff, 'queue0\x00', 0x3ff})
socketpair(0x9, 0xa, 0x4, &(0x7f0000002540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000002600)={<r4=>0x0}, &(0x7f0000002780)=0xc)
tkill(r4, 0x3f)
ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f0000002580)={'ip6gretap0\x00', {0x2, 0x4e22, @broadcast=0xffffffff}})
ioctl$LOOP_SET_DIRECT_IO(r3, 0x4c08, 0x100)

03:45:21 executing program 2:
r0 = socket$inet6(0xa, 0x1, 0x0)
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f00000000c0))
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000180))
r1 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0xfffffffffffffffe, 0x400000)
ioctl$LOOP_CLR_FD(r1, 0x4c01)

03:45:21 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
syz_mount_image$ntfs(&(0x7f0000000240)='ntfs\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f00000007c0), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00c8a45d49f211f4bf62fec0e25da14cc931b420c1bfd551e873a01d177f9ba696e005f3f90d29f145bc9312edf01b9a664d5764e9f5b77481e8d7f87bd7ca326b1533f24649981de67a71dac247d54c55f780ba3a2edb1c84ae55854e0ba49e2e9518e15d7d8618b8d29eb71407a035d74095185f320da0524e54225aa8c84239a0af018c109724c78d"])
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mount(&(0x7f000000a000)='./file0\x00', &(0x7f000000aff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000001c000))
chdir(&(0x7f0000000780)='./file0\x00')
symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000200)='./file0\x00')
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)

03:45:21 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:21 executing program 2:
socket(0x10, 0x2, 0x0)
mkdir(&(0x7f00000004c0)='./file0\x00', 0x0)
mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f00000001c0)='ramfs\x00', 0x0, &(0x7f0000000140))
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000444000))
mount(&(0x7f0000fb6000)='./file0\x00', &(0x7f0000d78000)='.', &(0x7f0000fdb000)='ubifs\x00', 0x1003, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_persist_mode\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x13f, 0x1}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f0000000140)={0xf, 0x8, 0xfa00, {r2, 0xb}}, 0x10)
mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000))
mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000))
syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
sendfile(r0, r0, &(0x7f0000000000), 0x1)

03:45:21 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000008fd0)={0x4, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000000f4d)})
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

[ 1582.456260] ntfs: (device loop0): ntfs_fill_super(): Unable to determine device size.
03:45:21 executing program 3:
socket$inet6(0xa, 0x1000000000002, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:21 executing program 7:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c832, 0xffffffffffffffff, 0x0)
clone(0x0, &(0x7f0000000080), &(0x7f00000001c0), &(0x7f0000000040), &(0x7f0000000400))
syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x3, 0x41)

[ 1582.542214] binder: 16062:16063 unknown command 0
[ 1582.574112] binder: 16062:16063 ioctl c0306201 20008fd0 returned -22
[ 1582.613102] binder: 16062:16063 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1582.658197] binder_alloc: 16062: binder_alloc_buf, no vma
[ 1582.664076] binder: 16062:16063 transaction failed 29189/-3, size 0-0 line 2967
[ 1582.739764] binder: BINDER_SET_CONTEXT_MGR already set
[ 1582.756526] binder: 16062:16063 ioctl 40046207 0 returned -16
[ 1582.776463] binder: 16062:16080 unknown command 0
[ 1582.801095] binder: 16062:16080 ioctl c0306201 20008fd0 returned -22
[ 1582.810287] binder: undelivered TRANSACTION_ERROR: 29189
03:45:22 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r1 = syz_fuse_mount(&(0x7f0000000340)='./file0\x00', 0x4000, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000080)='msdos\x00', &(0x7f0000000300)='./file0/file1\x00', 0x0, 0x1, &(0x7f00000007c0)=[{&(0x7f0000000680), 0x0, 0xfffffffffffff28a}], 0x0, &(0x7f0000000840))
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
read(r1, &(0x7f0000003380)=""/4096, 0x2a)
r2 = memfd_create(&(0x7f0000000000)='/lo\x00', 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r2, 0xc008ae09, &(0x7f0000000880)=""/4096)

03:45:22 executing program 0:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x18000, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_mems\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000080)="f30f10f6b88ef200000f23c80f21f835000040000f23f80f2380670f00998000b8000800000f23c00f21f835020003000f23f8f20f890c000000b92f0a00000f320fc76c3606841866baf80cb84cab7a81ef66bafc0cb091ee", 0x59}], 0x1, 0x0, &(0x7f0000000180), 0x0)
r2 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
r3 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000008fd0)={0x4, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e630c40"], 0x0, 0x0, &(0x7f0000000f4d)})
r4 = add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0x0)
keyctl$revoke(0x3, r4)
r5 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r5, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:22 executing program 3:
socket$inet6(0xa, 0x1000000000002, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

[ 1583.153222] binder: 16089:16091 BC_CLEAR_DEATH_NOTIFICATION death notification cookie mismatch 0000000000000000 != 0000000000000003
[ 1583.181270] binder_alloc: 16089: binder_alloc_buf, no vma
[ 1583.183903] FAT-fs (loop4): bogus number of reserved sectors
[ 1583.186947] binder: 16089:16091 transaction failed 29189/-3, size 0-0 line 2967
03:45:22 executing program 1:
socket$inet6(0xa, 0x1000000000002, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:22 executing program 7:
r0 = socket$inet(0x2, 0x6, 0x3)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6}]}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback=0x7f000001}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000040), &(0x7f0000000140)}}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
sendmmsg(r0, &(0x7f0000004f80)=[{{0x0, 0x0, &(0x7f0000004e40), 0x0, &(0x7f0000004e80)}}], 0x1, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r2, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070")
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000000c0)={{{@in6=@local, @in6=@ipv4={[], [], @loopback}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000001c0)=0xe8)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000240)=0xc)
syz_fuseblk_mount(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0xb002, r3, r4, 0x2, 0x100000001, 0x80000)
tkill(r1, 0x1000000000016)

03:45:22 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000008fd0)={0x4, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000000f4d)})
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

[ 1583.200583] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1583.202102] binder: BINDER_SET_CONTEXT_MGR already set
[ 1583.230352] binder: 16089:16098 ioctl 40046207 0 returned -16
[ 1583.235540] binder: 16089:16091 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[ 1583.257429] binder: BINDER_SET_CONTEXT_MGR already set
[ 1583.276226] FAT-fs (loop4): bogus number of reserved sectors
[ 1583.279293] binder: 16102:16104 ioctl 40046207 0 returned -16
[ 1583.282136] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1583.298451] binder: 16089:16098 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1583.312676] binder: 16102:16104 unknown command 0
[ 1583.328221] binder_alloc: 16089: binder_alloc_buf, no vma
[ 1583.332127] binder: 16102:16104 ioctl c0306201 20008fd0 returned -22
[ 1583.333919] binder: 16089:16098 transaction failed 29189/-3, size 0-0 line 2967
[ 1583.366848] binder: 16102:16104 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1583.387117] binder_alloc: 16089: binder_alloc_buf, no vma
[ 1583.388342] binder: undelivered TRANSACTION_ERROR: 29189
[ 1583.392965] binder: 16102:16104 transaction failed 29189/-3, size 0-0 line 2967
[ 1583.416821] binder: undelivered TRANSACTION_ERROR: 29189
03:45:22 executing program 6:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x2000, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x106, 0x100b}}, 0x20)
write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f0000000140)={0x8, 0x120, 0xfa00, {0x2, {0xf69, 0x100000000, "508e0ca467d829590e3b5672579ae4154bf055148a3a7434f2c8d9ab9ee81a7f90868422ca83fee606bb922c2108de78c5edd45523d105186bafce65d636f6dbbcfaccd78c7cc8497c0651a3cd71f1c5548d0dfc31822e6a3ed98372453c6067227857a0cab0154aee57221a83adc1616e886049ffe44e584c78e7f8b4d157b1182f00fb777f3c045d20bfb8d20c57b591302f4bd9776878f97918f9447afd4aba6b0afb7c7a24e3882d9fce89b27c89c4f14e8c93cab8b8c2d6cdaf1a3214e2181854ef512151490deff421043bc806b307b5ae8f054c9c154f57a75291750ce3b4abbfeab202b2fb2140a75f5ee876c4181da82c144d4ae6d67cf01dc8e7f4", 0x8c, 0x7, 0x1, 0x6, 0x5, 0x34, 0x1, 0x1}, r1}}, 0x128)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r2, &(0x7f0000002fc8)={&(0x7f0000000000)=@nl=@kern={0x10, 0x600}, 0x80, &(0x7f0000002000)=[{&(0x7f000000dfaa)="5500000018007f5300fe01b2a4a280930a06000000a84306910000003900090035000c00060000001900150002000000000000dc1338d54400009b84136ef75afb83de4411001600c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f0000000400)}, 0x10000000000)
perf_event_open$cgroup(&(0x7f00000002c0)={0x5, 0x70, 0x34, 0x5f, 0xfffffffffffffff7, 0x40, 0x0, 0x606, 0x20041, 0x8, 0x808e, 0x9, 0xfffffffffffffff9, 0x6, 0x5, 0xd2, 0x7fffffff, 0x7fff, 0x9, 0x8001, 0xaf, 0x1, 0x5, 0x4, 0x50000000, 0xfff, 0x1f, 0x8, 0x95, 0x3, 0x8, 0x400, 0x1000, 0x8, 0x8, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000280), 0x4}, 0x22060, 0x8092, 0x9, 0x6, 0xffffffff, 0x2, 0x4}, r0, 0xd, r0, 0x5)

03:45:22 executing program 3:
socket$inet6(0xa, 0x1000000000002, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:22 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000100)="7643b4681f1bbea816d53c6ca1a0ee6bd96fbbc90d1b29d7b7234b9b62e1ae3f5e0ce520fb041183ddd1401eaa8eb7b65eb09e5976bc9d7b79d3781ece64aa286b858752db69ba5eeeca25ac4800642ee66e60ed13fb433e59313f58", 0x5c, 0xfffffffffffffffe)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffb, 0x200100)
keyctl$assume_authority(0x10, r2)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x4}, 0x1c)
socket$rds(0x15, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x10, &(0x7f0000000240), 0x4)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000180)=<r4=>0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r3, 0xc1105511, &(0x7f00000002c0)={{0x1, 0x2, 0xfffffffffffff566, 0x0, 'syz1\x00', 0x10000}, 0x4, 0x20, 0x40, r4, 0xa, 0x5, 'syz0\x00', &(0x7f00000001c0)=['/dev/snd/pcmC#D#p\x00', '/dev/snd/pcmC#D#p\x00', '/dev/snd/pcmC#D#p\x00', 'user\x00', 'vboxnet0\x00', '[\x00', 'user\x00', 'user\x00', 'user\x00', 'user\x00'], 0x5a, [], [0x7, 0x40, 0x8, 0xfb9]})

03:45:22 executing program 0:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x8000, 0x0)
ioctl$EVIOCGVERSION(r1, 0x80044501, &(0x7f0000000080)=""/186)
getsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000140), &(0x7f0000000180)=0x4)
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x8000, 0x100)

03:45:22 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$sock_int(r1, 0x1, 0x28, &(0x7f0000000040)=0x3f, 0x4)
syz_emit_ethernet(0x2a, &(0x7f0000000080)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb08004500001c00000000ec0090787f000001e00000011200917800000000"], 0x0)
accept(r1, &(0x7f00000000c0)=@pptp={0x0, 0x0, {0x0, @dev}}, &(0x7f0000000000)=0x80)

03:45:22 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000040)={<r2=>0x0, 0x4, 0x958}, &(0x7f0000000080)=0x10)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000000c0)={r2, 0x1}, 0x8)
fcntl$setstatus(r1, 0x4, 0x6100)
setsockopt$nfc_llcp_NFC_LLCP_RW(r1, 0x118, 0x0, &(0x7f0000000000)=0x19b9ebd, 0x4)
write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0xfffffeb3)

[ 1583.454947] binder: undelivered TRANSACTION_ERROR: 29189
[ 1583.701047] netlink: 13 bytes leftover after parsing attributes in process `syz-executor6'.
[ 1583.721312] IPv6: Can't replace route, no match found
[ 1583.743177] netlink: 13 bytes leftover after parsing attributes in process `syz-executor6'.
[ 1583.771064] IPv6: Can't replace route, no match found
03:45:26 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, 0xffffffffffffffff)
syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x1, 0x10800)

03:45:26 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000008fd0)={0x4, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000000f4d)})
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:26 executing program 3:
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:26 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f000035d000))
signalfd(r0, &(0x7f0000000000)={0x3}, 0x8)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r1, 0x7005)

03:45:26 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047"}], 0x0, 0x0, &(0x7f0000000080), 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000140)=ANY=[@ANYBLOB="fb034d163200d709000112bc24e698e74ce3f788328f3884c5d00c8c09a9f5b23bd904ed6b38bf6d34ea4739ef3ee09aab8fcf60edcdcf2bb565d08aa2a92c27d82682f0251beedc14f37e7f38b08abf9ab2cf5be3b4d20ba453abb9f7c49d3714"])
ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4188aea7, &(0x7f00000001c0)={0x2, 0x0, [0x40000071, 0x0, 0x2000000]})
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000400)=<r4=>0x0)
sched_rr_get_interval(r4, &(0x7f0000000440))
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000080)={<r6=>0xffffffffffffffff}, 0x106, 0xf}}, 0x20)
write$RDMA_USER_CM_CMD_REJECT(r5, &(0x7f00000002c0)={0x9, 0x108, 0xfa00, {r6, 0x7, "10375e", "428905bc4acbd8e9facf4db05fc540a6a29c5d12a4a03c459d91470357be3a7589d2ec59c1ec5c8313128b75ebe3f9dca47b0f850751a0dd150e36852763973719945a9c6fddc6a3915127ae2fe09d624a6dd64e9bec04c7bde715eb696a4fbbca09f73dab2d2dbb50dfb1d1a058345d60f042da38a603d0e5a22529bc50c65a8231ff4f618d476a2e7be41b91618bed585efc5954a5a59c596f6f1a203f40456bb64851b0dda53bc17ed08a53518a6559ab8ed11e8fa09c025e61c35bb15b58513b59d58f887c5d60200e453e5200eb467b63f8e2b8c6789521d95ba0d429965a31da82922b3cc468c246595c533ed471612b0cf58090524411eb306fd7556a"}}, 0x110)

03:45:26 executing program 6:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x2000, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x106, 0x100b}}, 0x20)
write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f0000000140)={0x8, 0x120, 0xfa00, {0x2, {0xf69, 0x100000000, "508e0ca467d829590e3b5672579ae4154bf055148a3a7434f2c8d9ab9ee81a7f90868422ca83fee606bb922c2108de78c5edd45523d105186bafce65d636f6dbbcfaccd78c7cc8497c0651a3cd71f1c5548d0dfc31822e6a3ed98372453c6067227857a0cab0154aee57221a83adc1616e886049ffe44e584c78e7f8b4d157b1182f00fb777f3c045d20bfb8d20c57b591302f4bd9776878f97918f9447afd4aba6b0afb7c7a24e3882d9fce89b27c89c4f14e8c93cab8b8c2d6cdaf1a3214e2181854ef512151490deff421043bc806b307b5ae8f054c9c154f57a75291750ce3b4abbfeab202b2fb2140a75f5ee876c4181da82c144d4ae6d67cf01dc8e7f4", 0x8c, 0x7, 0x1, 0x6, 0x5, 0x34, 0x1, 0x1}, r1}}, 0x128)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r2, &(0x7f0000002fc8)={&(0x7f0000000000)=@nl=@kern={0x10, 0x600}, 0x80, &(0x7f0000002000)=[{&(0x7f000000dfaa)="5500000018007f5300fe01b2a4a280930a06000000a84306910000003900090035000c00060000001900150002000000000000dc1338d54400009b84136ef75afb83de4411001600c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f0000000400)}, 0x10000000000)
perf_event_open$cgroup(&(0x7f00000002c0)={0x5, 0x70, 0x34, 0x5f, 0xfffffffffffffff7, 0x40, 0x0, 0x606, 0x20041, 0x8, 0x808e, 0x9, 0xfffffffffffffff9, 0x6, 0x5, 0xd2, 0x7fffffff, 0x7fff, 0x9, 0x8001, 0xaf, 0x1, 0x5, 0x4, 0x50000000, 0xfff, 0x1f, 0x8, 0x95, 0x3, 0x8, 0x400, 0x1000, 0x8, 0x8, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000280), 0x4}, 0x22060, 0x8092, 0x9, 0x6, 0xffffffff, 0x2, 0x4}, r0, 0xd, r0, 0x5)

03:45:26 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket(0x4, 0x0, 0x900)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in=@multicast2, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@mcast1}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f0000000000)=0xe8)
setsockopt$packet_drop_memb(r1, 0x107, 0x2, &(0x7f0000000180)={r2, 0x1, 0x6}, 0x10)
shmget$private(0x0, 0x4000, 0x30, &(0x7f0000ffb000/0x4000)=nil)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/user\x00')
ioctl$VT_RELDISP(r3, 0xb702)

03:45:26 executing program 7:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x3, 0x0)
fchdir(r0)
r1 = getpid()
ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000002c0)=<r2=>0x0)
kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f0000000300)={r0, r0, 0x2})
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000340)={<r3=>0x0, @in6={{0xa, 0x4e20, 0x3ff, @dev={0xfe, 0x80, [], 0xd}, 0xffffffff}}, 0x1, 0x9}, &(0x7f0000000240)=0x90)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000280)={r3, 0x101, 0x1, [0xff]}, 0xa)
setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f00000000c0)="28dcbe1146df5ec8a254d27a4230ade62fb049d93c5d3346c9cc89ee846073f67a959532639c06997fe872c96a549bb40fd448825926b532777ab33ef2783a37a0e4d14d58eb374771fb7f393ca80fbd38c63ecb9ddebf741242c0b51c9782d46c95ba491b2ebabd9f1320b880296863c16a4323878cd4667021df16df51b8e4794de537ac2c7e7878741e164fa1fc021ce0efdf3e2f589693d8d9533944d9944cc9ff21bac75a369200f1bd70dbb7f5d0", 0xb1)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3000008, 0x32010, r0, 0x0)
fcntl$getflags(r0, 0x409)
tee(r0, r0, 0x7, 0x1)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000200)=0x2, 0x4)
r4 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x80, 0x10000)
setsockopt$bt_hci_HCI_FILTER(r4, 0x0, 0x2, &(0x7f0000000040)={0x5, 0x0, 0xaf}, 0x10)
socket(0x9, 0x20000a, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000180)={{0xfa9, 0xffff}, {0x80000000, 0xffffffffffff0000}, 0x1ff, 0x4, 0x6})

03:45:26 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
fallocate(r0, 0x0, 0xb1, 0x1ff)
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x7ce, 0x80000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)

[ 1587.657312] netlink: 13 bytes leftover after parsing attributes in process `syz-executor6'.
[ 1587.669587] IPv6: Can't replace route, no match found
[ 1587.671422] binder: 16159:16163 unknown command 0
[ 1587.682123] binder: 16159:16163 ioctl c0306201 20008fd0 returned -22
03:45:26 executing program 3:
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:26 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = gettid()
ioprio_get$pid(0x1, r1)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x10902, 0x76)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r2, 0xc0505510, &(0x7f0000000140)={0x3, 0x4, 0xfffffffffffffff8, 0x2f4a, &(0x7f0000000040)=[{}, {}, {}, {}]})

03:45:26 executing program 4:
r0 = getpgrp(0xffffffffffffffff)
ptrace$getregs(0xc, r0, 0xc37d, &(0x7f00000001c0)=""/230)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa}, 0x1c)
sendmmsg(r1, &(0x7f0000000140)=[{{&(0x7f0000000440)=@un=@file={0x0, './file0\x00'}, 0x80, &(0x7f0000000400), 0x0, &(0x7f0000000180)}}, {{0x0, 0x0, &(0x7f0000002bc0), 0x0, &(0x7f0000000100)=[{0x10, 0x29, 0x3}], 0x10}}], 0x2, 0x0)

[ 1587.726223] binder: 16159:16163 BC_CLEAR_DEATH_NOTIFICATION death notification not active
03:45:26 executing program 3:
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:26 executing program 6:
syz_emit_ethernet(0x1e, &(0x7f00000000c0)=ANY=[@ANYBLOB="09000000aaaaffffffffffff000c030000000502000078e8659c2199b50a"], &(0x7f0000000000)={0x0, 0x0, [0x0, 0x0, 0x0, 0x9aa]})
sysfs$1(0x1, &(0x7f0000000240)='team0\x00')
socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000100)={'team0\x00', {0x2, 0x4e21}})

[ 1587.797429] binder_alloc: 16159: binder_alloc_buf, no vma
[ 1587.803122] binder: 16159:16163 transaction failed 29189/-3, size 0-0 line 2967
03:45:26 executing program 7:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000000)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x181, 0x0, 0x0, 0x1}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0x10, 0xc0, &(0x7f0000000080)="c9ecf37c9d0000000000000000000000", &(0x7f0000000280)=""/192}, 0x28)

03:45:26 executing program 4:
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4004556a, 0x0)

[ 1587.904279] binder: undelivered TRANSACTION_ERROR: 29189
03:45:27 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000008fd0)={0x4, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000000f4d)})
r2 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:27 executing program 6:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000018000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000013ff1)={&(0x7f0000000100)=ANY=[@ANYBLOB="13e5000029000100000000353f07dfcd48e56b00b68733967ed4219088f83e9167e5caa84d6a13397d072941722edf855e4ccc6900ac454526af235dab627231f019aa10bc5f1401629299501fd3531d2eccd429b4ee7acc14e9153785a35c1f943a3134d2e778ec28cd7732f4fc778c5e7383477d769bd8a44e78ac31aa0e9bedb394796de971c2b889125cff"], 0x14}, 0x1}, 0x0)
r1 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x7fff, 0x111000)
ioctl$TCSBRK(r1, 0x5409, 0x7)
pread64(r1, &(0x7f00000001c0)=""/4096, 0x1000, 0x0)
fcntl$setpipe(r0, 0x407, 0x14)
ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, &(0x7f00000000c0)={0x34, 0x0, &(0x7f0000000040)})

03:45:27 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000040)="025cc83d6d0000ad9347845679ec5865635efe34c9e9086907a335142aba4ef5c7aa71783f4daf1f2dc862ee25574c27ecd525ea63e8573483256be8d8da080aa38889d923b1c60dcdc7fdde345e03f3b9d08697a1e06b0741fdd3ffff1095af187dc3cafd801914890c7c34dafca236ee855595c546d9656ce22c0c9c934334e2d1463533201fa7617875fbdd1d958c6cb2cbf22a6efad85348b5360701195b467bcc34d90cafad417ac447f5db8a17e7776cc7e3f8ada55cab65c597f680ed4f5e99f2cd697d4587893c323e3ec80ff4e07dd4d0b4ab8dccf9a6ef98fdab81a83803d780e3602beabc3bf896f2e5112b1dc974414f")
r1 = socket$inet(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x6}]}, 0x10)
sendmsg(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000880)="240000002e0007031dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0)

[ 1588.395577] netlink: 8 bytes leftover after parsing attributes in process `syz-executor7'.
[ 1588.404887] binder: 16211:16212 unknown command 0
[ 1588.412522] binder: 16211:16212 ioctl c0306201 20008fd0 returned -22
[ 1588.423420] binder: 16211:16212 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1588.434607] binder_alloc: 16211: binder_alloc_buf, no vma
[ 1588.440352] binder: 16211:16212 transaction failed 29189/-3, size 0-0 line 2967
[ 1588.440456] netlink: 8 bytes leftover after parsing attributes in process `syz-executor7'.
[ 1588.454950] binder: undelivered TRANSACTION_ERROR: 29189
03:45:27 executing program 1:
syz_mount_image$gfs2(&(0x7f0000002f80)='gfs2\x00', &(0x7f0000002fc0)='./file0\x00', 0x0, 0x0, &(0x7f00000031c0), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="636f6d6d69763d000000000000000030ef3b0e04ba8dc9b09d30eec13270303030312c00"])
r0 = gettid()
ptrace$pokeuser(0x6, r0, 0x8, 0x9)

03:45:27 executing program 2:
r0 = socket$inet(0x2, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f00000000c0), &(0x7f0000000100)=0xffffffffffffffb7)

03:45:27 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0xf)
sendmsg$nl_route(r0, &(0x7f0000000040)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000029000)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c00f7ff1710190dfdff00000000000002000000000000070000000008001500040000000800076000000000"], 0x2c}, 0x1}, 0x0)
r1 = memfd_create(&(0x7f0000000000)="2e73656c696e757865746830c75b5c00", 0x0)
setsockopt$llc_int(r1, 0x10c, 0x1, &(0x7f00000000c0)=0x8, 0x4)

03:45:27 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:27 executing program 6:
r0 = socket$inet(0x2, 0xa, 0x40000000401)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f00000035c0)={&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000002c0)=[{&(0x7f00000003c0)="fb9ef8be18eed8dbcd0b50aa95ce06ee3b0856f96264a02e79a98fc0f721ec716521c0cd6331bcd7aaea5fd7701b733aa03c75216b4aafa602bce39fadcfb8178a2b913bf653aae1b1ecb89c0925236f22b0153f6a586ae8e55d6e061c49a3e44fc525a6769d74a2603e5effae302bf0a33837d8967399ec4a4b0c172abbfc276bd0c36b19d6112c1d498d6eeb4b864b43c24aacff2bc23beefc8cc2ff6a120c0a1ea8b1ddebd35da902832d4c75f7aefd08a8381f5a0e6f75e4b912e39ba21734c6f4bcf4c915bc276ee18d985dbac53b0a676da645c271ffa18444fdeef311f44ecf70fb45538b61be851482aa69cf0276e46408c9e993de9f61a9c982271cfa40fbcf57d83b03577968bbd8a1af5fe9573c47997a73af5b62e045a5bf355616f8067d837798046db0c7f10a1d9da259b9a8e324c99e07152d3284b4b01c3c7ddc5a6e4463e12982625895222a5202d03fcecc9eec5a123584459b11f9e4e928102ac318a26bc52fd3bcdc4089d5113c4cce3ed7a6020c932e2ade3b06cda5509f0d1c7c8fd8e55601d340aea98f1db7f4c802fd80bbdcd56bb3a1a76952af8db5f02a325d788ea5efa9d207251a356ab6811be2cd057e6e6562982eae0791fe1ddcfb564d27e39929d234def784b84fb96950db890346f1fa565979c12a32f82f07defa05b945b87c171f1ca13c6bbe26bbb8e2befedc9dbdbe611783c764fadfb8e61bb473f72fcc53f522ac6342a4c5461f3fa7ff0f87d035a199686faa22e8653310b71ed51ef434484403c7be38c4c5ce12dc4858a95e8fdec7dc0d39d07d24e6d54e2db7287328e49456725b44bd39efc9f5412e3357091e6846ba4ea1c8fee7bb77c7281e862fdb6917e720f27f0a8c27b8d0e56ebe93b4fd2dfb3b32fd1a326f937dacf6f3069bf9ae406de2c5c079672c35daa139a0811067c11949482fbf55a8626dc98d07bdc6cad87460a2f55b829c465eeb13f5c51bab0969fa905df8b9577065bccc6410c95a9fabca35f5726fef3a722ea641fdefdb1ff08812258327ecb6208f7e6841a5000d6ef442dc060abc40a741443f168a2eae478966d798a4b51ca7df21ea0bd70f31c56ca218d7412a24e8dbe9df3690c5c3980899813be85464267e695eceff542eabb489560c78d2281d76a23931363715bb0d0835c1136567a9172e72128931ac0fafb4e12dafbee20c57891cf266bb726d9c408d91c704f999a89c13e2c017a6a3a6dd1097612e26228afecbd49a9f6efe18f8fd8d03c0bd3e9635b09ed19acf55f4dae03efc0e9b93d92877ba4b15ebbe4a3d3405dc4855b83dfacfc3ac636a91591815ceabb0ba98f20e2919b7aab401858a660dfdee617631a8ef364ff1bc46b6c9ce349ebb630493e7aba01696ffef4ad752720247d4907402e6efa67ff8d6e451152203e3c98b8c431f0faaf7b09a24e56d0e64834be597ea17463ca46419fd0b82ba66a9348a0c41ba19badea02fe2489e6e25680dbe12ad1dbd2e157d125172e95dc5ec9a5521d4c3d78f298626dbbb6850113117e19a8ec255d273a3d3e2c8c1177f11420566d58f8a955095a6ef679afce122b511d8aa7f3e9ecafd1733e25fcd38c614816ade3eac4b2fc2c88c0c11214f80044517bf4710d8615da7c2dec70f6a4c18669c2614787aded39fd219c1b68d29c5c407020d0c10be71307c832cfdfb1e77890f4718370a66b20b595700d04573d9d91e21ea93319fcba6808f168dc6cdd4cf34c55dec634b2def44d0fb3ec81c6759f79982a44f5703e1b50b51ba9e382276ca1483f6576798421f14106aca665092199301e6d9836b103d1940f0aaabe136f98cb033f2450e5ea95a033b11d70ff05671518373598a6a65d8bb0d5d5fdb3b6453aa0d984d06062577f5114a7b0d2ad4891668d89c987b69b8c2720d52d95926d9a54c8481ba2d3ab96165cd9cb8222751e0669ac6150248073edb27060b91fab8e01003626206b0b51e48219ded92eac8ac3d0179db7752e21989f3789d7ae850f07e47ee1d6aaff89fda75d2f52f940f389da926ee8254b44670746f351c4e23f573c7832c0d700915f402f5b81f25222ad94fb00a59e969ef61ff6c9664d8eaf684329f9de49f7e1d1a4d830b6a05e5642e8733a121ca240ff74c64af41826f54ceba3a154d1ee9112e02f4f0607099d82f59c1f9f25b34e3bc1b85fe43a142adb8918d84f19aa3273dde0c2112dfe9c20025ae8cc527778fa1f675dba2d8021168197249d542b84abe5532ef4f3e4a43518d9124eb583a99f9f41306996ef498c05f8837bc60d6c626f6583870443d20e1f0e89ab738bd74c80e0126c563e16a9a453af6f74ae776634434c41d3e18750e258175b4789a12e334bcf20e67ada03c67879fb632ba322bbb0b593809aaa6c3f1ebc2ff33700f1fecb8d85c042499cded3fcdddeaeeb128922a810ec7cd62943ec49a5ff0cfd74ebb167622fe63cf750812799665fa8b3ee203b2ad231ffbcfe6904660c2668e876766eaa7911a5ddf0d5bd3733b8bdb9c211228b7448f7b658c2b6a91d14be60c4c7a7dffa789d1e3960ccc52495b05282ff45e1d648bd5de575c340580b131ed0bb3dc56d83cd6264b529dd09523b657be5eced33c5aa660bf1d54fee09472e8f678a8ba64c1419ab825d343ff68a5646045a6202d70da7244cb9874d5a1c671d2d78f31fcf4701227ff4743123bf886a01ef27d36b565def4cfa55bd006f5d3c31f702871e9260e5c2c889a2b6eab5c5e42e7c6987d1678d8ff03086ef52d3f7d94658011aff72b44ac18fdb995d6dcbca5daffaee58a3394034216e529cad82e9ebb7cc6a7dd66f7a1ca4b150e18f8eba9a961ebaba1d0efe489cb787e847eb7807e9afe139e43bd04fbf658624103595c957eb6c9b70706fcde272881fb4f0c562f76db390342e9b938db9be640e901059aa222d2622194a065b6bc38bd0495c65836085b10087df540d3849ecc7e71171de23b3c6b5d59ec7368f5a51b02bc6e9f51429128609bd46a73e8f1c275dce6d818543df19b5bb1182f77e225c1e95e884762da286b00c9bc3317fcdfa57ef3ea6e1bbff595c1b4c46ebba1ddeffb7cc0ca7f471e7e513da4e8131ac44b05b36fae73b53ab39f8017e0d5c5679f7065db55bb313e76010fbb64df351c2398b604a9bd3290e813de6450ba2e5de4dee26a3ee11980d06e8afb8cfd5b8d0f0cf3bcfa953cb603e86c5543e527f14db5deb8100f8be708588f9bbc86abaa3f8a11b88845a4d68f2e80042f6668822ebc31b99aa25097a546d3dac815daaa8d7a8d65f6433ece4107841829ab7235fcff78279805f2486b330d36cab147779f0847737b56032bf698c456033a122533e55bbeaffc981b79b82c60aff3d0413c15e425e3e0bdf7b58c06663cbecffe0fef59e680a2252087a72804618a7c0b55b5487cedd238b880c834cf3de548eaea585a4ac2abf1e640e75f845a9272f99b4dca4ffd2525a8dd9ba53c857d8503bac3ae6dd36fb44ff3d973c316497b29c8e5168509c595a3824199849105a5a7eefa27e8019e2e44b8e75b22768cb2b4fd03d05fa1f446f7759f14e5cb93f32f502f7c1b2de4bb4a122f700781b191844f8f9ca5518e2504c0085b9709b1b4eb27d4f091ca373ccf1b3c467dbdc43c453ed3963167802d842ba888e9bff1e0b2d82c350a2b9d21a4c5e2d1cf2d37c36b20a5a9d91343a6c23750bdd9af4935c62f1f86e2718ff446e8fb93baae657c167e907ada7578b49f217596538930ee204e92445b001de4ffe06ec5e10223ffb8001489fc09520547b4280cdfc19a4781a11b0e7f8549e2403676090853dbb2c75b01763c85fe174e402d5bc77affad74b609ed1c918f4d8644b2061824773ffae0a19cc6c110614faba5f1a23bf96e3c13266d5de8e3ee01a44cfecd9b8ee44b25e2e49603c193c3056cabcade186aa2b079c49bdee912c548b244fdf9e6583e35039e2a8ee21e6fe9924750dc461931f4b56bf16082cc9b05d0c4bf773fced783ded9994ffcc824e3f9a09737ec222123203ed5128100fdf3b5a415e71b7eefbfcbe8309f6754248d313815b555281020ff5ebae89f2baf1bc6eb79605bf3755140d80e271666847469ffc32117e8aad2b049157cc61059e6f4505f6963da7c9adbf83a9e3eeb26066487ee8c7558fbb8783c2202fb9b707bc25fd7900911e689e88e8ad58874d9d9facc0c426501e5acb6c025391e1a90076c8e0aba4a41e9899a2fd1fd4f8603134a1942d7f3764fea3a871d69e730e8f6d4a9532cb805c3f15ca35b30219c6ec9d91b3cb3e478cfa3802ca642f4a8d4aa64f1065c501206f07bc9c1c00491ef60eeefca7a7fe91202e370729a433212485d565e995770e1160a3b74b7f5264fdd9f5455c51ce7bcd2abc6db387d40800c3e1c1623eaa02024f480dfc95878759d089b6fa9db4bce1e3ce716145bb26654fd39b9c646d978a0bca4af480da3ebb7775ef42b14461b4941d2a24564e581c0bbe6bd875e5c277e69e1b195aa4b3b026fde10504915b3a8d0e623d8c0e3b108d834b42550e179a161514f65a8bed3c1389b0e20c6cf410610cb001ac9cf5dd56db57b72be7b80752790369eedbe3b069ec0173ba96b8f7ccdf52fefe14e6771d82c1c65d7ac7664733691706e2ee51102b46bed743aa6df00db28a41362d2e5d2e16f1765abd3d01abdb1a55943e802062c6b0609c5c810dd985a510d8bd5a267071342ba7ac9b49faa3283fc92deb73aff92570894840884672357a5f6ca9bdb6defe3a9670d9eb741c99dcb4046ecb808fb2f8e8c519ae88f5ec9dc1dc128e2059555011a80d2bc6776f833ca9bf99b4e16ffe077cd2d0bae043114a9a9bb7b37d534f9ebcaf922db229e0d89c97b60521da9a9807f48bc3ef33296a83ef1a685c62bcf38d57f9100858b2ce570e341eee90a4e600178ff1b39ee9158d999acb2fc69143b2182de1ef316804e43c6d430d7925a694e30bf3c0dfcae46a53056fd2a7a1625056b7408946edb0755ccf8c7b991bdd264eea095388c0bdfaaa770da4474ff5ac38f6e8bb0b118ec3bcdb1de24d5194a588a913ff6d0bfe94a559010e6b647f34f633faf95a9d8119e20bba9df07b80964043cbc1419b4e488b2618d2c4b5ccc86e0acdf9845f314c0a3b71720d45c790b8dcb5e84be45a0ebabdebe654c41947ccd63aa4f635acc7eaf17ad80143f141c64422f02b92b4512f950f9e76e70c28ed7687f65fa5863864910d1fcf21bb6be75c0fd149fdf8e9507977776084ac9a573c89c074cab0b46478c162ea1769e561167a715e03d93396d1cfab530e3c600be1caf6447927c1051f8a1dd10b030856354806457fc010efeac92b735ee81e7b71271d1b848e949140f664e7390c9ced55198e055518c102e00aded09723773c540f0fbe14adea0e2437efa0b444060d35a6fa57a8075c2a8822c51e35199c0801bc7dee38efbefe816a84b8f21d66f1d596f9e76f83f82774dd70fb6b32f6dd83acd2c824899f58b67cc7aa08503ab86bbd483aba7c6f99285262f8680304a254a7c03dd012ea3f1d749c46f110aa45a65bdfc5dee306ee5b72bf03a8e09c8bc0e75b2fe4b09fd4df9e351f002f4ca123f8cd70af123ff61b7ffb5a65a285575b7899bdfe0267b4e1093a604949c638d032765e36a6c34294c216c2fbbf7701378dd9f48abd98cd5bc32fa95a8b0f40c6c20e078f03c388c88ced5d7fc7a29a83f761f72e1c57c6f51ca3b61b56ecaa4f505a4676186daf099d5921d", 0x1000}, {&(0x7f00000013c0)="495fd6d7240c3ac26f511ceab73b6a74af73e179df8d3924784c943fe80f4766c23ef24e8525c8c33c97d95abfab4c9fc980bc29c48c2a332b46e5402362b52742e425eddd797e4e0b7b3f0669cd89181e0e6e73593762f2406665ac4179fb499219116c859c98e293ab71aafc48d1d8badb65404cc3c64c833402be000c62616de309fb67d46e8d512a8f9633a943f30d0478228e66e2d4bc5eda262eaebc88d476f1d7d1cb1fb1c7b679d8d4111f66b620d33b47e080ccd1590c76dfe8981169c638528ac0afe91c4bd6cc36ac44d85bb3427a96cb8ebdd3ddcfa3a16a5736885d8cd11a39dc7686485d85c1f18dbaf0eaa65316fe0177cd14e6c7d2862a5ae29240fd525073a7cd6706c87609bc0376b006ebb8629f732f8c4cd11b9b026b32cb2245c0720a4a7570ed724f983fccc917bf57a58227d7c2e9299090ae2d3356dbf28ee10c7673483aad33b3b32c83fc937c05432f058f7d0c292c10dc04fcde5efe6a54a41503d583e560b785b95c1ded88b6e605115a8b16d7c28d4de29258d5a34324dbbeb63499dc4e4d22e3d27ec653a8715f13f1059e029f4ce7d8b1cb48d1a4a5d7ffd860232b54c6b3b1670f904b7583799218434cdda95e5441698b019dd718490e23bea9a3d1e5f0f33d6bcf8434b079f11ecfd377c706c5b50c946a28f478e2d48b0accc02094a35e2249c8ea63dc0b5cdbd83d48122b1b1ae230a7734133f6247cc5dea88dcb67228ee8e6b9a6e1bdbda7d01a8973f731002c17ef8da634633c2c49ecbf4667c34cf7779fec03beb0ae42d6fe3fc3494c136975088ddeca8748a44614b364f2451df7d84ce197f642935163e10f3f51601875e2d26ba1127df175e19af6e1677a50b370bfd7def78ec98d506ac2cd70feeb7c9b0f3b0edcafc94ef16470976ed9edab1215ff68d04e0feafd1adaffb0034925b6a4b43021f0ae1f6d44a56b6cd5fff6bf39bb2bdc08ca403fc6cf6ccec2fd448120fdd0111b5b25c3b5f6daf22f2cfc45f142ea9adf959157c067a3dd4752612175caeb081e0742485e6aab704ab8c3110c8cb75b5bb791eae5f2efce502c33993aa0bc2ffbbd239252151c244b81d00303e3bb21b3c2f6d6d254877664798c552138446791a6daf3a7e7bf1f3c095ce0596a2471c2210f09188f60b0bffad4540371073c9a27348b338300b4d70703531b5ba4dcccfe16b92ddb86eb1da0ff8a194934e76aea61b86aaa86480d638f25e9be2303b2f021012d6b127c6ae5837f9205985001d83ffe3edc1266b0cbb5935a67e19103868c371af500459c0d448705a4e07446c15724aa4e8eb2dc8646b933aaf75f27802b2b9670b54771d2dd55bea30fd0f20b9fc4242787f2871e1a310ad7e3d62375e73c9b778427d4c185d2e83566c55996ca2b340fb5c5c019d027741d3c4b1c100ce14afeb69249fb830be3b1328e5a3417b41539b9a380b83bc3e4b02335c114016f70fb747066b40dd2a0dbfc0430d780a079a3397869a1e55bd956e8bd58af75ad6b6eee84d5489dc6084ee206464e2bdcca3823040ee1449d3f674d139876ff72d346ae1ccfba37abc75c8e9b0148c3f461bba6ee0dab89e544bf2bf1a512ba7b41dea2b7493a7a7fb38ff2863fde3a0dc173d3d5c8615d226b96c349ff44ae3d3e01265e7a1a40bd21383268daa7cca0ea7fe7466294e590699c9a230898253934e9a0eecb52691824d4bc75519c61c52278d8309824429c2c9c9a9e99805b0987f29785dd04b92a6c19b392a071664bad32e55d1580d49bd15005b4d44393e40633c0b90fe6d074dca43f2df93b7d5086b66a8c9140bbbdc60e8d3a589a73de8482077ba0c4395bc1b5c13e90e7d8b6664aeea39d62f9ff148a75db9ac22f41081d8181cacac25a26c55f07c59bf8d41716df383c9959aa53bfa93ebed73911cfb9077430427a7f3dfb9749d0bc095287f06af99e9fbd3b8e837e425df81f9548e9320a679901ab1e8827bc987f06626301fedec1a61ad4e9d801b5a74fe8529d212492d09db6619372d35e7034cfe2c03fb6fe667d6e5b18c515fe66f060fa7b716a04e7621efeda9d84050d695090e3ba32ad525b7853d747d86e66729e8f3134f442161ba4d5a2c5ed9c76d87f99e699594851939713914daab6192ca88141ae78826b5908da3fb2c54c762b683d3394e69c3f559f031fd40466ad256713c13cfedb5f6e957961d6de7f46f85f98050b748f9abaf54432a48ce4b47724742dea72c2652334e2347a4fcf7264ed6350bee3429b9bf2367863107b17d17d43d2cea82834c0a53c5b864e0473d58c4f4a885c882c6b065f2f6030595ed12b794dfc61d1aeac725d168a87ae19de99983982619cac4cf5da0107467f6c0d2d71d15185d4265f6c2323ccdf4704d32bb28bc1263373143af6c8e1856bd570a6a3286f5c85b89d2935b8a76017472ae4c1b5225f78b0714862be068f2917c8e5926e85727ce8ccdb2ce2c9cd174da07f6002040abda4733d0f6c660eede02515bd9b0cf8d3629150b94cc4b6845de6cd930028f5da1651ea7177dad5cde49c659c27d382b2efa96dc3d8dc4955030fea8a8b9a6c9600a10bc216fc7477ffa101e68a9d91529353e4625de6372c551ac3d1a71348874339bf06333a2f24120548f3971077f2286b10cfdbb8910ab7942204f93d5b3968ef7e6b4be9c0a79fe6b311d15204fc4c66c7c714f09fc140368792c43b9fff33a8ab86e78c6621704820a1b6bb032c676ea71ca0600f0b1b64e24488b089c26d8009c0e3cd0a9d1f3de4fa6b92355675ee9378f1602b5627dec22e949369fa2576d8b7b837e9be1066bf2daae82dc611b11c67eae5c227a91d2a48936d63332203a1c404e47e756735f21c822797db5b5bd4d1823fc47f21af07d6fd520a5e51d0ed697f62c21d74bee049046b2ddc3d3450c50ffbdfe337352c48575a81d40e67fc440ab04ab0c8a29e1bbf80dd82b1a477ad870498eb507e3be87fe3e5e2e52b6776b0079c5158fd9c047f1f95b4e14b13feb8f887a6507a437c887eadb747c76f2fa4e01f3e2f1fa8e440f818baa8fd69df422a69069ffe7eb91d46e29eb742aafa6ca0d4533964abb57d36fe0423688be000375bd8865eac716099fd9ec759a41f7fb1dc26dd98a7b41330d8be8312bd654632d27d73ab8c2f83c81a61c27b4dc2d822b989275358102af56417a697d4ef4240e6029da9fff9b00c84d912078c1e6e31652e35d68ffb9a19418a938f26c490e32b824992e77ddda85a0bef96519db208ab9aefc853304559d7c3fc7a05a610df7909475980966b63e3de4e85970ecb9f25f6ab1dc89bcdc9d669a1e993df0ed8c898504703a120c93e81f6efb4e31496f17810653cd7f478b6477436e4b43a668cfa3726919d2d74faab05ccbd8ad88ec66c42b5176a4f0a309c60b58b470bee36234e1aa9347ead8e195cb3c080dbb7a269a8a1e40956ae9976f29ba407e0a3cc296efd3552c9c6be413ee26ebe1a305c6ddecf524382d78c260ad72980d810bb93bbff9ca1f26e6a41ad017e084f07d9716426bd5e8187c467c7894262b278e4f9c0afe61c4bcaf598c0511dbc7ba862574bbe4bb5b4b438eb48b9232c7e7d3c8093171b17ac24dcae0a9d500a929b804ac02d8c531013ffcff9830e42fddd5ed278b2f6e7c4af53fd39d532beddf99e897007872b7e992af5906bec82f48ec6cf14d6665c0830fdf96c42ad97c48c4e2fcd426485c8b8a49adccbc03723d9151328183b3929ffd70817619f6316fd8301b8186f95085b5137e05691cd86b871fea26ffd6ec4d0df3f045dfa95f7569efec5ec3568b55b3040bed361478473a2f2e8e48a64ec3c917ea15a11540f7df525270a02b5715f7aa08d52e027b7a2d6ace8214bdbc2308ed3ee7906ce60f74febb263e4dd990b28133e16e0c133b80e7970e3e0daa563267ba97284ae0286cc1e5e6b6563534acf18004b321ef3d781e8b6f72fab4fb252ff45ecd9a3de5ba41a183acc2e4884e25fc1c802963c6418f3f64d5d101b2b74c14b4745e765b6678626d0c221dc29c7f9950dc474fec3fc3c336f00383702733cfd1c895bb35abcfca5a3d2007549ba908893073e7bef0f97c1b5c0422d23c394302d697340ce7305db7b49819201c3d3821d07af438f06ca5a39aedbf9ec399fbc77645c6cacae1d1b6a0bcb389b398028973d086ec0eeee46c98d5632f4dd273073b775de76ecb35724bb7edda38305b5860e4cba9b772c4bb8a72f2a6b0b806c4addb9b57d0e1961ff8c9ae5f2ccef8979c011bc961a9d055c98628a282484c6ff97bc78d522b61b55ec37883ed919174e796452cfb03a1b94bd2f29128b0dfb6f0a4d4f4f455fb7093bb182dbd85dd76e6db1b499ee5f1ab5dcbe9db2c58f613fd1529e15d67d1ab3abdf97e0923c4b8da9f85f4ab027360ded0eebd2c1874bb3c9401d611a47fa7e24b5ec70eebbf6204908d8f0da4f13c0ba7e2451f8c52dd99d99d9fc3acfc54e09d1552df2bc173e7067519fa1ebb8d1620e31e6fefca8b5dce5a9e21977d2e2642d7423e2c90ba9f959ea337bc3f381c614fc3594a6c3d62f0195bdefbc31aa4e560ed78eb9f2f1aadb4ef38914cc935ee57eb4ab9b6754ea25493e9c3044bb4eb08a7ba3ebd6fd176371277bb1895f6d506bc532d14d840fb8685a95e08a3bc54dbeba68e35828461b301ac70a9ba5bad9731abd7b7429a289e147f5d7451e492e8ea4b21960dc96c1ef25fc2d8002e4fee111afc6d6dd3ccea90484a1c2fe9276c9c6c504a64200040bac8f4660fb8d5143be5c3cafcf3cac7f2b680f929c704059baeac2d37ed1bd189e49d03f292a73673f6f33a8d0c427637c0af38ae0ef020306b1b98d306fd9fdf2f0311c225e25fccaef3d045d25d61eb826c8bc7af33f37f8e0940a6d29daa8a51e4ce6d31a9b30e760dfe69404adb3a72f2066c6813c5eb7c51d39cb15aaf1a554b172f2ed7c79d16bbee75c64eaa9c2f964901515f1e641872eb96f042eb55008f769f396479dc41b60633b5a83102044971b952aa5eca5465a688b8c7d795649dba91791f7419be19956109e25911cce1f2f5624977cf61f720283755d2459744190ed4d739a99241e633d954c3ffe3f5d2c0c9dcaf0ae01383f97eff965c3a28afd5a611c9eee4b8c043dfe79d92d63aa9c4d32168f1dd8738a29348f7c2f6684a34fcb9a53e4c8e632ddcb210d5dfd01d97bdbad4f3f9c47a2158279c152db24a9679f8cb5c99612f95f820eefd36f0be5c801f6058f073bcbad558520cedf5cd5aa89de11f9802c47d4ae473cc3ed19cb0a88070c1ea35700309ddc9d8ef743e12144a58e567cf3f6d764eea72c741a007bc342a96c8e83fd58c3b6894aaeb136f22446d7e53e30e39554ad10cec7dbdace200a6b7f8e26095d9445b68be43818e1a926db804b0a31988d223a68137b86f86ea0cecf55d48a00ebec181b319ab38d3ca24b289287c7eca8be9bc18ab8fcde9ed8ef3e85fa1c7ba10773bbafc8bd9a5d088f237f4ebc4f4f5754faa42cc5c3a81fd707d1a3b54b592e93a038fe505626a5304c984c9c2db216d67107aba2ed7e5a3e05fd29c2c99fba46098a7e04be79bdbefe067224dfe32b7e46f49e233bdd69527bce3c54fa638eba7f1acf06721945b562ccb60a085ad4b089de72f946eae299fcbb53aa1991c6e586942d42f57eef467c524b27c4580159a8828223d02448ac3f100a2366b062e1975d913c5fa1bf0d99aa92e0232fe16eaf126a2c29325b3fb779489e0d6f", 0x1000}, {&(0x7f00000023c0)="2f1badaef56a51f2cb5e75bb0d0a48ece6ac4afe991e07dda19d85d546437ec78f1a856d7374e8723a8e3d30efeb95ae117fc1b0c87e22e4d3564bf6cb1b5d0ea4b9f4ac92253b9d0a9ee93576ffb128b752ca5de74049aed67ee8d949ccc8ae9dd64e4457bae9bbb9a027b45370eb4b62c0675574eda29c50bf9acf128ad7704ab29798f06119f4632461665715deb98667b78ba2886a6cbf37460914d849ef21d0f2f984587c579d08d27a53733cbc1d29b61c3989a9628dd656df3f97d604160d81c1c5e03dc762e2ee31753a9e23e3876ea81ea2cd2fe2c3f460a93e195435cd2be9c25dda1142520a69a674a03650a2435a3e56a64f14d4754036a84fb04e0ce714b5074354bfe3c11c4c54acc14048e7b836fc766f95225ea658eaa8d7e4298d6c433fac5e5a94935c3935eaab3ca91a0131b61e5401bd8c96f3a575df5dc2b5b4d40f5607220439e04a792c2cd67f93c2cc9d91ba2c30a746cabcb63d0cf06aac070e1bcafae0af81666c0731c1195c46b3f789b9108d2a28a04088067cfc73f4911738ca2fd7868778d02599fa03ae7536c85057795e40dc075f899a684e2451e8aa188deb0ef495596c2c43944d95b5a2a42f842941bd1dd48207ddf41c790c42dfbaf6fad9738391566d470bc2af6e401f1f43c58ba4b7d02f81a8ae618c2c22db61cc3555e7d344d4bd5f48d4f066c72baf55df7fa705cd352e1f5020a9b573830b091bcadf7d9a0a59d88ec1062dff98a14010128ddaae133932556e8bdd362642f2c1e14a23fe5a435059664c5e908bebec6f65b8f90d9c168208cee67aa2f1c3b7fe949eafc5d51425f2c7efdee6304e0d816ba2475048cc5b48832d892c1e905d19a1ebb45113a89ce957ee04cb0eebbc687fb5f6c4e534974b4786d0bb9b6ac4484ebe191335ee9a853ead3b73b3fb0c207ace51a3d5dfca52eeaf419b72665af56394b7dcb98741ec33ac0c923259ee0bd4e73e62221aca1ae292ec6f8b5fe82451f6108dbfcd699d5b71eef9e57c0ab595a9850d69c6b8faa35aa0cf5a13826727f2fcccafe8070f66ec2eb58c4721037c5ffcac8ec4de303ace75be44834d5eb2f9fb7809f14c49063de23f1de598df72a91e15700f6fe60f83cb0e3d600322fe4402154d371dbac416a980045525b5b642f36217ae791e85500fbb6b9c2d3f7ace5e6eaed267254b2824d04940d78b74d4d45714856332d9dca5e62a840ef14288ef9bfc090da4303c6485a28d267f7747449ffaeb8dc577c33144776d4650fcdcef2caf9070406649b786d9ef6b81d4e4b2bf89154b5d3bf2814bc9bb1e105a5b18cbcf02b649e6b17cde2d2c928b9ca95e7392f6933157e0b31aadfd53cebb554eaa6a53dce3762845e3f94570764f79965016c54a661150020532b0abe23b1d21563302c1bca919916920b18de0a804f95b5649515634b8d5d9cd1a332ff711b968d9d1582cc5ef7019eec8ad8e1cd0ce7d80e7e568c31380c2f913e07252f53b7583b81b31957ec3ea2d81268fc7b5143296f6e57e46f13985e1d08b7b9d8a86c81f77f64d0eec183b6ac17cade67f9b939dcd2287ce019ca8db535ba26af26fdfb0ed14243807dc3d886a95217e1d3702d52f5f7b300d738ac8944f07c99a459ee34a44f312d554bc2f64ddab08f6e98b4331993f27e0eca84a90edff2083a987d3ae07134c19d9b29ad73d89b3a1ac61982b4b39776fdd9a6f8a45337751fb721c2ee0ea1f5cabc2066a65d284b21a33de019f236a47e3e04ebd8dbe35698dcb3fb14b89134cc4b5003ed126b08dc0f735fd54b06beab503cf7ba7f0745fe0b3e397368403404a0832bb2608173573db83a3ec3abeb15ffc79d7edfe852c5d8d4be98541d9b10c653e04c8761bd703a43b3bb2be8c364e1dfeb0e94d81c382c31b9e054c6a74a6c6cd02d308db9936158cfea8311c83aa5cbfb81f2fa7e2f8a585e91729c4b141b98e7432ce4b8907e0ee20d324a703161a9e8c8d936581328439f2e92492da8d77e0ee490649bdfc5d4d5c68ca442190bf595da3577a6764975eaa56e5674cb135e9221c62d4f4dbbe0d37e0e1f0f1000336a8c88012a23da86aa5cf7b76dbf580289509bd7bbcf0f55da9f357ae51a023304cba61ae74dec9c44f42066d22cebdcfb93f62a2e72916e08b0e867c95988d711e4f2b81c9588ffaeb473b61e7c9e2306106439ad3d372a976c88d65b75af805858ae25d65e0dd2f5f87626303955941e94d3c781b7d745396509691dcb63f15e9e703943d2e37a6fdf75cd81d9f6ecf8c9191517b1fd80c6cf43a04404d74e00032cb19940110e7e42a6d208c9d99256c473bff755f788d6a52da3c45743bcc6ee785c387fe8a990a5269a36bed449bc41b544979b3c87a1f702f15cb5f6f486c6ae690d0851cd543aa77b65c5dfb80d60a8ad615fb0165803225e703f48d8845c4865444d38cab225b18e8cd2f886dcbc9469d49a512d8ca210088e966bd14789cd357c15bd440a29d062d020ed0880df8c35798ff22fa5d8e69e759cb184ebdb95fe64b6ffcc5e89f5aa055473264aea802cd2d2af0bb4525beab3f82386c76957e959646f0a18a61e8ea117961626b580f947899bfdfcf83f1aa47e3e316cfa782a606e7bd259f2063e35691b67de610979154346435fbae63468d216eea767c06f1322e026f42f1f77a4e487f30070849018d7084b4d31ee81f80881670126bcc685c02ab6213ac2c8b49aab23f94e5035dc72b3ac54bc9de9ff189ecf484119c18cc3dce66806cdba3bc912c721c754580c7e5111b7d75c6fb61b91cb3a005b16ccebb80eb7caaf6d728bc8201bb130f105b24c2ac7f46031cfee7cd15fa5f2fc8cfcedf05c1eeb4da166147ac5e7ee590541fa830a96ce127bdc1682d2b65722bbc2f5ecc5142f6b5988fb43a6a1f8d54c1097c34a6c9904ca1587edb2d2ebaa50bd695968bc09c9aa0bfaacd7633113a868ba39995e10f398a34aaae1ccc078373415d0f21d5f0147804b39d56324a6acf1cc84933259cf97ce303d5cc129161eae42e507c37104b106f51d0f1ba17dac5a4d87938d057afd5464e04bbe966aee26b9fe43b3581ecb5dacaffbd4fe3e7e6d15642b2a93e084188c09c279879408bffd238bda7a1fc3e6058788616631837a54a3b5bba701cf031722ca4e78ed982d8ccf545eb965398fade88fadb0427cc4749eb3e56e73c4b6389f1e940d7970ee5beccfee8e96e09428391304fa8a87b9849ff75f0047f3985a9b416450fb51671f4ecdb20233e85b8423e38b63b8826bd95dffe762af9a92517f9fff173d2274db59e8fbfb15d7b2ac64aa573cc044b1dae5fb88b4985015ed4226a498bd2955acc46369b0e12485bbdb8a6e0249f83963cba9d8bbc49df90527056b61895d9cce2b0e88ec6f140af48b27dcfe0bf8cdaa073753be24fcd49dcc8666f50ae20b54662db20bb682936a8b95dca7ede48a14a6e672de0c9cf99f099a740f6e9cfa3f6f562168d949af806a7acbf2ace74ef34cee620ee2f1ead4acff58d0895463a158d2d5335bf646f617935ede91c4a078c9f142e0a16dcae6af1f4c644612a78a95c976ae230e6fda31dd6ec9e9ec249ab0995dd88dbf7f53708a3cd6775e64affc96b5193c11166f7c5295cc6d79b278c7261a21b84f7a16ce243ea230a43a7a91189f54d52b62c27d30d0e01cff7eafa34e592dbb044483fc0a9d43b9cd22a22704e6c6560e6490a33a14fdae0f13d8b75b318c3ccd4b088e81d180be0cfe1628dfd934054d893cbbd90e40ad99f5600887978da684abf8a75e13874eb9621712b3412d6820f771752fb77a9d63ac44edb44eb5a459dd3e5c586644ef220a5b06c44574158cd833647ccf1aac50697ed2a1bfe0f09779dcdd2b93d2014b3a23fb005f66cff9f6f7d3b890c67cd3a1fb34d5d84020a06b3741d639c9ccc87e9ebc7d5961ac0f0a6ae2841d7ae2a3280ba5c05d57324b9a799cbb6502c299d958169b136dac73b4f6ebd1e06e59f1a30865b84dc6d84f283939cacb83648af671dd25df7f5b47ed62a66be4811ef528c93e768703198b63f1e1014e4a510b5b5b6f91dce01e5f3c7da6f0f527db7341b2a986052ec9fe68ffe2178b005f152e62a6696d656488516eec19e59a0329e64c06103278dea7af08dcaae04b6322755f490482bd65692100930e9ad3cbf09458129b67e97d7e0e39a819c874a3f31060b857653fda2a05a8b8ba6ab03d1885c604ef701a120e920f48dfde4878392e948d5b8e2f04fb8c0504ba299fdacef5316b5ebe74539487b37e4abd9ba888280828f6e19ec2b41af6cd2e7e27be46dd25853f5b55fea59e140556837c17dce29761d7292690d1cbf4e458ae01ea019d263678aa065f874861f634b279b2cd92fbdb3aeb99bd2f454fdc88996d5804f3b073100680ed162e8c81e2d02a93b68fce82a524aa118965a5df4fcb283685960bf4cd6a6a9f8db2bd07d3d77c7630234e496eaf413fd05de54287d3e88a118de598b09b25a4eeaf1f832abc164e4d947754a57517a4417a1c49ad9b0d4ad1c218ada2323dc1a9fd1d1b20425490eea2cb5cf961cde7e21eb163cd177673c7dbc7cbe9d391fd2532943a9a4b18bd2b3ebea5ee237557ab4b5de847107be26d99272c24e934a3b0e43363183168593ce607e4bc7c26a55b15fcd335c55b0f44dd15bc77ac85e8aff2674f33636d49b891e3e9cab360d2d6d90290c4613fdc715bb53921c819ce1abea920783abf4d2435882695df6a00568f2c2a86fb2f4d64c8d7d1b37b1c3a1856871606425625c693b03dcc71b28ff78111109f6db2cdcbc2358ee00c56e5abf2f25134529dc21fedaca7083b16de54849e9ef832316e193888f697257790681987a01e0b387370836b1b783ff66d9251458b77bbdb1b6706c2fddba89e9318335b1d87e7fc08962d31aa7a92408d0e27941e10482dc7e2915c5162282bbc50e1f0c8fecd768b922a7231295f482a5e842ebe20344e32936734ced867022d06a41808c89273ae57cce23baee24eadc4c17731fdfc0d68fd8508a35c95f994a384be16abaa694e1fb5856d21a776bffe48bb11a9e3a075cf8ea6d359d4c57f74d611d26f0cd978fb05d910c740dd154a2fc3534a18157e3255a0e6e50a32fe880a0d76d822a3b7756ce1ceb3424dc0550f13b5942df0ad02fc28ef892270582e1b8667a41b759fb053240cb816ad38b190d75aff364caf5f362425411e9a9e26c67ac34161f50ef11513b3e220d296d5a7e600398b533d6721067b21f91d0c9c2ee3386b925f91ab3599781285ba1808be129ae8a01e819ea211ff14e531de4fbb2f67e58cce5dfb30eabaf0b367fc0a3634789ce747881987b332cc5ef426c97e17497a46729bd71acbda43f00b439712edc593d5dd5560706a947ddca3f89ae1dca784528cec1bb8e202051a8deba354f87b2e122e2129e7717f40c3a4abf29273456cc2a0cba48e248506df3c60bac2be68e2eaff47122221fe0a0bf48e097d82db94b27142644a4a5d530baf8e0484ed333c3331f8848b29596b493aedb2bc5e5718f177b93ef6d5e3a2fa05472120ac5ad8d3e7e6eb659c55c4c1d4c7f75ab15f95ae8360d4d76cb9f4ab1ee12d52e101ce60af59c7c8e6c73efe5afafd6ccdfc529fb129c1275ec2fcd489149dad3f72962e601b53d0c48984797b561afb1f46fd76622e6f4b492a3a2bb38652de4a17aa26fae796742771d07843d00581d65283c55ac81b74a33b62b2cc86880f098f054551e992aa08a782d29", 0x1000}, {&(0x7f0000000180)="6e22065ad9fde6372a22ae526be69a2202efffcffa22a7f8d681a442a30c6decda42df74894adb05bac28aace88edf3201150a379ab05443", 0x38}, {&(0x7f00000001c0)="d0cec08fc3314d2cb86fb66895714045dc0d058a9c94f80bf80c7921b6ed76ceda6f35ca05312c29b88ed957151be19e84b00e20939366dde083ab9774737d5ca3fc868697a2d42f31b67b25cd2fcb4865396a1e72ee7cabdfb77ab2cc5c685be41b437a9a6eb2ac9c934721814c6b987aa097cceaffa1112522a533cb415ea16d7e56d2ca7201414d39e0bbe107e87dd7c9021b", 0x94}, {&(0x7f00000033c0)="6f2560e8d3a15c16483608a48c4c9ea5cdd918b89af25ec0caa2819a2b31f1977fb921fdde6f2c1e911ffc5248fcf58a56b37652154e6fd1f3c222b2d4cfa9bd1998d1915cc117d0594a13fca589ca96d4f96e589bdf015a078130af7922cd105022cbade902cc7481eeee4f9c2bfa771476acae9fc36ec5efec390fcf75c8355f2986f5cd8bbf9c77e98dbad844134ab2c3833d3548e2727b96ef2b1713853b81b4db9ab0bc6ab492f89391ea58dfbcbb9b33acadb851bc55c6ad10f04d9244cdbabe5f656f97f052eb2806f8b2fe", 0xcf}, {&(0x7f00000034c0)="a9652ade8fd910010d3115d63c5ae2bd86e05fc666aac9fe012f2e3446a816c58682b43921c7baafbddb9c1eaa45dd7cc7eedb775e299860adda24e74f9b987a841ebbd109afa98c13d652557a5e73d4ddf6ffc2908edb4e3616717fdae0c7635e7f4bf8f00c3e947e4ec99bd945d05e4edcd9381704addd3b5a6a498931596e0e07a8f87fa80c85ebedb6b8deeff87b767410c74a58689d7f9e3733b623252eb54a0702958483beb4a51a7b64937b67ad660104bd5d98667965663801ad365866845ff3b4c3ea", 0xc7}, {&(0x7f0000000280)="3bf8a17366163ab1927d5fdd41b8f320d992388500607d602965e58cc124761ca57b1fca8be0", 0x26}], 0x8, 0x0, 0x0, 0x10}, 0x8000)
sendmmsg(r0, &(0x7f0000006780)=[{{&(0x7f0000000340)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x19}}, 0x80, &(0x7f0000000300), 0x0, &(0x7f0000000940)}}, {{&(0x7f0000000080)=@in={0x2, 0x0, @rand_addr}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000000)='sAdY', 0x4}], 0x1}}], 0x2, 0x0)

03:45:27 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000008fd0)={0x4, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000000f4d)})
socket$inet6(0xa, 0x1, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:27 executing program 7:
socketpair(0xf, 0x5, 0x80, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
bind$vsock_stream(r0, &(0x7f0000000180)={0x28, 0x0, 0xffffffff, @hyper}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f00000002c0), &(0x7f0000000100)=0x10)
ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f0000000080)={'veth1_to_bond\x00', {0x2, 0x4e21, @rand_addr=0x8001}})
getsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000000), &(0x7f0000000040)=0x4)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r0, 0x5386, &(0x7f0000000200))
ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f00000000c0)={0x3, 0x3ff, [{0x8, 0x0, 0x5b83}, {0x9, 0x0, 0x1}, {0x0, 0x0, 0x7ff}]})

03:45:27 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f000035d000))
signalfd(r0, &(0x7f0000000000)={0x3}, 0x8)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r1, 0x7005)

03:45:28 executing program 2:
mkdir(&(0x7f0000000100)='./file0\x00', 0x1000000)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)
ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000000)=0x3)
r1 = open(&(0x7f000054eff8)='./file0\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000140)=""/133, 0x27)

03:45:28 executing program 4:
prctl$setptracer(0x59616d61, 0x0)
r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x6, 0x200000)
ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000040)={0x74, 0x0, [0x6, 0x6, 0x100000001, 0x5]})

[ 1588.906132] binder: 16237:16238 unknown command 0
[ 1588.918541] binder: 16237:16238 ioctl c0306201 20008fd0 returned -22
[ 1588.922298] gfs2: invalid mount option: commiv=
[ 1588.929876] gfs2: can't parse mount arguments
03:45:28 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = memfd_create(&(0x7f0000000000)='^\x00', 0x1)
ioctl$EVIOCGKEYCODE(r1, 0x80084504, &(0x7f0000000040)=""/89)
r2 = socket$inet(0x10, 0x3, 0xc)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r2, 0x0, 0x48c, &(0x7f00000000c0)={0x0, 'vlan0\x00', 0x2}, 0x18)
sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000100)="24000000050607031dfffd946fa2830020200a0009000100061d85680c1baba20400ff7e28000000110affffba16a0aa1c0009b356da5a80d18bec4c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0)

03:45:28 executing program 6:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x101000, 0x0)
ioctl$EVIOCGID(r0, 0x80084502, &(0x7f0000000040)=""/54)
move_pages(0x0, 0x85, &(0x7f0000000040), &(0x7f0000000040), &(0x7f00000000c0), 0x0)

[ 1588.953244] binder: 16237:16238 BC_CLEAR_DEATH_NOTIFICATION death notification not active
03:45:28 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1589.004092] binder_alloc: 16237: binder_alloc_buf, no vma
[ 1589.009812] binder: 16237:16238 transaction failed 29189/-3, size 0-0 line 2967
[ 1589.019064] netlink: 'syz-executor7': attribute type 1 has an invalid length.
[ 1589.031890] gfs2: invalid mount option: commiv=
[ 1589.036669] gfs2: can't parse mount arguments
03:45:28 executing program 4:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000000c0)=<r2=>0x0)
ioctl$TIOCSPGRP(r1, 0x5410, &(0x7f0000000140)=r2)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r3 = socket$inet(0x10, 0x3, 0x8000000000)
sendmsg(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000110007031dfffd946fa2830020200a00059effffff1d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0)

[ 1589.052148] netlink: 20 bytes leftover after parsing attributes in process `syz-executor7'.
[ 1589.073107] binder: undelivered TRANSACTION_ERROR: 29189
03:45:28 executing program 2:
mkdir(&(0x7f0000000100)='./file0\x00', 0x1000000)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)
ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000000)=0x3)
r1 = open(&(0x7f000054eff8)='./file0\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000140)=""/133, 0x27)

03:45:28 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0)
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000180)={'team0\x00', <r3=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000002c0)={{{@in6, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}}}, &(0x7f00000001c0)=0xe8)
accept4$packet(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, <r5=>0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000240)=0x14, 0x800)
sendmsg$TEAM_CMD_PORT_LIST_GET(r1, &(0x7f00000005c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x1bc, r2, 0x300, 0x70bd28, 0x25dfdbfd, {0x3}, [{{0x8, 0x1, r3}, {0x124, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r4}}, {0x8, 0x7}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x2}}}]}}, {{0x8, 0x1, r5}, {0x74, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1}}}]}}]}, 0x1bc}, 0x1, 0x0, 0x0, 0x20000000}, 0x10)
mmap(&(0x7f00009c1000/0x2000)=nil, 0x2000, 0xfffffffffffffffc, 0x8031, 0xffffffffffffffff, 0x0)
mincore(&(0x7f00009c1000/0x3000)=nil, 0x3000, &(0x7f0000000000)=""/172)

03:45:28 executing program 1:
sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x4a0200, 0x0)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000140), &(0x7f0000000180)=0x4)
write$P9_RRENAMEAT(r0, &(0x7f0000000080)={0x7, 0x4b, 0x2}, 0x7)
clock_nanosleep(0x7, 0x0, &(0x7f0000000200)={0x77359400}, &(0x7f00000001c0))
ioctl$TIOCGETD(r0, 0x5424, &(0x7f00000000c0))
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000100)={0x10000, 0x6, 0x5})

03:45:28 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000008fd0)={0x4, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x0, 0x0, &(0x7f0000000f4d)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

[ 1589.095714] netlink: 'syz-executor7': attribute type 1 has an invalid length.
[ 1589.106049] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
[ 1589.123728] netlink: 20 bytes leftover after parsing attributes in process `syz-executor7'.
03:45:28 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1589.173940] netlink: 8 bytes leftover after parsing attributes in process `syz-executor4'.
03:45:28 executing program 6:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/ip_tables_matches\x00')
write$P9_RSTAT(r0, &(0x7f0000000100)={0x76, 0x7d, 0x2, {0x0, 0x6f, 0x6, 0x101, {0x0, 0x0, 0x8}, 0x8000000, 0xfffffffffffffff7, 0x8, 0x8, 0x10, '/dev/input/mice\x00', 0x0, "", 0x1c, "145c6264657673656375726974796d696d655f747970652965746830", 0x10, '/dev/input/mice\x00'}}, 0x76)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x61, &(0x7f0000005780)={{{@in6, @in6=@loopback}}, {{@in6}, 0x0, @in=@multicast1}}, &(0x7f0000005880)=0x28)
close(r1)
exit(0x9)
r2 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x80000)
setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000080)={0x303, 0x33}, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000000)=[@in={0x2, 0x4e24, @multicast2=0xe0000002}], 0x10)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000180)={<r3=>0x0, 0xffffffffffffffff}, &(0x7f00000001c0)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000200)={r3, 0xffffffffffffffff}, 0x8)

03:45:28 executing program 7:
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r0, &(0x7f00008a5ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)
sendto$inet(r0, &(0x7f0000000000)="ba", 0x1, 0x0, &(0x7f000069affb)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)
r1 = epoll_create(0x7f)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000004c0))
sendto$inet(r0, &(0x7f00004b3fff), 0x2f00, 0x0, &(0x7f00002b4000)={0x2, 0x0, @loopback=0x7f000001}, 0x10)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000040)={0x80000000})

03:45:28 executing program 4:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070")
syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x40202)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x800000018, &(0x7f0000001280)=0x503, 0x4)
sendmsg(r1, &(0x7f0000001440)={&(0x7f0000000880)=@in6={0xa, 0x4e21}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000280)="8dec3f7bcc4e40402a87b000058c599b541522f7bdaaa8b69638a0b2e2086e35c8b722b8a7295afaa61eeb02f208ecb5e7facbce008f6c22df6186cea07753b9f2230d9036f17f7924348dcfb76e6fd5c62b60889fea84af85fa17ce58a1e80c3a23b2d2970c8b3ed56d05510cb72835f879a59fcf95ab7f5e45120856d42ab0f4a9b4dfb6dcd2f6f5c7a3565beafe4f317d3aa267d52ddc55dff7fe45264449d7a602e4fb549df99f005510b90edbfac93c931cc61f4b8a6cd413319cb1aee2e7d70ee0dcf651b232634a2f530d20b9654a5835503ec5f4695e05a63db13cb8f28bb30051d730cefd5099723655743f168285f04af5d80d4675a29382e142979a876a66144594abb7f824ec5dd275fcb8e8175e5c15a11a82d385d40bafb6a723cf03db593144a4d607f2598b6e321965f87e04c586ed4f6df269eb918d9e0fd681fe18312e74fbde52bd7ea4e087ffb93faa4d613e02b447ec1ef1af747da9d2374230c45fe7c848fc4a8f74787b3deeccf25a0fdcc5686f1e275f7dbc5890e222a6c10f2f2cecf3d0b921589046bd68ac7551b0b1e91ddecdc8f696c116c40208ef860fab2b19b674ce8a5bdb50974f19c99811c0e818e47be3419ae7f9003ae567a9324ae65d50a452f06b99dc1e1f5f3dbf13f2ca0a38e317e22727329d91c1b87402b1b9061de81a8e264c5a1a6bbd73843ffc1525ba436929d6fed958e0376b31d9f8d3b5eff896285dfa7894f3e784cb7eb093119346710f3f0c0461fd1fd162a9e2758ab35fcab8f69609179a16a14a9d57aef4a76cd2727555dbd6bdc92aae623a017867a305f5f3fb947bf83ff20d208eb50cbd672c532c511f15ebf9bb779ba27f2c3bf7ec247e080fd2bef42fffdb6c167d01e8af2c98e3ad43f510849a8469d76b865b2119676972408aadf0a6517b510b4d799f5a99ab4938e0763dac43302a0e526b9c7f650597dcef62918e71945bb114cd42262b44e78aba01eb61a49cfebe85eacdf0f8c31df27adf85363fddc945a362ada8c4954ad0c7d33ff49ce5e9c0d2db3a73cd2676631acb6420492f8e0ee515e75fb46b9531c06ea26ed9dcf5b52510542338b2f8a3957453315024833f8a022933d90cdd606c01c860c2cf63c674de76c51c60c569ab565422a06fd7dfe8b905086a324ffba34d17f222ce26ab4540df08c7e995f15842ba75a33a4748ed0a3687d635922e0362a50652b4396d05e1538925a14ed8fd0357178c3cbc0200c1ccf7d335af32a2c2cf88311f11ed84f3423a9acbfc133c74154a2071b9455ef047b2a6067948c188c622d5c676305e0af8433a20aa03788bc39feb45e472fa705d4cf4e3af6914329355ee585da3ad5e5db79fa782d656ad5cfa3d69056edcad494aad5154001421a094666bc9bd165c8305380b52b27d3d25efa58503c78e9ad2d035e3ea796c095273cb75494483b39f433a0402e44b8a06b32fc2f4da300951ef0b32b33288fc1d857b3781d3e3dcf295cdb52afcbfaac1db538cda9ca98cc19eec4efd572b63ca57d35a75f4c702472c54c54cbab917d256ef37f4e0efae6ab507a1427529c374946e76f03740843394824fca8616872e23b6e6c5ccb377f093952a024cf8cf6501fa02c66f61cb7ac28edd4c4a48430d6de0df14b8595665b89075a1b9dd6722778422ea20e863e53aae3b827288b396e6b08bd234978a5e24955a3596fc33", 0x4c2}], 0x1}, 0x8000)
sendmsg(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="60d35a68f077fa", 0x7}], 0x1, &(0x7f0000000a80)}, 0x20000000)
sendmsg(r1, &(0x7f0000000200)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000240)="e694446313bf3fbb7da9fb", 0xb}], 0x1, &(0x7f00000036c0)}, 0x0)

[ 1589.215589] binder: 16288:16289 unknown command 0
[ 1589.229157] binder: 16288:16289 ioctl c0306201 20008fd0 returned -22
03:45:28 executing program 2:
mkdir(&(0x7f0000000100)='./file0\x00', 0x1000000)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)
ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000000)=0x3)
r1 = open(&(0x7f000054eff8)='./file0\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000140)=""/133, 0x27)

[ 1589.273690] binder: 16288:16289 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1589.287645] binder_alloc: 16288: binder_alloc_buf, no vma
[ 1589.293342] binder: 16288:16289 transaction failed 29189/-3, size 0-0 line 2967
[ 1589.315876] binder: undelivered TRANSACTION_ERROR: 29189
03:45:28 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:28 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f000035d000))
signalfd(r0, &(0x7f0000000000)={0x3}, 0x8)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r1, 0x7005)

03:45:28 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:28 executing program 7:
r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0x0, 0x0)
r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000007000)={0x4, 0x0, &(0x7f0000005fd4)=[@acquire_done={0x40486311}], 0x0, 0x0, &(0x7f0000002000)})
r2 = mmap$binder(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x14, r0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0xffffffffffffffad, 0x0, &(0x7f0000000040)=ANY=[@ANYRESHEX=r2, @ANYRES64=r2, @ANYBLOB="03634c07", @ANYRES64=r2], 0x0, 0x0, &(0x7f0000000040)})

03:45:28 executing program 2:
mkdir(&(0x7f0000000100)='./file0\x00', 0x1000000)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)
ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000000)=0x3)
r1 = open(&(0x7f000054eff8)='./file0\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000140)=""/133, 0x27)

03:45:28 executing program 4:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
fchmod(r0, 0x100)
sendfile(r0, r0, &(0x7f0000000080), 0x3)

[ 1589.834553] binder: 16319:16321 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1589.851833] binder: BINDER_SET_CONTEXT_MGR already set
[ 1589.873386] binder: 16322:16325 ioctl 40046207 0 returned -16
03:45:28 executing program 2:
mkdir(&(0x7f0000000100)='./file0\x00', 0x1000000)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)
ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000000)=0x3)
open(&(0x7f000054eff8)='./file0\x00', 0x0, 0x0)

03:45:28 executing program 4:
r0 = socket$kcm(0x29, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000002c0)={0x0, <r1=>0x0}, &(0x7f0000000300)=0xc)
msgctl$IPC_SET(0x0, 0x1, &(0x7f00000005c0)={{0x0, r1}})
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x280, 0x0)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000080)=0xffff, 0x4)
ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000000)={'syzkaller1\x00', {0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}})

03:45:28 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1589.882410] binder_alloc: 16319: binder_alloc_buf, no vma
[ 1589.888109] binder: 16319:16321 transaction failed 29189/-3, size 0-0 line 2967
[ 1589.891094] binder: 16322:16325 transaction failed 29189/-22, size 0-0 line 2852
[ 1589.906945] binder_alloc: binder_alloc_mmap_handler: 16322 20001000-20004000 already mapped failed -16
[ 1589.912414] binder: undelivered TRANSACTION_ERROR: 29189
[ 1589.921663] binder: 16322:16330 transaction failed 29189/-22, size 0-0 line 2852
[ 1589.966112] binder: undelivered TRANSACTION_ERROR: 29189
[ 1589.973699] binder: undelivered TRANSACTION_ERROR: 29189
03:45:29 executing program 1:
mkdir(&(0x7f000000dff6)='./control\x00', 0x0)
r0 = open(&(0x7f0000039000)='./control\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f000002cff6)='./control\x00', 0x0)
mkdirat(r0, &(0x7f0000016ff8)='./file0\x00', 0x0)
r1 = openat(r0, &(0x7f0000025000)='./file0\x00', 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000100)={<r2=>0x0, <r3=>0x0})
utimensat(r0, &(0x7f00000000c0)='./control\x00', &(0x7f0000000140)={{r2, r3/1000+30000}}, 0x0)
mkdirat(r1, &(0x7f0000000080)='./control\x00', 0x0)
renameat2(r0, &(0x7f0000000000)='./control\x00', r1, &(0x7f0000000040)='./control\x00', 0x2)

03:45:29 executing program 4:
r0 = socket(0x10, 0x803, 0x2)
r1 = socket$inet6(0xa, 0x1, 0x2)
ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x14, r2, 0x0, 0x70bd22, 0x0, {0x5}}, 0x24a}, 0x1, 0x0, 0x0, 0x80}, 0x24000000)
pread64(r1, &(0x7f0000000080)=""/51, 0x33, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={&(0x7f00000001c0)={0x10}, 0xc, &(0x7f0000000700)={&(0x7f0000002400)=@bridge_getneigh={0x28, 0x1e, 0x601, 0x0, 0x0, {0x7}, [@IFLA_MASTER={0x8, 0xa, 0xd}]}, 0x28}, 0x1}, 0x0)

03:45:29 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

[ 1590.235970] binder: 16352:16355 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1590.243409] binder_alloc: 16352: binder_alloc_buf, no vma
[ 1590.249066] binder: 16352:16355 transaction failed 29189/-3, size 0-0 line 2967
[ 1590.261675] binder: undelivered TRANSACTION_ERROR: 29189
03:45:29 executing program 6:
r0 = getpid()
sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0)
mkdir(&(0x7f0000000300)='./control\x00', 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000480)={0xaa})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r2 = creat(&(0x7f0000000040)='./control/file0\x00', 0x0)
write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
unlink(&(0x7f0000000180)='./control/file0\x00')
rename(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000080)='./control/file1\x00', 0x0)
close(r1)

03:45:29 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:29 executing program 2:
mkdir(&(0x7f0000000100)='./file0\x00', 0x1000000)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)
ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000000)=0x3)

03:45:29 executing program 7:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, {0x0, 0xffffffffffffffff}}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f00000000c0)=0x8001, 0x4)

03:45:29 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x10000, 0x0)
ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000000100))
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x2, 0x0)
write$binfmt_elf32(r2, &(0x7f00000000c0)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[]], 0x1c7)
mmap$binder(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000003, 0x1813, r2, 0x0)
mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)

03:45:29 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f000035d000))
signalfd(r0, &(0x7f0000000000)={0x3}, 0x8)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r1, 0x7005)

03:45:29 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:29 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:29 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:29 executing program 7:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = socket$unix(0x1, 0x0, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, &(0x7f000000f000)=@abs={0x1, 0x0, 0x1}, 0x6e)
bind$unix(r1, &(0x7f0000000040)=@abs={0x1}, 0x6e)
acct(&(0x7f0000000000)='./file0\x00')
r3 = syz_open_procfs(0x0, &(0x7f0000a92ff7)='net/unix\x00')
sendfile(r0, r3, &(0x7f0000000340)=0x102, 0x80000009)

03:45:29 executing program 2:
mkdir(&(0x7f0000000100)='./file0\x00', 0x1000000)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))
dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)

03:45:29 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:29 executing program 2:
mkdir(&(0x7f0000000100)='./file0\x00', 0x1000000)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1590.808097] binder: 16392:16396 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1590.831201] binder_alloc: 16392: binder_alloc_buf, no vma
[ 1590.837021] binder: 16392:16396 transaction failed 29189/-3, size 0-0 line 2967
03:45:29 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:29 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

[ 1590.856628] binder: undelivered TRANSACTION_ERROR: 29189
03:45:29 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:30 executing program 6:
r0 = accept4$inet6(0xffffffffffffff9c, 0x0, &(0x7f0000000000), 0x80800)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffff9c, 0x84, 0x72, &(0x7f0000000180)={<r1=>0x0, 0x5, 0x30}, &(0x7f00000002c0)=0xc)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000300)={r1, 0x8, 0xa34b1f21ad34ee00, 0xa60a, 0x7ff}, &(0x7f0000000340)=0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x5, 0x6, 0x7, 0x9, 0x9}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x7, 0x2, &(0x7f0000000080)=@raw=[@map={0x18, 0x0, 0x1, 0x0, r2}], &(0x7f00000000c0)='GPL\x00', 0x2, 0xd4, &(0x7f00000001c0)=""/212}, 0x48)

03:45:30 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:30 executing program 2:
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:30 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

[ 1591.249667] binder: 16425:16427 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1591.263135] binder_alloc: 16425: binder_alloc_buf, no vma
[ 1591.269151] binder: 16425:16427 transaction failed 29189/-3, size 0-0 line 2967
[ 1591.283527] binder: undelivered TRANSACTION_ERROR: 29189
03:45:30 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x800, 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f00000001c0)={0x6, 0x4, 0x1c, 0x0, 0x7})
sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="340000002000010000000000000000000200000000001000000000000400000014001100766574683000000000000000000000002fdea59c6983989ae5b6d17d7581679fc24cb9c74228509814b69d6c7e7710f3f09e7f6c4416776520b5c1a8c92ec8aa9c1e13d7952917a91f3b1892e5eee0350b0dc6dd99550fba2d6db4705893ccd92caff6fd87a71b9e8d7975d4006c3650bfe659161368cb"], 0x34}, 0x1}, 0x0)

[ 1591.442712] Unknown ioctl 1079006226
[ 1591.448990] Unknown ioctl 1079006226
03:45:30 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f000035d000))
signalfd(r0, &(0x7f0000000000)={0x3}, 0x8)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:30 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:30 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080))
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:30 executing program 2:
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:30 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:30 executing program 6:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setrlimit(0x7, &(0x7f0000000000))
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x202, 0x0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x501001, 0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f00000000c0)=r1)
perf_event_open(&(0x7f0000000280)={0x0, 0x70, 0x0, 0x0, 0x8000000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x49, 0x0, 0x0, 0x0, 0x200000000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x3f, 0x7, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x1}, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x8)

03:45:30 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:30 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000100)={<r1=>0x0, 0x7}, &(0x7f0000000140)=0x8)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000180)={r1, 0x4}, &(0x7f00000001c0)=0x8)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f00000002c0)=ANY=[@ANYBLOB="090000000000000002004e23e0000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000600000002004e227f00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e20e000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e24ac14141200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e22ac14141200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e2400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ecffffff000000000002004e2000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x390)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000000)=0x9, 0x4)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x11}, 0xd}, 0x1c)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=<r3=>0x0)
ptrace$poke(0x5, r3, &(0x7f0000000200), 0x2)
sendmmsg(r2, &(0x7f00000002c0), 0x4000000000002c7, 0x0)

03:45:30 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:30 executing program 6:
r0 = socket$packet(0x11, 0x10000000000003, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140), 0x4)
accept$packet(r0, &(0x7f00000000c0)={0x0, 0x0, <r1=>0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000100)=0x14)
bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14)

03:45:30 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080))
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:30 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:30 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:30 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:30 executing program 1:
r0 = socket$pptp(0x18, 0x1, 0x2)
getpeername$packet(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f00000000c0)=0x1)

03:45:30 executing program 2 (fault-call:1 fault-nth:0):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1591.949399] FAULT_INJECTION: forcing a failure.
[ 1591.949399] name failslab, interval 1, probability 0, space 0, times 1
[ 1591.960852] CPU: 1 PID: 16484 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1591.969280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1591.978664] Call Trace:
[ 1591.981252]  dump_stack+0x1c9/0x2b4
[ 1591.984877]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1591.990071]  ? lock_acquire+0x1e4/0x540
[ 1591.994059]  ? get_pid_task+0xd8/0x1a0
[ 1591.997960]  should_fail.cold.4+0xa/0x11
[ 1592.002024]  ? lock_release+0xa30/0xa30
[ 1592.006001]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1592.011149]  ? find_vpid+0xf0/0xf0
[ 1592.014697]  ? __f_unlock_pos+0x19/0x20
[ 1592.018665]  ? lock_downgrade+0x8f0/0x8f0
[ 1592.022815]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1592.028357]  ? proc_fail_nth_write+0x9e/0x210
[ 1592.032858]  ? proc_cwd_link+0x1d0/0x1d0
[ 1592.036916]  ? lock_acquire+0x1e4/0x540
[ 1592.040902]  ? lock_acquire+0x1e4/0x540
[ 1592.044874]  ? fs_reclaim_acquire+0x20/0x20
[ 1592.049194]  ? lock_downgrade+0x8f0/0x8f0
[ 1592.053353]  ? check_same_owner+0x340/0x340
[ 1592.057677]  ? fsnotify_first_mark+0x350/0x350
[ 1592.062249]  ? __fsnotify_parent+0xcc/0x420
[ 1592.066565]  ? rcu_note_context_switch+0x730/0x730
[ 1592.071631]  ? fsnotify+0x14e0/0x14e0
[ 1592.075450]  __should_failslab+0x124/0x180
[ 1592.079687]  should_failslab+0x9/0x14
[ 1592.083488]  __kmalloc_track_caller+0x2c4/0x760
[ 1592.088164]  ? strncpy_from_user+0x510/0x510
[ 1592.092577]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1592.098117]  ? strndup_user+0x77/0xd0
[ 1592.101916]  memdup_user+0x2c/0xa0
[ 1592.105449]  strndup_user+0x77/0xd0
[ 1592.109074]  ksys_mount+0x3c/0x140
[ 1592.112613]  __x64_sys_mount+0xbe/0x150
[ 1592.116608]  do_syscall_64+0x1b9/0x820
[ 1592.120497]  ? finish_task_switch+0x1d3/0x870
[ 1592.124981]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1592.129921]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1592.134841]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1592.139852]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1592.144863]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1592.149531]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1592.154373]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1592.159578] RIP: 0033:0x455e29
[ 1592.162761] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1592.181985] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1592.189687] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1592.197010] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1592.204283] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1592.213973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1592.221258] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000000
03:45:31 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f000035d000))
signalfd(r0, &(0x7f0000000000)={0x3}, 0x8)

03:45:31 executing program 6:
r0 = memfd_create(&(0x7f000003affa)='posix_acl_access{Y\x00', 0x4)
ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000040))
lseek(r0, 0x7ffffffffffffffc, 0x1)

03:45:31 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:31 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080))
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:31 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:31 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:31 executing program 2 (fault-call:1 fault-nth:1):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:31 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
readahead(r0, 0x0, 0x7f)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x2042, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f00000002c0)={0x5, 0x400, 0x0, 0x2, 0x2})
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r1, 0x28, 0x0, &(0x7f0000000140)=0x30000, 0x8)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000040)={0x7fffffff}, 0x8, 0x0)
readv(r2, &(0x7f0000000000)=[{&(0x7f0000000200)=""/162, 0xa2}], 0x1)
timer_create(0x3, &(0x7f0000000400)={0x0, 0x14, 0xfffffffffffffffd}, &(0x7f0000000080))
timer_settime(0x0, 0x1, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x7}}, &(0x7f000004afe0))
ioctl$BLKROSET(r1, 0x125d, &(0x7f00000001c0)=0x9)
pipe2(&(0x7f00000000c0)={<r3=>0xffffffffffffffff}, 0x800)
lremovexattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=@known='security.selinux\x00')
ioctl$PPPOEIOCDFWD(r3, 0xb101, 0x0)

03:45:31 executing program 4:
socket(0x10, 0x2, 0x0)
setresuid(0x0, 0x0, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:31 executing program 5:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

[ 1592.682817] FAULT_INJECTION: forcing a failure.
[ 1592.682817] name failslab, interval 1, probability 0, space 0, times 0
[ 1592.694287] CPU: 0 PID: 16508 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1592.702726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1592.712089] Call Trace:
[ 1592.714689]  dump_stack+0x1c9/0x2b4
[ 1592.718337]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1592.723551]  ? __kernel_text_address+0xd/0x40
[ 1592.728072]  ? unwind_get_return_address+0x61/0xa0
03:45:31 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1592.733038]  should_fail.cold.4+0xa/0x11
[ 1592.737120]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1592.742245]  ? save_stack+0xa9/0xd0
[ 1592.745893]  ? save_stack+0x43/0xd0
[ 1592.749539]  ? kasan_kmalloc+0xc4/0xe0
[ 1592.753447]  ? __kmalloc_track_caller+0x14a/0x760
[ 1592.758303]  ? memdup_user+0x2c/0xa0
[ 1592.762031]  ? strndup_user+0x77/0xd0
[ 1592.765843]  ? ksys_mount+0x3c/0x140
[ 1592.769569]  ? do_syscall_64+0x1b9/0x820
[ 1592.773649]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
03:45:31 executing program 6:
unshare(0x24020400)
mkdir(&(0x7f0000024ff6)='./control\x00', 0x0)
r0 = open(&(0x7f0000fbe000)='./control\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f00000189a2)='./file0\x00', 0x0)
r1 = openat(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x4)
r2 = msgget$private(0x0, 0x10)
msgrcv(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fa6bf0860000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000"], 0x70, 0x3, 0x2800)
mkdirat(r1, &(0x7f0000017000)='./file0\x00', 0x0)
r3 = openat(r1, &(0x7f0000fafff2)='./file0/file0\x00', 0x10240, 0x0)
getresgid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
ioctl$LOOP_CHANGE_FD(r3, 0x40049409, r3)

03:45:31 executing program 4:
socket(0x10, 0x2, 0x0)
setresuid(0x0, 0x0, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

[ 1592.779037]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1592.785474]  ? proc_fail_nth_write+0x9e/0x210
[ 1592.789989]  ? proc_cwd_link+0x1d0/0x1d0
[ 1592.794067]  ? lock_acquire+0x1e4/0x540
[ 1592.798065]  ? lock_acquire+0x1e4/0x540
[ 1592.802057]  ? fs_reclaim_acquire+0x20/0x20
[ 1592.806400]  ? lock_downgrade+0x8f0/0x8f0
[ 1592.810752]  ? check_same_owner+0x340/0x340
[ 1592.815094]  ? lock_release+0xa30/0xa30
[ 1592.819085]  ? rcu_note_context_switch+0x730/0x730
[ 1592.824035]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1592.829069]  __should_failslab+0x124/0x180
03:45:31 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:31 executing program 4:
socket(0x10, 0x2, 0x0)
setresuid(0x0, 0x0, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

[ 1592.833322]  should_failslab+0x9/0x14
[ 1592.837140]  __kmalloc_track_caller+0x2c4/0x760
[ 1592.841833]  ? strncpy_from_user+0x510/0x510
[ 1592.846265]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1592.851830]  ? strndup_user+0x77/0xd0
[ 1592.855665]  memdup_user+0x2c/0xa0
[ 1592.859232]  strndup_user+0x77/0xd0
[ 1592.862876]  ksys_mount+0x73/0x140
[ 1592.866466]  __x64_sys_mount+0xbe/0x150
[ 1592.870462]  do_syscall_64+0x1b9/0x820
[ 1592.874382]  ? syscall_return_slowpath+0x5e0/0x5e0
03:45:31 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1592.879331]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1592.884272]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1592.889310]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1592.894372]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1592.899136]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1592.903997]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1592.909206] RIP: 0033:0x455e29
[ 1592.912399] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1592.931728] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1592.939557] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1592.946956] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1592.954327] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1592.961866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1592.969148] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000001
[ 1592.986341] binder: 16516:16536 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1592.998675] binder: 16516:16536 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1593.005743] binder: 16516:16536 transaction failed 29189/-22, size 0-0 line 2852
[ 1593.014156] binder: undelivered TRANSACTION_ERROR: 29189
03:45:32 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f000035d000))
signalfd(r0, &(0x7f0000000000)={0x3}, 0x8)

03:45:32 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:32 executing program 4:
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r0=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r0, r0, r0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:32 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:32 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:32 executing program 5:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:32 executing program 2 (fault-call:1 fault-nth:2):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:32 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f00000001c0)={0x2, 0x0, [0x40000029]})

[ 1593.926495] binder: 16551:16563 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1593.939202] FAULT_INJECTION: forcing a failure.
[ 1593.939202] name failslab, interval 1, probability 0, space 0, times 0
[ 1593.948754] binder: 16551:16563 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1593.950488] CPU: 0 PID: 16553 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1593.958203] binder: 16551:16563 transaction failed 29189/-22, size 0-0 line 2852
[ 1593.965791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1593.965797] Call Trace:
[ 1593.965827]  dump_stack+0x1c9/0x2b4
[ 1593.965845]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1593.965867]  ? __kernel_text_address+0xd/0x40
[ 1593.974665] binder: undelivered TRANSACTION_ERROR: 29189
[ 1593.982744]  ? unwind_get_return_address+0x61/0xa0
[ 1593.982766]  should_fail.cold.4+0xa/0x11
[ 1593.982787]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1594.018263]  ? save_stack+0xa9/0xd0
[ 1594.021882]  ? kasan_kmalloc+0xc4/0xe0
[ 1594.025755]  ? __kmalloc_track_caller+0x14a/0x760
[ 1594.030587]  ? memdup_user+0x2c/0xa0
[ 1594.034293]  ? strndup_user+0x77/0xd0
[ 1594.038082]  ? ksys_mount+0x73/0x140
[ 1594.041793]  ? __x64_sys_mount+0xbe/0x150
[ 1594.045926]  ? do_syscall_64+0x1b9/0x820
[ 1594.049988]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1594.055518]  ? proc_fail_nth_write+0x9e/0x210
[ 1594.059998]  ? proc_cwd_link+0x1d0/0x1d0
[ 1594.064050]  ? lock_acquire+0x1e4/0x540
[ 1594.068036]  ? lock_acquire+0x1e4/0x540
[ 1594.071999]  ? fs_reclaim_acquire+0x20/0x20
[ 1594.076314]  ? lock_downgrade+0x8f0/0x8f0
[ 1594.080482]  ? check_same_owner+0x340/0x340
[ 1594.084794]  ? lock_release+0xa30/0xa30
[ 1594.088757]  ? check_same_owner+0x340/0x340
[ 1594.093065]  ? rcu_note_context_switch+0x730/0x730
[ 1594.097981]  ? __check_object_size+0x9d/0x5f2
[ 1594.102470]  __should_failslab+0x124/0x180
[ 1594.106697]  should_failslab+0x9/0x14
[ 1594.110489]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1594.115167]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1594.120696]  ? _copy_from_user+0xdf/0x150
[ 1594.124843]  copy_mount_options+0x5f/0x380
[ 1594.129065]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1594.134602]  ksys_mount+0xd0/0x140
[ 1594.138133]  __x64_sys_mount+0xbe/0x150
[ 1594.142097]  do_syscall_64+0x1b9/0x820
[ 1594.145973]  ? finish_task_switch+0x1d3/0x870
[ 1594.150720]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1594.155640]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1594.160559]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1594.165561]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1594.170567]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1594.175230]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1594.180070]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1594.185256] RIP: 0033:0x455e29
[ 1594.188450] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1594.208253] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1594.215954] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
03:45:33 executing program 4:
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r0=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r0, r0, r0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:33 executing program 5:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:33 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000000c0), 0x80000002)

[ 1594.223210] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1594.230472] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1594.237737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1594.244993] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000002
03:45:33 executing program 4:
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r0=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r0, r0, r0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:33 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f76")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:33 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:33 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(0xffffffffffffffff, r1, &(0x7f00000000c0), 0x80000002)

[ 1594.312852] binder: 16571:16572 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1594.346332] binder: 16571:16572 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
03:45:33 executing program 4:
r0 = socket(0x0, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

[ 1594.362148] kvm [16554]: vcpu0, guest rIP: 0xfff0 Hyper-V unhandled rdmsr: 0x40000029
[ 1594.391740] binder: 16571:16572 transaction failed 29189/-22, size 0-0 line 2852
[ 1594.414234] binder: undelivered TRANSACTION_ERROR: 29189
03:45:34 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f000035d000))
signalfd(r0, &(0x7f0000000000)={0x3}, 0x8)

03:45:34 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:34 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f76")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:34 executing program 2 (fault-call:1 fault-nth:3):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:34 executing program 5:
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:34 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:34 executing program 4:
r0 = socket(0x0, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:34 executing program 1:
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xd, 0x32, 0xffffffffffffffff, 0x0)
socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f00000000c0))
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$netlink(r0, 0x10e, 0x0, &(0x7f00000d9ffc)=""/4, &(0x7f0000000000)=0x4)
setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f0000000080)=0x8, 0x4)
io_setup(0x1, &(0x7f0000000040))
r1 = syz_open_procfs(0x0, &(0x7f000047d000)='pagemap\x00')
pwrite64(r0, &(0x7f0000000140)="b0dddc578d10d1c05f400f19b6488de435f6290a6f6d224a21b7d81179afae3743f6bed5babf1fd6363997b921c001314ec0a0fb38e5f9825d580fd34ac1138fb6ab371148b4318fdaf89e2db95791fb88eb7bba5c6a21f4972d06d41ae670403b4cfd83455291e58d0d0df82c28e92ec4fa33b87fc46b643fa5d61d554d0865a7a769268b5046c508eeba0c38381b1250745dd7e86378971e4ca4867021750801eb9baa9ca20933bed84be1a05d610b3dca0ac814483fa8d8347f40c3799639d680be9ca93c783dea721c79a454f29a83fc29a4715c92c79512fc3053195de205fce1b58832daf3fe04d9305d", 0xed, 0x0)
pread64(r1, &(0x7f0000000100)=""/8, 0x8, 0x0)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000240)=0x10, 0x4)

03:45:34 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f76")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1595.316653] binder: 16609:16610 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1595.321768] FAULT_INJECTION: forcing a failure.
[ 1595.321768] name failslab, interval 1, probability 0, space 0, times 0
[ 1595.335803] CPU: 1 PID: 16614 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1595.344220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1595.353590] Call Trace:
[ 1595.356202]  dump_stack+0x1c9/0x2b4
[ 1595.358644] binder: 16609:16610 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1595.359958]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1595.359980]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1595.360004]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[ 1595.382155]  should_fail.cold.4+0xa/0x11
[ 1595.386382]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1595.391673]  ? lock_release+0xa30/0xa30
[ 1595.395731]  ? kasan_check_read+0x11/0x20
[ 1595.396944] binder: 16609:16610 transaction failed 29189/-22, size 0-0 line 2852
[ 1595.399905]  ? rcu_is_watching+0x8c/0x150
[ 1595.399929]  ? is_bpf_text_address+0xd7/0x170
03:45:34 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f7620")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1595.399950]  ? kernel_text_address+0x79/0xf0
[ 1595.399970]  ? __kernel_text_address+0xd/0x40
[ 1595.425371]  ? lock_acquire+0x1e4/0x540
[ 1595.429427]  ? fs_reclaim_acquire+0x20/0x20
[ 1595.433787]  ? lock_downgrade+0x8f0/0x8f0
[ 1595.440031]  ? check_same_owner+0x340/0x340
[ 1595.444376]  ? save_stack+0xa9/0xd0
[ 1595.448344]  ? rcu_note_context_switch+0x730/0x730
[ 1595.448497] binder: undelivered TRANSACTION_ERROR: 29189
[ 1595.453407]  ? kmem_cache_alloc_trace+0x152/0x780
03:45:34 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:34 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1595.453424]  ? copy_mount_options+0x5f/0x380
[ 1595.453442]  __should_failslab+0x124/0x180
[ 1595.453460]  should_failslab+0x9/0x14
[ 1595.453479]  kmem_cache_alloc+0x2af/0x760
[ 1595.480618]  ? lock_acquire+0x1e4/0x540
[ 1595.484654]  getname_flags+0xd0/0x5a0
[ 1595.488475]  user_path_at_empty+0x2d/0x50
[ 1595.492639]  do_mount+0x180/0x1fb0
[ 1595.496220]  ? check_same_owner+0x340/0x340
[ 1595.500567]  ? lock_release+0xa30/0xa30
[ 1595.504655]  ? check_same_owner+0x340/0x340
[ 1595.508998]  ? copy_mount_string+0x40/0x40
[ 1595.513258]  ? kasan_kmalloc+0xc4/0xe0
03:45:34 executing program 5:
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

[ 1595.517163]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1595.522038]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1595.527633]  ? _copy_from_user+0xdf/0x150
[ 1595.531828]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1595.537400]  ? copy_mount_options+0x285/0x380
[ 1595.541915]  ksys_mount+0x12d/0x140
[ 1595.545567]  __x64_sys_mount+0xbe/0x150
[ 1595.549567]  do_syscall_64+0x1b9/0x820
[ 1595.553491]  ? finish_task_switch+0x1d3/0x870
[ 1595.558090]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1595.563040]  ? syscall_return_slowpath+0x31d/0x5e0
03:45:34 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f7620")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1595.568010]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1595.573046]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1595.578179]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1595.580489] binder: 16634:16635 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1595.582867]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1595.582889]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1595.582901] RIP: 0033:0x455e29
03:45:34 executing program 7:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x0, &(0x7f0000000080)="025cc83d6d345f8f762070")
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:34 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1595.582910] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1595.623868] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1595.631602] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1595.635820] binder: 16634:16635 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1595.638879] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1595.638888] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1595.638897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1595.638907] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000003
[ 1595.738445] binder: 16634:16635 transaction failed 29189/-22, size 0-0 line 2852
[ 1595.765983] binder: undelivered TRANSACTION_ERROR: 29189
03:45:35 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f000035d000))
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:35 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x20202}, 0xc)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000040)=0x20, 0x4)

03:45:35 executing program 4:
r0 = socket(0x0, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:35 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f7620")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:35 executing program 2 (fault-call:1 fault-nth:4):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:35 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:35 executing program 7:
socket$inet6(0xa, 0x1000000000002, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:35 executing program 5:
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

[ 1596.366080] binder: 16656:16657 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1596.366505] FAULT_INJECTION: forcing a failure.
[ 1596.366505] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 1596.385839] CPU: 1 PID: 16658 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1596.394284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1596.403824] Call Trace:
[ 1596.406436]  dump_stack+0x1c9/0x2b4
[ 1596.410082]  ? dump_stack_print_info.cold.2+0x52/0x52
03:45:35 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x7, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x40)

[ 1596.415747]  should_fail.cold.4+0xa/0x11
[ 1596.419842]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1596.424976]  ? __account_cfs_rq_runtime+0x770/0x770
[ 1596.425636] binder: 16656:16657 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1596.430006]  ? set_next_entity+0x2eb/0xc70
[ 1596.430025]  ? trace_hardirqs_on+0x10/0x10
[ 1596.430044]  ? trace_hardirqs_on+0x10/0x10
[ 1596.430058]  ? __enqueue_entity+0x10d/0x1f0
[ 1596.430081]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1596.459435]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1596.464990]  ? should_fail+0x246/0xd86
[ 1596.468880]  ? is_bpf_text_address+0xae/0x170
[ 1596.473379]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1596.478484]  __alloc_pages_nodemask+0x36e/0xdb0
[ 1596.483149]  ? kasan_check_read+0x11/0x20
[ 1596.487300]  ? rcu_is_watching+0x8c/0x150
[ 1596.491439]  ? __alloc_pages_slowpath+0x2d00/0x2d00
[ 1596.496448]  ? is_bpf_text_address+0xd7/0x170
[ 1596.500934]  ? kernel_text_address+0x79/0xf0
[ 1596.505338]  ? __kernel_text_address+0xd/0x40
[ 1596.509824]  ? lock_acquire+0x1e4/0x540
[ 1596.513793]  ? fs_reclaim_acquire+0x20/0x20
[ 1596.518099]  ? lock_downgrade+0x8f0/0x8f0
[ 1596.522240]  ? lock_release+0xa30/0xa30
[ 1596.526204]  ? check_same_owner+0x340/0x340
[ 1596.530520]  ? save_stack+0xa9/0xd0
[ 1596.534155]  cache_grow_begin+0x91/0x710
[ 1596.538224]  kmem_cache_alloc+0x689/0x760
[ 1596.542377]  getname_flags+0xd0/0x5a0
[ 1596.546181]  ? lock_acquire+0x1e4/0x540
[ 1596.550167]  user_path_at_empty+0x2d/0x50
[ 1596.554309]  do_mount+0x180/0x1fb0
[ 1596.557841]  ? kasan_check_read+0x11/0x20
[ 1596.561977]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1596.566391]  ? copy_mount_string+0x40/0x40
[ 1596.570619]  ? kasan_kmalloc+0xc4/0xe0
[ 1596.574501]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1596.579341]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1596.584883]  ? copy_mount_options+0x285/0x380
[ 1596.589398]  ksys_mount+0x12d/0x140
[ 1596.593033]  __x64_sys_mount+0xbe/0x150
[ 1596.597000]  do_syscall_64+0x1b9/0x820
[ 1596.600883]  ? finish_task_switch+0x1d3/0x870
[ 1596.605547]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1596.610469]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1596.615401]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1596.620409]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1596.625415]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1596.630075]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1596.634921]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1596.640110] RIP: 0033:0x455e29
[ 1596.643285] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1596.662511] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1596.670212] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1596.677470] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1596.684734] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1596.692093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1596.699352] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000004
03:45:35 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:35 executing program 4:
r0 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:35 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x0, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1596.715340] binder: 16656:16657 transaction failed 29189/-22, size 0-0 line 2852
[ 1596.729310] binder: undelivered TRANSACTION_ERROR: 29189
03:45:35 executing program 2 (fault-call:1 fault-nth:5):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:35 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000000c0), 0x80000002)

03:45:35 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:35 executing program 1:
syz_mount_image$ntfs(&(0x7f0000000280)='ntfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x93, &(0x7f0000000800), 0x0, &(0x7f00000008c0)={[{@case_sensitive_no='case_sensitive=\no', 0x2c}]})

[ 1596.862394] FAULT_INJECTION: forcing a failure.
[ 1596.862394] name failslab, interval 1, probability 0, space 0, times 0
[ 1596.867945] binder: 16693:16694 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1596.873825] CPU: 1 PID: 16692 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1596.889974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1596.899532] Call Trace:
[ 1596.902156]  dump_stack+0x1c9/0x2b4
[ 1596.905825]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1596.911060]  ? putname+0xf2/0x130
[ 1596.914543]  ? filename_lookup+0x397/0x510
[ 1596.918800]  ? user_path_at_empty+0x40/0x50
[ 1596.918957] binder: 16693:16694 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1596.923132]  ? do_mount+0x180/0x1fb0
[ 1596.923149]  ? __x64_sys_mount+0xbe/0x150
[ 1596.923171]  should_fail.cold.4+0xa/0x11
[ 1596.923192]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1596.946324] binder: 16693:16694 transaction failed 29189/-22, size 0-0 line 2852
[ 1596.946462]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1596.959131]  ? kasan_check_write+0x14/0x20
[ 1596.963389]  ? do_raw_spin_lock+0xc1/0x200
[ 1596.967659]  ? trace_hardirqs_off+0xd/0x10
[ 1596.971942]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[ 1596.977064]  ? debug_check_no_obj_freed+0x30b/0x595
[ 1596.981331] binder: undelivered TRANSACTION_ERROR: 29189
[ 1596.982100]  ? path_lookupat.isra.45+0x27d/0xbf0
[ 1596.982123]  ? trace_hardirqs_off+0xd/0x10
[ 1596.996640]  ? quarantine_put+0x10d/0x1b0
[ 1597.000803]  ? lock_acquire+0x1e4/0x540
[ 1597.002686] ntfs: (device loop1): parse_options(): Unrecognized mount option case_sen.
[ 1597.004802]  ? fs_reclaim_acquire+0x20/0x20
[ 1597.004821]  ? lock_downgrade+0x8f0/0x8f0
[ 1597.004841]  ? check_same_owner+0x340/0x340
[ 1597.025780]  ? lock_downgrade+0x8f0/0x8f0
[ 1597.029948]  ? rcu_note_context_switch+0x730/0x730
[ 1597.034900]  __should_failslab+0x124/0x180
[ 1597.039158]  should_failslab+0x9/0x14
[ 1597.042978]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1597.047701]  ? kasan_check_write+0x14/0x20
[ 1597.051994]  ? do_raw_read_unlock+0x3f/0x60
[ 1597.056341]  vfs_new_fs_context+0x5a/0x700
[ 1597.060597]  do_mount+0x5cf/0x1fb0
[ 1597.064157]  ? check_same_owner+0x340/0x340
[ 1597.068506]  ? lock_release+0xa30/0xa30
[ 1597.072870]  ? copy_mount_string+0x40/0x40
[ 1597.077465]  ? kasan_kmalloc+0xc4/0xe0
[ 1597.081443]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1597.086383]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1597.091927]  ? _copy_from_user+0xdf/0x150
[ 1597.096375]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1597.101927]  ? copy_mount_options+0x285/0x380
[ 1597.106452]  ksys_mount+0x12d/0x140
[ 1597.110147]  __x64_sys_mount+0xbe/0x150
[ 1597.114312]  do_syscall_64+0x1b9/0x820
[ 1597.118216]  ? finish_task_switch+0x1d3/0x870
[ 1597.122795]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1597.127735]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1597.132739]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1597.137747]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1597.142762]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1597.147427]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1597.152265]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1597.157462] RIP: 0033:0x455e29
[ 1597.160633] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1597.179965] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1597.187671] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1597.194950] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1597.202215] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1597.209476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1597.216752] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000005
[ 1597.235951] ntfs: (device loop1): parse_options(): Unrecognized mount option case_sen.
03:45:36 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:36 executing program 4:
r0 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:36 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x0, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:36 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(0xffffffffffffffff, r1, &(0x7f00000000c0), 0x80000002)

03:45:36 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:36 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:36 executing program 2 (fault-call:1 fault-nth:6):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:36 executing program 1:
unshare(0x40600)
r0 = syz_open_procfs(0x0, &(0x7f0000000ffd)='ns\x00')
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000000)=<r1=>0x0)
prlimit64(r1, 0xf, &(0x7f0000000040)={0x4, 0x3}, 0x0)
sync_file_range(r0, 0x0, 0x0, 0x0)

[ 1597.349063] binder: 16720:16721 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1597.376257] FAULT_INJECTION: forcing a failure.
[ 1597.376257] name failslab, interval 1, probability 0, space 0, times 0
[ 1597.387627] CPU: 0 PID: 16730 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
03:45:36 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:36 executing program 4:
r0 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:36 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(0xffffffffffffffff, r2, &(0x7f00000000c0), 0x80000002)

[ 1597.396049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1597.405415] Call Trace:
[ 1597.408022]  dump_stack+0x1c9/0x2b4
[ 1597.411675]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1597.416892]  ? kernel_text_address+0x79/0xf0
[ 1597.421334]  should_fail.cold.4+0xa/0x11
[ 1597.425418]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1597.430552]  ? save_stack+0xa9/0xd0
[ 1597.434212]  ? save_stack+0x43/0xd0
[ 1597.437862]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1597.442728]  ? vfs_new_fs_context+0x5a/0x700
03:45:36 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1597.447151]  ? do_mount+0x5cf/0x1fb0
[ 1597.450989]  ? ksys_mount+0x12d/0x140
[ 1597.454811]  ? __x64_sys_mount+0xbe/0x150
[ 1597.458981]  ? do_syscall_64+0x1b9/0x820
[ 1597.463065]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1597.468477]  ? trace_hardirqs_off+0xd/0x10
[ 1597.472734]  ? quarantine_put+0x10d/0x1b0
[ 1597.476907]  ? lock_acquire+0x1e4/0x540
[ 1597.480908]  ? fs_reclaim_acquire+0x20/0x20
[ 1597.485252]  ? lock_downgrade+0x8f0/0x8f0
[ 1597.489424]  ? check_same_owner+0x340/0x340
[ 1597.493764]  ? debug_mutex_init+0x2d/0x60
03:45:36 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:36 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, 0xffffffffffffffff, &(0x7f00000000c0), 0x80000002)

03:45:36 executing program 6:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d34")
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1597.497932]  ? rcu_note_context_switch+0x730/0x730
[ 1597.502886]  __should_failslab+0x124/0x180
[ 1597.507151]  should_failslab+0x9/0x14
[ 1597.510973]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1597.515676]  proc_init_fs_context+0x49/0x130
[ 1597.520107]  ? proc_fill_super+0x630/0x630
[ 1597.524360]  vfs_new_fs_context+0x2ba/0x700
[ 1597.528695]  do_mount+0x5cf/0x1fb0
[ 1597.532261]  ? check_same_owner+0x340/0x340
[ 1597.536606]  ? lock_release+0xa30/0xa30
[ 1597.540608]  ? copy_mount_string+0x40/0x40
[ 1597.544894]  ? retint_kernel+0x10/0x10
[ 1597.548814]  ? copy_mount_options+0x1a1/0x380
[ 1597.553349]  ? __sanitizer_cov_trace_pc+0x48/0x50
[ 1597.558238]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1597.563789]  ? copy_mount_options+0x285/0x380
[ 1597.568328]  ksys_mount+0x12d/0x140
[ 1597.571974]  __x64_sys_mount+0xbe/0x150
[ 1597.575970]  do_syscall_64+0x1b9/0x820
[ 1597.579875]  ? finish_task_switch+0x1d3/0x870
[ 1597.584397]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1597.589343]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1597.594292]  ? prepare_exit_to_usermode+0x3b0/0x3b0
03:45:36 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

[ 1597.599334]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1597.604373]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1597.609057]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1597.613921]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1597.619123] RIP: 0033:0x455e29
[ 1597.622315] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1597.642312] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1597.650043] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1597.657676] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1597.664975] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1597.665640] binder: 16720:16721 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1597.672523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1597.672532] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000006
[ 1597.710794] binder: 16720:16721 transaction failed 29189/-22, size 0-0 line 2852
[ 1597.726637] binder: undelivered TRANSACTION_ERROR: 29189
03:45:37 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:37 executing program 6:
socket$inet6(0xa, 0x1000000000002, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:37 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x0)

03:45:37 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:37 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:37 executing program 2 (fault-call:1 fault-nth:7):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:37 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:37 executing program 1:
r0 = open(&(0x7f000000cff8)='./file0\x00', 0x80040, 0x0)
perf_event_open(&(0x7f00000007c0)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0)
r2 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=<r3=>0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000340)={0x206, &(0x7f0000000300)=[{0x40, 0x81, 0xe864, 0x5}, {0xfffffffffffff804, 0x0, 0xdb, 0x8000}, {0x8, 0x10001, 0x100000001, 0xfffffffffffeffff}]}, 0xfffffeca)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@dev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000440)=0xe8)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000005c0)={<r8=>0x0}, &(0x7f0000000600)=0xc)
ptrace$poke(0x4, r8, &(0x7f0000000780), 0xc9)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000380)={"6272696467653000800000000040f400"})
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/mcfilter\x00')
alarm(0x7fffffff)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000200)={<r10=>0x0, 0x1, 0x81}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r9, 0x84, 0x7b, &(0x7f0000000280)={r10, 0x7}, &(0x7f0000000840)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc)={0xfffffffffffffffe, 0x1000, 0x400000, 0x4, 0x49f, 0xf687, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x200, 0x1})
r11 = accept(r4, &(0x7f0000000880)=@in={0x0, 0x0, @multicast2}, &(0x7f0000000900)=0x80)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000640)=@xdp={0x2c, 0x1, r7, 0x2d}, 0x80, &(0x7f0000001e00)=[{&(0x7f00000009c0)="094122780bbb193a14fac682d0ab5db7665504628b54bae3cf9d3cc2900c1d811f4fc90e7a1cb2cbe075f08fc172f04d471414a9a971eb05fef40ee17e4b7a0631879514e418d980416b7855c1c4f734623f3fac4d59791450a57d6f86c5ffe54b970296b9aefba04d2d9f9faf3731", 0x6f}, {&(0x7f0000000a40)="360dc59670e742a240bc6dcbe84f27dc1aa499d6811dd9e43390fd835cac6652941070a041ed73d7280224d716546c328700533717a21e6f3af968d7b340c84d960cd5a0ba602236fb3c887e2ebf92dfff2ae268e6f9d9896f46f0e26d689eef611bc6a8302310447baf102562d022b7784d054f05a956e256b771e6c72781b04aa2b6b48f1f3fa3ba2501f6569a8d94d83938db5778c0c33ec5fa77178a73df497c6f758e016ccbfa87d490c9d886a19419ff9543d37f4e34dce298ae626a8a85f77177a1a70312a57ede49cdab286959648807815a4e7e96125a8504bc9c7b3989", 0xe2}, {&(0x7f0000000b40)="8fb47c8a752a51a1a26455956d7d0ab7156dc153f97eb2eec788797b856d8354565737188b1812bc28db85f77dba0aee3ae143d469d5ce6afb3c6884be1fa17a8c0a50b3d73195d6b4ba065b73dc44af4757911d078935c3f1a0bcc10554e795f56a23813fc465040be31509ec72f2bb69fba6696fd04c57b608d43e4efc1b4cd3480fefb8950022ff5ec652a52b729bd519ce7ab63a5868b9aff2e04f05251841267a390ff26e4b8581d1dea80f0589", 0xb0}, {&(0x7f0000000c00)="5a1ceb2a3a0b40a8b482801716c247bf9ee5fc4822e96558b44caf33d7d7c6b2a6e5a3873084f17e1f85e6432470062ca8d9670cd0bf584a1e57940375480213d24e1bfea7be7fd188d9b6b902a55d22a47d4b0755cb1374c6dd9eb2943cc9c9c87651f7fafdfe5acaab9ad0095e71f93d5f90bb0ebf0c49a8c84593e89f072237ac081ada84ac76239a0b26637bda40e037e24a541ae4026eef1ad304b9540d4bbc2c2cf359cee81c469a202a9d285ba8379b7610fac2d6ec53c49c0d959095b75121df739d3510c64c17b10862a2ab9de625dd9b35a7dde4efe2e7d39c6aac2c427fb5195dce66b15a6216cbb48949f0f67dda", 0xf4}, {&(0x7f0000000d00)="bc25e27ae1a33d3dba5f95b43277ca218c4dce68ea7eb0c0eae82b555974a969cbd387b4ac6380fcbb20490d2bed2b90510448156875dc08fad6f62195b3ac9254143698d2ec922a195d0fff90d9f397e6dafb68fa4bb7046742b78d731df5fe580c656113ef95591e1ee5e243467e", 0x6f}, {&(0x7f0000000d80)="87540f5a0d27223d3695c3fe2687c3d685fb5fc599664c32f047723c7253bd2177d32dc0b60b89470a34dd2be664a82fd4df7cff942ee4d629bf764a3dd059d6817da8789b83936dd198c0e67ecd95be237e8ac4a5", 0x55}, {&(0x7f0000000e00)="0aeaafa1b64e65d7833b5271c147f164ecc7ae426a339b9b79bb07430621a04344e67f07bcf34797710f61a30f84625fa7bb600374148cce17d5c12537a6c6120b1b67f880b29d030f79e7e7cec83833a7dde0d478987cd505a256badadc3a19bb90519b25a5cc5f71a011d6b0c8b05444cb0f01a32b102aee1756ee40db11b221c951ad5bed1c654247f4859ef804d35094961ff1ff257818b7b9a378ffd57ef8c15ea2b7ae2836a70d8ee67929b1dc19bc04e22a6530e4c509d3034331e5eed5e31b384a2faa7942f60ae1a3e9096d79dac9af7e0c32ac0740ce683035ff0e9d1a5850dcd2a5e379b8ae9636013a8c077aa60a7e9f08e4cd9c5e1c5a0dd84d5d3648e9b8e17cccef89cf185acd034839484a3f5cc50d71202b049804aae7f8862474b65d44b847129c56136a699c7b84241d6252110e2c99e0ff7c77133db66df2778c30676d5bb6341b5b456143ef6eb452036e90ad60dafbcdab84dc5dc9c95f2f01b4ec36b2e5cbee6d6ce23fdcc459777778c1db733c568ff4bd83651b00700e8fb7bd89df90a072b9040c8f9afb12bfce876d5cd98b24c2d628dc35be32e549c997bb20b2c5e720a32228c0bf672417b8176117f4092fc13b49fa266dfd62ca2fd056f581e90d1f3b78203ae0c4cb05b1ecf6c2ff8e788fddcd361323ca89d95a8972a4188703a8c8b3e839675054a7cb6dd1d1fef0de1ac185cb5b58abed5ce951fd0c5e6b21acb82981301583f3f9461040a55251eae994b1c01a363980ba86b2b0822fe8f359c54f0f342e02ba019f9dc1ece81cf11955a8984e73a4439b679f236ae4ad17887817fba7ab8805b35d0bfefd2c7e35bedf001da14ed91d550851d368309c2c6c8ff37540499177a199354f87af6eed0ff48f0d2683c24360346bc0594c829efa9e781fe30cd6617483a3448ba0b451c5a960ca1e9bb6630a3f8025706c53720c909e610fdc9c13bac262139125541ca2fa805c417b50b8bf3d5de3c089941b057203fa4e6a380d636e5be181e49940fb60168ad25ba91578619e085c044682fe2dd5d10963b861a8cb59aeeabdd040a621c888673228aff65f799608780c7ec594eb36a87414afcf874e81e2d1673e24f0ea0f6f05f99f2c4476babae8485ccc8c7dbb2d931102303993e45d8a70b65c8afa4e1ed1495a0bde7243a466a0ca874f56e32455ed4a4d1a07a80738800c33e285ef4905e2d0ef6b3f87cbecb54d4d19ac0465da96245cb2cd5f45885ca1c47139da6dc66e052efedded97994cc401795e2c88aaa8e0a6b34679ecf22c821a72b2b6d650ff4deda4eb119f42d4cfad0b0ba4b98c4f086679d02e864a68201d906cfc2ad93bcb156fae98c676f142890fddbf3905d4c83038fe3856fddf230fc2f668154fdb479c1b2be4c011840bfa006ca625ce6e68e400cefbe2e7280858270a0a8f3c49022a40877a60afa4f0e4c9498848ce5640670ec1918a11a7cdba0e8f11a3a6d6dedea0de4402cbde877a9d1024ef34d1ff50183a38ba4860d73a99c291dff81deb5db9ab37fde58d187f0f7334b56e25f12678af44419445bb8c0d1bb13bcf424a339e18130672592dc55d64b505ccf9db17fface4d91cd79ee2ffd9c63b9f5b51aa0f63508f2d7cb56613816d096f816fa5ccc0cad5b38b6619aa11ac9f2ded444846d6b05d9a0ab4fa326d59615e56b2aaf8a2e83d1e7793aeae28acf393a9a411b84d385e2277d4af1005ad46bb50dd644abf364834640037191c0343fb4935fd9bf85885d99cdac188e2d975ebb04fca405fb78574634ab55aca8a41db3178a864263f6735593499f78919e72c5004c48d54199fb5cc47ea64258b039987167dc5f1811a1e2dac40be08dd7cdcb33a4c3a815f289c0cdae79127e280984a4960ef21973c00cb5f050f6bccf59759c6b7b66895f5ce25343a4798da66de1e1c50a00fb7bc4d130a507743c325507f12d28220fae56eb17e1daf6cd4bbff6c25208dba66cc2279a42a60bb075a4ca28b8a3df4c0daffe4d93f61629f3e52ca8c4e180f6431767e13b56f8d36028c773b5e4feedde8dea63d978021b65f432e451eea806dd5f26cc5ac5ab38d868ab70657df1792c1bac33c46e8eb7373b4c17fdc423756d095f866799645a5aeecdcf0e84314e54ab25cb74c733eb82a74389ef4b551fef959441155c0ff841790e397f27893ac89cf5677c506f3b3f223f7657373251a9090f85656c8245f90d862b74e7bfe487ffa413d6f36271d2d57235055781e4270ada706da53374cb1ee002e4a2feb037e650924860f1afb093f9983063e30c94599bf09fd84cfe1a8bc1e852a11319ac9641bce18df88e769fb2e5db2b0c622c6c4f52b1b2dd45b088cfebd3d5ac674ae2df9b33eecf19a007738ff453575f1a5671863e8b395180e6443f005fd5c51f976310a20d020c90644d6abda7663f550420b6b9bfb362683581f4644cace598aad904ec48621ee2de2db6215ba2fa7c03e702a50c756f4e2f524674c9c0d0c0a5cfb11108b43e4d29b302436bff4727f556756e9bacd9f178027e397969e8e1d70ecf2c07d6df218c035f54f3fb0f1ce01a40587cbb3396f43005caf32aa6e4ef4902f6f73cb685ada0e5f5246d483221bd403c551109c09dda7ee90b52fa3b6d4f75d60a5de7927e267a893706e5239d899a31b0f29022759435e115a57d07e11e1a96e230fd37a2fd29b4b1c934bb8f6105b8c21bd04c31d367b98340fefbed29edcbd431054f353d65fad5ff20275798dffc3a9b9e631593eefb6adca6ac0cb9b52ab818dfbf62c81949014b5199f0d808282649445198557a82dfa71486302c1291a07cff125f07d3fd3ff309b7b0451bbae808d7b3bcf6d66a00a7a09a7a517b08bb3679447ac81727f5b013e82896fb0809ec245704ad78f73259ddd502593fed60a712de346c645cd170473818936984d730bf47cd0c78cd467d271ac923eeaee723e27ed31c3dd9fe7897a03465a0ac6b4197a5437caf7a3672b1e367ed22177040a3a11417c9ba4e1b428fdfae64d1e5f2af50a0b795a20271cf8228f4f5fa90fc31c251fbfb7d13675e761766737729282a0acdde7211749641246fa338092b43fea5ce76d8cf4b7767f9d66d87930f58fc243f482208e986371687f9e130fdea4c225cbdd442ee77610047fd598d77b6236b815b2aca6c1af7f7dbadb99610a4cfd4148e30a58f41d370c592ddc57ef63d87d24aebb9a9a74dfc975b78fa89f1a8df373ceb29b16fb2071bf08006320cb75f98b9c8770dcadfbb4b4939081a167c88a47f5b106d61aed205c902ef90c31f485028c0b109c718f2112d7fb1e6e6238d65833dd46040f93af1dbc8eb24567201c11980f79acf394d6fe586b950998eb15845b00b698d9ab749dd4bbdc44a422bb382514324270d199eaeda6cb8c5242b64000c99ad118ebfac795d62a5d48335f267c6ee97ba4c3dcf1a6d6aa3dfbdc7abb3d3a68ebcd872d1bfef9d2a25049c804d6fd41235a2d5494c4391f0e6fb7a4ab9d1691fdeb9c490222b92338e0cc1b6929ee9f86b7f521e62943bbe64fdd658bb0fdc83a0d68768d1668bb1f0f101a78c37b3e67e3dc0aaa35eb206844562c53835b1b8c9cea5956757b3961864ce7316284606681bbeb0d12b481f01cc1a17a202d9b26f54c08353616f515e7804ee1f023ac771e7eefe185ab36c9fe57e50341600a4137ec9372cd857bacea9d0743bed3e7c10eb638c6cd484119daafcd9e84186b7beb761d46afd909574f0936ed14ce2553762ad0079babc64d728768817ef22b37b6f25ad0833a1ad680cf137eccd5316c42c57d38b284496884366423031b5673f6a80a37fc6d8bc3b74f1445b2e0a1940a0305003c75fddddc618a459f7adff64c58283be2e299490479c31e05bd3daef50e2c9861ccc8e75405ebda20fb25146e196c891d9bd63e86fbba4dacc8462d4c5362aa0ea81cfb096cf78704b832b5e78143e22466e0af2a884bae7412f47efd0569f76a8459dd23ab17c476916cd676863bc0a6e92fe427d4d65426c6ee4ba57206e4ce9820411229c832eb4918c9ae2ad71dbedc9a99a27b7c93bfdbfa7f2101624b027525953add11d6f659eae3e17f7640c631680c8ed33a6a25f4f41876a02ab1d7307a7020d9512c9e1aa540419686603595b8f842f889f58c8e8e9cc6d80432cba1a97c0f5627465b13d940fff2e33ac764c9b089a048fd327dc84907cca662a2917624afcdd46f4668797b3f7ea0dabb18baa1ff989ab059d2bd50c7e54215e1ad6eeb8cbab9c4e79f8f5699efd5c16f8b29111ab42c67490a77c9d84a0a1360c8d9d11b01b6f78714b413b47a6e61a3e04a6d44d270ce8546db8de33c15071c43744f67ce33e8c5050fdf1b47078cb18dbd39aa3e1541b3161724cc986c640462d07ec18c5f8751ef01fcb31b001d4c89b730512da18cae2ab1fca5b8d50c09de44def0ceceffefda6897697a57d7c63bd6ace1220f745b56c06b9fcd8c89f5482285ce304d5a97c11aea647ed561c7cc4561f16fbb424f4a91c4be31780b0c6b5fb64f27fbcb5697d0c6895a4ad1b8464e931a179ae51a43d4e7f637b9b182087da360563ecc159df8b3c02413563cace9c52ee6bbe83e6cbcf0a50f853c8682662c29681918a2840a744222b5c550fc84efba9f388699190cd11c17288746b9f4ad487fd82f839f7d6d72e2820780eb8c90212f4769d828a8bf17ba7aabd6a1bd27cecf171048643c27e60b77f8eab58c78c92aec39a602b305ee47df68587974123f9619353dd82a853d38228affdaa0567a7cda0b50981c4d4f16c60ec56984c19d49b5a544e1e0997de89bf972ea8e6e663b7c4212e358659cd371c15b1f19f957f9e68505c72d37f1da8d3373242c4959a4847421860cc05c6b63a3fae80d588ab9a1a68b681440ef954f36e8a7050132cbbbbaa65016f1c7eca54d47dddc89712bed913f0426b6676c7880e2eb150c769ac163c10ab66e53ebd5ea86b61d0a9f7f125902e3acfe872b70bbd23e7aa824b25ea6a73121d04c46548167f9789446e2e5949973590cc4ff52efec0f6a7d4e907c0aac4be9853a18452599f6103b5ef59e8dd252a3e73db79436c49143bdbf697f70e306b4030d282159a658a1193382eed4d935594df5c3094ff4828b8fc66bfd6240b4a102d0484b8252d8acbb583173612004acd1c8be7769ef0fd6c9940e173aec206ec3d693f0b73de73af53d9a24424822c373aca45f224f1859c3386d3a9a9b1cebfacf5e3e929543a2eed6b92cd6632282bfdc5d88b02db1195f852c464fd13d64b9f8c4a258152c86f5cf01cbaa950ee87f6c1fc36c881d89bdab809f48e8ff6fc583f4f66ec80470e43cc4f45824dbf41aed284c9cb6cc170e7a5ac162a494a76b2fff377d2731f5cacf207db43d77f8ab2b97180cc7b68d92abe1c700d76e5b50447db0d4f869b3cad48c5d92a8a5ffa9a94e6e81d182bc3e2119dedcf98e4248f7c3f31ab92abe6c25d98122f5ed7af626c3ed71552a485cb86c0988ede60775641d4b4f09e82fd30e9f9b8102be2213e5524fcc6ede69cdea9f9a4c8ac8c3c38b43694e0bac37a598ac1f609e284854cf4d8bda6dc960032029d4ca45fb27b1bb8c0cb89cc42a985951a27772c6a22832f2e83d6c35991d6ab0c57c6e8070d2d5a26b4d1ab273b6a83ad18b31b1d6e1a294be1543a39bed314c44de8dee748453dde11f8ba217e1b79205a510153661a011276992f54dca89c13916df319c518551cc4684c424a2c81c014d", 0x1000}], 0x7, &(0x7f0000001e80)=[{0x48, 0x100, 0x4, "27968adb24045469c097d0e45feaa440febe99720604fe25c3bdbdfd92c00e752a6495f01e9d5f1453957f38f538ef8d5cbe"}, {0xd8, 0x115, 0x4, "5933d2e31f837f285317bec63d7a44556bcebe8e3e9e01a2fb47f2cb75b60c375f73657d648baa48cdeb435d2c2b77e8c37e1ac7c3882c6c9e2eb0017b1f7a2ee04e69f60f171d0266532c557df0a731330fe294860efead009e481c74c5dc013a2853f10457b4e32c13c972707e743a1519f0f24ede11e5811b5139904d0b5a5df17b07c5bf75bdab9f75ac74924cfcfc7d99d887558e8c0050622128b2003038e566504ff12ca1c2fb1006c0dea3bdac35e32383b5979d3861f078ae0e01f9f89d23aace0f"}, {0xe8, 0x109, 0x9, "4b4baa22022862357033ecd4d5df5b3d6d7d7461eb7e5de25b0674c4a8b7b32bc69731f2b2ef59ee15fa9279027ce11cefc150fd07b67f9617756711bcc8abe5a6f74efea2039d38bda04cc2e95e55870c0bf9616a6f069ed81156973749258b05a1133d390ac21e52edcd95edab9bac496b7fbc3ce1a16526fbe077a8c46e3933589ebb8fcf903912f0e14952196b62fd5c7b6b9b018f97ec930713ad3ac015e5e96afc61919fd9b6a14e27aec5bf4ae3197ee6db91e82a9bae44dedc7cfa9b1707949713b4e41f13e6f3f444fa006cb9c55d80b9025b"}], 0x208, 0x20044845}, 0x10)
syz_open_pts(0xffffffffffffffff, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000740)={@multicast1, @dev, <r12=>0x0}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_IPV6_PKTINFO(r11, 0x29, 0x32, &(0x7f00000003c0)={@local={0xfe, 0x80, [], 0xaa}, r12}, 0x14)
ioctl$FIONREAD(r9, 0x541b, &(0x7f0000000040))
accept4(r5, &(0x7f0000000940)=@hci, &(0x7f0000000700)=0x80, 0x20080000)
getsockopt$inet6_int(r4, 0x29, 0x50, &(0x7f0000000000), &(0x7f0000000040)=0x4)
kcmp(r2, r3, 0x0, r1, r1)
ioctl$sock_SIOCBRDELBR(r9, 0x89a1, &(0x7f00000002c0)='gre0\x00')

[ 1598.243759] binder: 16767:16769 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1598.254311] FAULT_INJECTION: forcing a failure.
[ 1598.254311] name failslab, interval 1, probability 0, space 0, times 0
[ 1598.265733] CPU: 1 PID: 16765 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1598.274155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1598.283524] Call Trace:
[ 1598.286135]  dump_stack+0x1c9/0x2b4
03:45:37 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:37 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(0xffffffffffffffff, r1, &(0x7f00000000c0), 0x80000002)

[ 1598.289782]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1598.294997]  ? __kernel_text_address+0xd/0x40
[ 1598.299748]  ? perf_trace_lock+0xde/0x920
[ 1598.303942]  should_fail.cold.4+0xa/0x11
[ 1598.308223]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1598.313357]  ? save_stack+0xa9/0xd0
[ 1598.317011]  ? save_stack+0x43/0xd0
[ 1598.320675]  ? kasan_kmalloc+0xc4/0xe0
[ 1598.324675]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1598.329544]  ? proc_init_fs_context+0x49/0x130
[ 1598.334358]  ? vfs_new_fs_context+0x2ba/0x700
[ 1598.338877]  ? do_mount+0x5cf/0x1fb0
03:45:37 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, 0x0, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

[ 1598.342620]  ? ksys_mount+0x12d/0x140
[ 1598.346472]  ? do_syscall_64+0x1b9/0x820
[ 1598.350558]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1598.355947]  ? __x64_sys_mount+0xbe/0x150
[ 1598.360118]  ? do_syscall_64+0x1b9/0x820
[ 1598.364201]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1598.369631]  ? trace_hardirqs_off+0xd/0x10
[ 1598.373894]  ? lock_acquire+0x1e4/0x540
[ 1598.377889]  ? fs_reclaim_acquire+0x20/0x20
[ 1598.382233]  ? lock_downgrade+0x8f0/0x8f0
[ 1598.386434]  ? check_same_owner+0x340/0x340
03:45:37 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, 0xffffffffffffffff, &(0x7f00000000c0), 0x80000002)

[ 1598.390808]  ? rcu_note_context_switch+0x730/0x730
[ 1598.395877]  __should_failslab+0x124/0x180
[ 1598.400143]  should_failslab+0x9/0x14
[ 1598.404091]  __kmalloc_track_caller+0x2c4/0x760
[ 1598.408792]  ? vfs_set_fs_source+0x67/0x180
[ 1598.413146]  kmemdup_nul+0x31/0xa0
[ 1598.416712]  vfs_set_fs_source+0x67/0x180
[ 1598.420901]  do_mount+0x61b/0x1fb0
[ 1598.424645]  ? check_same_owner+0x340/0x340
[ 1598.428993]  ? lock_release+0xa30/0xa30
[ 1598.432999]  ? copy_mount_string+0x40/0x40
[ 1598.437261]  ? kasan_kmalloc+0xc4/0xe0
03:45:37 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, 0x0, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:37 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x0)

[ 1598.441717]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1598.446581]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1598.452161]  ? _copy_from_user+0xdf/0x150
[ 1598.456329]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1598.461886]  ? copy_mount_options+0x285/0x380
[ 1598.466404]  ksys_mount+0x12d/0x140
[ 1598.470062]  __x64_sys_mount+0xbe/0x150
[ 1598.474076]  do_syscall_64+0x1b9/0x820
[ 1598.477984]  ? finish_task_switch+0x1d3/0x870
[ 1598.482506]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1598.487460]  ? syscall_return_slowpath+0x31d/0x5e0
03:45:37 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, 0x0, r1)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:37 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x0)

[ 1598.492409]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1598.498056]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1598.503349]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1598.508062]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1598.513630]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1598.518859] RIP: 0033:0x455e29
[ 1598.522050] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1598.541383] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1598.549134] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1598.556429] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1598.563712] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1598.570998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1598.578306] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000007
03:45:37 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x0)

[ 1598.593931] binder: 16767:16769 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1598.627577] binder: 16767:16769 transaction failed 29189/-22, size 0-0 line 2852
03:45:37 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:37 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3}})

03:45:37 executing program 2 (fault-call:1 fault-nth:8):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1598.654476] binder: undelivered TRANSACTION_ERROR: 29189
[ 1598.724433] FAULT_INJECTION: forcing a failure.
[ 1598.724433] name failslab, interval 1, probability 0, space 0, times 0
[ 1598.736062] CPU: 1 PID: 16814 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1598.744472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1598.753837] Call Trace:
[ 1598.756450]  dump_stack+0x1c9/0x2b4
[ 1598.760107]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1598.765332]  should_fail.cold.4+0xa/0x11
[ 1598.769523]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1598.774653]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1598.779735]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[ 1598.784526]  ? trace_hardirqs_on+0x10/0x10
[ 1598.788789]  ? lock_acquire+0x1e4/0x540
[ 1598.792791]  ? is_bpf_text_address+0xae/0x170
[ 1598.797405]  ? lock_downgrade+0x8f0/0x8f0
[ 1598.801583]  ? lock_release+0xa30/0xa30
[ 1598.805594]  ? lock_acquire+0x1e4/0x540
[ 1598.809765]  ? fs_reclaim_acquire+0x20/0x20
[ 1598.814099]  ? lock_downgrade+0x8f0/0x8f0
[ 1598.818258]  ? check_same_owner+0x340/0x340
[ 1598.822581]  ? rcu_note_context_switch+0x730/0x730
[ 1598.827524]  ? unwind_get_return_address+0x61/0xa0
[ 1598.832484]  __should_failslab+0x124/0x180
[ 1598.836741]  should_failslab+0x9/0x14
[ 1598.840549]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1598.845223]  ? save_stack+0xa9/0xd0
[ 1598.848849]  alloc_super+0xd4/0xb10
[ 1598.852468]  ? ksys_mount+0x12d/0x140
[ 1598.856266]  ? destroy_unused_super.part.11+0x110/0x110
[ 1598.861634]  ? sget_fc+0x261/0x950
[ 1598.865181]  ? lock_downgrade+0x8f0/0x8f0
[ 1598.869350]  ? kasan_check_read+0x11/0x20
[ 1598.873492]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1598.877916]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1598.882512]  ? kasan_check_write+0x14/0x20
[ 1598.886773]  ? do_raw_spin_lock+0xc1/0x200
[ 1598.891031]  ? ns_test_super+0x50/0x50
[ 1598.894928]  sget_fc+0x269/0x950
[ 1598.898291]  ? compare_single+0x10/0x10
[ 1598.902268]  ? alloc_super+0xb10/0xb10
[ 1598.906149]  ? kasan_kmalloc+0xc4/0xe0
[ 1598.910048]  ? __kmalloc_track_caller+0x311/0x760
[ 1598.914898]  ? proc_root_lookup+0x60/0x60
[ 1598.919047]  vfs_get_super+0x6e/0x270
[ 1598.922873]  proc_get_tree+0x88/0xb0
[ 1598.926592]  vfs_get_tree+0x1cb/0x5c0
[ 1598.930396]  do_mount+0x6c1/0x1fb0
[ 1598.933947]  ? kasan_check_read+0x11/0x20
[ 1598.938108]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1598.942533]  ? copy_mount_string+0x40/0x40
[ 1598.946786]  ? kasan_kmalloc+0xc4/0xe0
[ 1598.950767]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1598.955619]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1598.961186]  ? copy_mount_options+0x285/0x380
[ 1598.965715]  ksys_mount+0x12d/0x140
[ 1598.969354]  __x64_sys_mount+0xbe/0x150
[ 1598.973421]  do_syscall_64+0x1b9/0x820
[ 1598.977316]  ? syscall_slow_exit_work+0x500/0x500
[ 1598.982151]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1598.987094]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1598.992394]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1598.997427]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1599.002140]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1599.007001]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1599.012195] RIP: 0033:0x455e29
[ 1599.015371] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1599.034615] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1599.042334] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1599.049940] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1599.057194] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1599.064458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
03:45:38 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:38 executing program 1:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f00001c2000)=ANY=[@ANYBLOB="021800001c000000000000000000000005000600000000000a00000000000000fe8000000000000000000000000000ff000000000000000008001900000000000000080000000000ff020000000000000000000000000001000000010a00000000000000fe8000000000000000000000000000ff0000000005000500000000000a00000000000000fe80000000000000000000000000000000000000000000000800120000000000000000000000000027000000000100000000e33380f60000005baf5a720000000020000000000001fe8000000000000000000000000000ff"], 0xe0}, 0x1}, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x200, 0x0)
recvmsg$kcm(r1, &(0x7f00000003c0)={&(0x7f00000000c0)=@pppoe={0x0, 0x0, {0x0, @local}}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000140)=""/86, 0x56}, {&(0x7f00000001c0)=""/126, 0x7e}, {&(0x7f0000000240)=""/3, 0x3}, {&(0x7f0000000280)=""/113, 0x71}], 0x4, &(0x7f0000000340)=""/100, 0x64, 0x64d}, 0x40000020)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x400, 0x0)
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000040))

03:45:38 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x0)

03:45:38 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000))

03:45:38 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x0)

03:45:38 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:38 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:38 executing program 2 (fault-call:1 fault-nth:9):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1599.071726] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000008
03:45:38 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

[ 1599.144470] binder: 16829:16836 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1599.152213] FAULT_INJECTION: forcing a failure.
[ 1599.152213] name failslab, interval 1, probability 0, space 0, times 0
[ 1599.160064] binder_alloc: 16829: binder_alloc_buf, no vma
[ 1599.163697] CPU: 1 PID: 16822 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1599.169316] binder: 16829:16836 transaction failed 29189/-3, size 0-0 line 2967
[ 1599.177661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
03:45:38 executing program 4 (fault-call:3 fault-nth:0):
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000))

03:45:38 executing program 7 (fault-call:4 fault-nth:0):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

[ 1599.177668] Call Trace:
[ 1599.177694]  dump_stack+0x1c9/0x2b4
[ 1599.177712]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1599.177738]  ? trace_hardirqs_on+0xd/0x10
[ 1599.210084]  should_fail.cold.4+0xa/0x11
[ 1599.214166]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1599.215080] binder: undelivered TRANSACTION_ERROR: 29189
[ 1599.219287]  ? lock_repin_lock+0x430/0x430
[ 1599.219312]  ? __schedule+0x884/0x1ed0
[ 1599.219336]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[ 1599.238064]  ? __sched_text_start+0x8/0x8
03:45:38 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:38 executing program 3 (fault-call:6 fault-nth:0):
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

[ 1599.242240]  ? pcpu_alloc+0x190/0x13a0
[ 1599.246149]  ? lock_acquire+0x1e4/0x540
[ 1599.250132]  ? fs_reclaim_acquire+0x20/0x20
[ 1599.254466]  ? lock_downgrade+0x8f0/0x8f0
[ 1599.258619]  ? pcpu_balance_workfn+0x1700/0x1700
[ 1599.263390]  ? check_same_owner+0x340/0x340
[ 1599.267723]  ? __lockdep_init_map+0x105/0x590
[ 1599.272229]  ? lock_acquire+0x1e4/0x540
[ 1599.276306]  __should_failslab+0x124/0x180
[ 1599.281083]  should_failslab+0x9/0x14
[ 1599.284900]  __kmalloc+0x2c8/0x760
[ 1599.288451]  ? kasan_check_write+0x14/0x20
[ 1599.292723]  ? __init_rwsem+0x1cc/0x2a0
[ 1599.296714]  ? do_raw_write_unlock.cold.8+0x49/0x49
[ 1599.301745]  ? prealloc_shrinker+0x124/0x480
[ 1599.306167]  ? __lockdep_init_map+0x105/0x590
[ 1599.310693]  prealloc_shrinker+0x124/0x480
[ 1599.315028]  ? __init_waitqueue_head+0x9e/0x150
[ 1599.319713]  ? inactive_list_is_low+0x850/0x850
[ 1599.324395]  ? __lockdep_init_map+0x105/0x590
[ 1599.328942]  alloc_super+0x8dd/0xb10
[ 1599.333393]  ? destroy_unused_super.part.11+0x110/0x110
[ 1599.338778]  ? lock_downgrade+0x8f0/0x8f0
[ 1599.341588] binder: 16839:16846 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1599.342943]  ? kasan_check_read+0x11/0x20
[ 1599.342962]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1599.342976]  ? kasan_check_write+0x14/0x20
[ 1599.342994]  ? do_raw_spin_lock+0xc1/0x200
[ 1599.351473] FAULT_INJECTION: forcing a failure.
[ 1599.351473] name failslab, interval 1, probability 0, space 0, times 0
[ 1599.354097]  ? ns_test_super+0x50/0x50
[ 1599.354114]  sget_fc+0x269/0x950
[ 1599.354129]  ? compare_single+0x10/0x10
[ 1599.354142]  ? alloc_super+0xb10/0xb10
[ 1599.354163]  ? kasan_kmalloc+0xc4/0xe0
[ 1599.397395]  ? __kmalloc_track_caller+0x311/0x760
[ 1599.402268]  ? proc_root_lookup+0x60/0x60
[ 1599.406418]  vfs_get_super+0x6e/0x270
[ 1599.410224]  proc_get_tree+0x88/0xb0
[ 1599.413933]  vfs_get_tree+0x1cb/0x5c0
[ 1599.417735]  do_mount+0x6c1/0x1fb0
[ 1599.421273]  ? check_same_owner+0x340/0x340
[ 1599.425592]  ? lock_release+0xa30/0xa30
[ 1599.429564]  ? copy_mount_string+0x40/0x40
[ 1599.433796]  ? kasan_kmalloc+0xc4/0xe0
[ 1599.437682]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1599.442538]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1599.448078]  ? _copy_from_user+0xdf/0x150
[ 1599.452226]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1599.457762]  ? copy_mount_options+0x285/0x380
[ 1599.462259]  ksys_mount+0x12d/0x140
[ 1599.465886]  __x64_sys_mount+0xbe/0x150
[ 1599.469860]  do_syscall_64+0x1b9/0x820
[ 1599.473751]  ? finish_task_switch+0x1d3/0x870
[ 1599.478249]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1599.483180]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1599.488112]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1599.493126]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1599.498142]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1599.502808]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1599.507650]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1599.512831] RIP: 0033:0x455e29
[ 1599.516009] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1599.535266] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1599.542975] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1599.550240] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1599.557504] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1599.564793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1599.572085] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000009
[ 1599.579733] CPU: 0 PID: 16845 Comm: syz-executor7 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1599.588151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1599.597083] FAULT_INJECTION: forcing a failure.
[ 1599.597083] name failslab, interval 1, probability 0, space 0, times 0
[ 1599.597508] Call Trace:
[ 1599.597529]  dump_stack+0x1c9/0x2b4
[ 1599.597554]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1599.620126]  ? trace_hardirqs_on+0x10/0x10
[ 1599.624362]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1599.629900]  should_fail.cold.4+0xa/0x11
[ 1599.634019]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1599.639124]  ? lock_release+0xa30/0xa30
[ 1599.643103]  ? dput.part.26+0x248/0x7a0
[ 1599.647079]  ? lock_downgrade+0x8f0/0x8f0
[ 1599.651228]  ? trace_hardirqs_on+0x10/0x10
[ 1599.655465]  ? mntput_no_expire+0x18e/0xbc0
[ 1599.659794]  ? do_raw_spin_lock+0xc1/0x200
[ 1599.664037]  ? mnt_get_count+0x150/0x150
[ 1599.668100]  ? lock_acquire+0x1e4/0x540
[ 1599.672090]  ? fs_reclaim_acquire+0x20/0x20
[ 1599.676698]  ? lock_downgrade+0x8f0/0x8f0
[ 1599.680848]  ? __fdget_pos+0x1bb/0x200
[ 1599.684738]  ? check_same_owner+0x340/0x340
[ 1599.689059]  ? rcu_note_context_switch+0x730/0x730
[ 1599.693991]  __should_failslab+0x124/0x180
[ 1599.698248]  should_failslab+0x9/0x14
[ 1599.702862]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1599.707615]  ? _parse_integer+0x190/0x190
[ 1599.711766]  alloc_pipe_info+0x175/0x5a0
[ 1599.715826]  ? pipe_read+0x940/0x940
[ 1599.719540]  ? ksys_dup3+0x690/0x690
[ 1599.723256]  ? lock_release+0xa30/0xa30
[ 1599.727324]  ? pid_task+0x115/0x200
[ 1599.730963]  splice_direct_to_actor+0x6fc/0x8f0
[ 1599.735628]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1599.741159]  ? pipe_to_sendpage+0x400/0x400
[ 1599.745480]  ? do_splice_to+0x190/0x190
[ 1599.749446]  ? security_file_permission+0x1c2/0x230
[ 1599.754476]  ? rw_verify_area+0x118/0x360
[ 1599.758618]  do_splice_direct+0x2d4/0x420
[ 1599.762761]  ? splice_direct_to_actor+0x8f0/0x8f0
[ 1599.767601]  ? rw_verify_area+0x118/0x360
[ 1599.771742]  do_sendfile+0x62a/0xe20
[ 1599.775451]  ? do_compat_pwritev64+0x1c0/0x1c0
[ 1599.780043]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1599.785573]  ? _copy_from_user+0xdf/0x150
[ 1599.789713]  __x64_sys_sendfile64+0x15d/0x250
[ 1599.794206]  ? __ia32_sys_sendfile+0x2a0/0x2a0
[ 1599.798789]  do_syscall_64+0x1b9/0x820
[ 1599.802770]  ? finish_task_switch+0x1d3/0x870
[ 1599.807279]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1599.812203]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1599.817125]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1599.822143]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1599.827148]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1599.831810]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1599.836646]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1599.841821] RIP: 0033:0x455e29
[ 1599.844996] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1599.864215] RSP: 002b:00007f4f3b682c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1599.871915] RAX: ffffffffffffffda RBX: 00007f4f3b6836d4 RCX: 0000000000455e29
[ 1599.879175] RDX: 00000000200000c0 RSI: 0000000000000015 RDI: 0000000000000014
[ 1599.886431] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[ 1599.893699] R10: 0000000080000002 R11: 0000000000000246 R12: 0000000000000017
[ 1599.900957] R13: 00000000004c1113 R14: 00000000004d1540 R15: 0000000000000000
[ 1599.908231] CPU: 1 PID: 16848 Comm: syz-executor3 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1599.916646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1599.926003] Call Trace:
[ 1599.928602]  dump_stack+0x1c9/0x2b4
[ 1599.932235]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1599.932814] binder_alloc: 16839: binder_alloc_buf, no vma
[ 1599.937426]  ? trace_hardirqs_on+0x10/0x10
03:45:39 executing program 2 (fault-call:1 fault-nth:10):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1599.937442]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1599.937461]  should_fail.cold.4+0xa/0x11
[ 1599.937487]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1599.943046] binder: 16839:16846 transaction failed 29189/-3, size 0-0 line 2967
[ 1599.947231]  ? lock_release+0xa30/0xa30
[ 1599.947245]  ? dput.part.26+0x248/0x7a0
[ 1599.947264]  ? lock_downgrade+0x8f0/0x8f0
[ 1599.981539]  ? trace_hardirqs_on+0x10/0x10
[ 1599.985791]  ? mntput_no_expire+0x18e/0xbc0
[ 1599.990140]  ? do_raw_spin_lock+0xc1/0x200
[ 1599.992589] FAULT_INJECTION: forcing a failure.
[ 1599.992589] name failslab, interval 1, probability 0, space 0, times 0
[ 1599.994395]  ? mnt_get_count+0x150/0x150
[ 1599.994414]  ? lock_acquire+0x1e4/0x540
[ 1599.994439]  ? fs_reclaim_acquire+0x20/0x20
[ 1600.017921]  ? lock_downgrade+0x8f0/0x8f0
[ 1600.022069]  ? __fdget_pos+0x1bb/0x200
[ 1600.025952]  ? check_same_owner+0x340/0x340
[ 1600.030286]  ? rcu_note_context_switch+0x730/0x730
[ 1600.035218]  __should_failslab+0x124/0x180
[ 1600.039457]  should_failslab+0x9/0x14
[ 1600.043347]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1600.048017]  ? _parse_integer+0x190/0x190
[ 1600.052171]  alloc_pipe_info+0x175/0x5a0
[ 1600.056244]  ? pipe_read+0x940/0x940
[ 1600.059970]  ? ksys_dup3+0x690/0x690
[ 1600.064754]  ? lock_release+0xa30/0xa30
[ 1600.068809]  ? pid_task+0x115/0x200
[ 1600.072443]  splice_direct_to_actor+0x6fc/0x8f0
[ 1600.077119]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1600.082664]  ? pipe_to_sendpage+0x400/0x400
[ 1600.087004]  ? do_splice_to+0x190/0x190
[ 1600.090994]  ? security_file_permission+0x1c2/0x230
[ 1600.096017]  ? rw_verify_area+0x118/0x360
[ 1600.100187]  do_splice_direct+0x2d4/0x420
[ 1600.104600]  ? splice_direct_to_actor+0x8f0/0x8f0
[ 1600.109441]  ? rw_verify_area+0x118/0x360
[ 1600.113592]  do_sendfile+0x62a/0xe20
[ 1600.117315]  ? do_compat_pwritev64+0x1c0/0x1c0
[ 1600.121898]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1600.127439]  ? _copy_from_user+0xdf/0x150
[ 1600.131592]  __x64_sys_sendfile64+0x15d/0x250
[ 1600.136106]  ? __ia32_sys_sendfile+0x2a0/0x2a0
[ 1600.140704]  do_syscall_64+0x1b9/0x820
[ 1600.144588]  ? finish_task_switch+0x1d3/0x870
[ 1600.149085]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1600.154016]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1600.158945]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1600.163959]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1600.169088]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1600.173854]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1600.178803]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1600.184002] RIP: 0033:0x455e29
[ 1600.187199] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1600.207062] RSP: 002b:00007f623d1fac68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1600.214945] RAX: ffffffffffffffda RBX: 00007f623d1fb6d4 RCX: 0000000000455e29
[ 1600.222381] RDX: 00000000200000c0 RSI: 0000000000000016 RDI: 0000000000000015
[ 1600.229730] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[ 1600.237080] R10: 0000000080000002 R11: 0000000000000246 R12: 0000000000000018
[ 1600.244441] R13: 00000000004c1113 R14: 00000000004d1540 R15: 0000000000000000
[ 1600.251747] CPU: 0 PID: 16853 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1600.261225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1600.270567] Call Trace:
[ 1600.273163]  dump_stack+0x1c9/0x2b4
[ 1600.276797]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1600.281983]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1600.287522]  should_fail.cold.4+0xa/0x11
[ 1600.291589]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1600.296682]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1600.302210]  ? replace_slot+0xc9/0x4c0
[ 1600.306089]  ? __save_stack_trace+0x8d/0xf0
[ 1600.310416]  ? plist_requeue+0x650/0x650
[ 1600.314470]  ? save_stack+0xa9/0xd0
[ 1600.318097]  ? lock_acquire+0x1e4/0x540
[ 1600.322073]  ? lock_acquire+0x1e4/0x540
[ 1600.326040]  ? fs_reclaim_acquire+0x20/0x20
[ 1600.330350]  ? lock_downgrade+0x8f0/0x8f0
[ 1600.334484]  ? check_same_owner+0x340/0x340
[ 1600.338793]  ? check_same_owner+0x340/0x340
[ 1600.343116]  ? rcu_note_context_switch+0x730/0x730
[ 1600.348039]  __should_failslab+0x124/0x180
[ 1600.352265]  should_failslab+0x9/0x14
[ 1600.356052]  __kmalloc+0x2c8/0x760
[ 1600.359578]  ? rcu_note_context_switch+0x730/0x730
[ 1600.364493]  ? __list_lru_init+0x151/0x840
[ 1600.368717]  __list_lru_init+0x151/0x840
[ 1600.372768]  ? list_lru_destroy+0x500/0x500
[ 1600.377077]  ? prealloc_shrinker+0x124/0x480
[ 1600.381477]  ? prealloc_shrinker+0x213/0x480
[ 1600.385887]  ? __init_waitqueue_head+0x9e/0x150
[ 1600.390556]  ? inactive_list_is_low+0x850/0x850
[ 1600.395219]  ? __lockdep_init_map+0x105/0x590
[ 1600.399707]  alloc_super+0x976/0xb10
[ 1600.403411]  ? destroy_unused_super.part.11+0x110/0x110
[ 1600.408764]  ? lock_downgrade+0x8f0/0x8f0
[ 1600.412907]  ? kasan_check_read+0x11/0x20
[ 1600.417044]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1600.421615]  ? kasan_check_write+0x14/0x20
[ 1600.425842]  ? do_raw_spin_lock+0xc1/0x200
[ 1600.430076]  ? ns_test_super+0x50/0x50
[ 1600.433987]  sget_fc+0x269/0x950
[ 1600.437361]  ? compare_single+0x10/0x10
[ 1600.441344]  ? alloc_super+0xb10/0xb10
[ 1600.445223]  ? kasan_kmalloc+0xc4/0xe0
[ 1600.449101]  ? __kmalloc_track_caller+0x311/0x760
[ 1600.453955]  ? proc_root_lookup+0x60/0x60
[ 1600.458096]  vfs_get_super+0x6e/0x270
[ 1600.461903]  proc_get_tree+0x88/0xb0
[ 1600.465608]  vfs_get_tree+0x1cb/0x5c0
[ 1600.469405]  do_mount+0x6c1/0x1fb0
[ 1600.472958]  ? check_same_owner+0x340/0x340
[ 1600.477283]  ? lock_release+0xa30/0xa30
[ 1600.481255]  ? copy_mount_string+0x40/0x40
[ 1600.485486]  ? kasan_kmalloc+0xc4/0xe0
[ 1600.489365]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1600.494205]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1600.499737]  ? _copy_from_user+0xdf/0x150
[ 1600.503881]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1600.509420]  ? copy_mount_options+0x285/0x380
[ 1600.513927]  ksys_mount+0x12d/0x140
[ 1600.517575]  __x64_sys_mount+0xbe/0x150
[ 1600.521546]  do_syscall_64+0x1b9/0x820
[ 1600.525429]  ? finish_task_switch+0x1d3/0x870
[ 1600.529915]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1600.534841]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1600.539765]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1600.544779]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1600.549803]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1600.554465]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1600.559308]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1600.564490] RIP: 0033:0x455e29
[ 1600.567664] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1600.586885] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
03:45:39 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:39 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x0, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

[ 1600.594676] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1600.601956] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1600.609401] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1600.616766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1600.624375] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000000a
03:45:39 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000000)={0xffffffffffffffff, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, {{0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0xd}}}}, 0x108)
getsockopt$inet6_buf(r0, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xf8)
rmdir(&(0x7f0000000140)='./file0\x00')

03:45:39 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000))

03:45:39 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0xe, &(0x7f0000000000))

03:45:39 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:39 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

[ 1600.694682] binder: undelivered TRANSACTION_ERROR: 29189
03:45:39 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:39 executing program 1:
r0 = memfd_create(&(0x7f0000000200)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
write$binfmt_script(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="232104"], 0x3)
write$sndseq(r0, &(0x7f0000000040)=[{0x41, 0x9, 0x1, 0x0, @tick, {}, {}, @raw32}], 0x30)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000280)=ANY=[@ANYRES32=<r1=>0x0, @ANYBLOB="3300000086d3886446f774594fe861ed3be7a6a2e5ac54d93da80d613346aa63be55c8ca5f4559fbf7297b66718ba62ad1e78666c34972d595b330d794c16de33129e338a12ce52db3226ee2c5132675b90c2674198b5a5e463cfa0d84a7ae16b49887bf1fa8def94013c0c89ad9b4f2b4ad76e5a50aab26c5ee814396435e9cc8f39f097e300ac5a82f370f910d5542213fd7918b588f421659b4134a16b3f52d9ff6624ff429e5dfecb5f7af33e61337767de53d13179bdfd108200d507d05c82cfcbd11db4e2b049d0c89d25234360093fa076df78cdf457297f5eb2ce265ce85774b0c59d9ec9906dc"], &(0x7f00000001c0)=0x3b)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000240)={r1, 0xfffffffffffffffd}, 0x8)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={0x0, 0xfffffffffffffff7}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000100)=@int=0x80, 0x4)
ioctl$KDMKTONE(r0, 0x4b30, 0x6)
execveat(r0, &(0x7f0000000000)='\x00', &(0x7f0000000400), &(0x7f0000000380), 0x1000)

03:45:39 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0), 0x80000002)

03:45:39 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0xf, &(0x7f0000000000))

[ 1600.795871] binder: 16876:16877 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1600.826969] binder_alloc: 16876: binder_alloc_buf, no vma
[ 1600.832755] binder: 16876:16877 transaction failed 29189/-3, size 0-0 line 2967
03:45:39 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(0xffffffffffffffff, r1, &(0x7f00000000c0), 0x80000002)

03:45:39 executing program 1:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f00001c2000)=ANY=[@ANYBLOB="021800001c000000000000000000000005000600000000000a00000000000000fe8000000000000000000000000000ff000000000000000008001900000000000000080000000000ff020000000000000000000000000001000000010a0000002d95cc711c8523650000000000000000000000ff0000000005000500000000000a00000000000000fe80000000000000000000000000000000000000000000000800120000000000000000000000000027000000000100000000e33380f60000005baf5a720000000020000000000001fe8000000000000000000000000000ff"], 0xe0}, 0x1}, 0x0)

03:45:39 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x2, &(0x7f0000000000))

03:45:40 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x0, 0x0, &(0x7f0000005fd4), 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

[ 1600.879501] binder: undelivered TRANSACTION_ERROR: 29189
03:45:40 executing program 2 (fault-call:1 fault-nth:11):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1601.000945] FAULT_INJECTION: forcing a failure.
[ 1601.000945] name failslab, interval 1, probability 0, space 0, times 0
[ 1601.012344] CPU: 0 PID: 16900 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1601.020758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1601.026998] binder: 16906:16907 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1601.030113] Call Trace:
[ 1601.030139]  dump_stack+0x1c9/0x2b4
[ 1601.030158]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1601.030183]  should_fail.cold.4+0xa/0x11
[ 1601.030207]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1601.041203] binder_alloc: 16906: binder_alloc_buf, no vma
[ 1601.043440]  ? save_stack+0xa9/0xd0
[ 1601.043457]  ? save_stack+0x43/0xd0
[ 1601.043477]  ? kasan_kmalloc+0xc4/0xe0
[ 1601.048734] binder: 16906:16907 transaction failed 29189/-3, size 0-0 line 2967
[ 1601.052714]  ? __kmalloc+0x14e/0x760
[ 1601.052731]  ? __list_lru_init+0x151/0x840
[ 1601.052754]  ? alloc_super+0x976/0xb10
[ 1601.079496] binder: undelivered TRANSACTION_ERROR: 29189
[ 1601.081970]  ? sget_fc+0x269/0x950
[ 1601.081987]  ? vfs_get_super+0x6e/0x270
[ 1601.082002]  ? proc_get_tree+0x88/0xb0
[ 1601.082016]  ? vfs_get_tree+0x1cb/0x5c0
[ 1601.082031]  ? do_mount+0x6c1/0x1fb0
[ 1601.082042]  ? ksys_mount+0x12d/0x140
[ 1601.082061]  ? __x64_sys_mount+0xbe/0x150
[ 1601.127030]  ? do_syscall_64+0x1b9/0x820
[ 1601.131116]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1601.136504]  ? lock_acquire+0x1e4/0x540
[ 1601.140501]  ? fs_reclaim_acquire+0x20/0x20
[ 1601.144845]  ? lock_downgrade+0x8f0/0x8f0
[ 1601.149034]  ? check_same_owner+0x340/0x340
[ 1601.153355]  ? rcu_note_context_switch+0x730/0x730
[ 1601.158282]  __should_failslab+0x124/0x180
[ 1601.162525]  should_failslab+0x9/0x14
[ 1601.166593]  kmem_cache_alloc_node_trace+0x26f/0x770
[ 1601.171701]  ? kasan_kmalloc+0xc4/0xe0
[ 1601.175678]  __kmalloc_node+0x33/0x70
[ 1601.179470]  kvmalloc_node+0x65/0xf0
[ 1601.183308]  __list_lru_init+0x5d9/0x840
[ 1601.187450]  ? list_lru_destroy+0x500/0x500
[ 1601.191853]  ? prealloc_shrinker+0x213/0x480
[ 1601.196259]  ? __init_waitqueue_head+0x9e/0x150
[ 1601.200928]  ? inactive_list_is_low+0x850/0x850
[ 1601.205601]  ? __lockdep_init_map+0x105/0x590
[ 1601.210105]  alloc_super+0x976/0xb10
[ 1601.213823]  ? destroy_unused_super.part.11+0x110/0x110
[ 1601.219196]  ? lock_downgrade+0x8f0/0x8f0
[ 1601.223354]  ? kasan_check_read+0x11/0x20
[ 1601.227495]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1601.232083]  ? kasan_check_write+0x14/0x20
[ 1601.236319]  ? do_raw_spin_lock+0xc1/0x200
[ 1601.240545]  ? ns_test_super+0x50/0x50
[ 1601.244426]  sget_fc+0x269/0x950
[ 1601.247780]  ? compare_single+0x10/0x10
[ 1601.251745]  ? alloc_super+0xb10/0xb10
[ 1601.255625]  ? kasan_kmalloc+0xc4/0xe0
[ 1601.259538]  ? __kmalloc_track_caller+0x311/0x760
[ 1601.264396]  ? proc_root_lookup+0x60/0x60
[ 1601.268552]  vfs_get_super+0x6e/0x270
[ 1601.272353]  proc_get_tree+0x88/0xb0
[ 1601.276080]  vfs_get_tree+0x1cb/0x5c0
[ 1601.279915]  do_mount+0x6c1/0x1fb0
[ 1601.283451]  ? kasan_check_read+0x11/0x20
[ 1601.287590]  ? copy_mount_string+0x40/0x40
[ 1601.291815]  ? retint_kernel+0x10/0x10
[ 1601.295705]  ? copy_mount_options+0x1a1/0x380
[ 1601.300195]  ? __sanitizer_cov_trace_pc+0x48/0x50
[ 1601.305048]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1601.310579]  ? copy_mount_options+0x285/0x380
[ 1601.315072]  ksys_mount+0x12d/0x140
[ 1601.318700]  __x64_sys_mount+0xbe/0x150
[ 1601.322678]  do_syscall_64+0x1b9/0x820
[ 1601.326569]  ? finish_task_switch+0x1d3/0x870
[ 1601.331068]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1601.336023]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1601.340974]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1601.345999]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1601.351030]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1601.355699]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1601.360544]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1601.365997] RIP: 0033:0x455e29
[ 1601.369176] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1601.388326] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1601.396037] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1601.403313] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1601.410587] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1601.417853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1601.425133] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000000b
03:45:40 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:40 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x9, 0x80000002)

03:45:40 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x6601, 0x80000002)

03:45:40 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, 0xffffffffffffffff, &(0x7f00000000c0), 0x80000002)

03:45:40 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x3, &(0x7f0000000000))

03:45:40 executing program 1:
r0 = fcntl$getown(0xffffffffffffff9c, 0x9)
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000000)=<r1=>0x0)
r2 = socket$l2tp(0x18, 0x1, 0x1)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
kcmp(r0, r1, 0x1, r2, r3)
r4 = fcntl$dupfd(r3, 0x0, r2)
setsockopt$inet_tcp_buf(r4, 0x6, 0x21, &(0x7f0000000240)="0c77e4dadf9d540c51fcb010bec9895681dcf7004b5ec0af3d7c4da33a28fdab6e4439313f07841468dc111841c27ac8b1816914de76d04551e7172b368797744a8e2a12c33c3e5f6f8e0f46eeddc76311e35163fd29ab6971ee8d93a377626f2c10b99f5778736c2e39fe4b487c0c3625ae9c9b0c93ad30c0bfc93c2cb6fb80d8ae50edff99b124dec93578803c546c8a5872312b57e6352b863927fc244bc8683d418af1807162febe5758fafc6439881e63e646544892c61c17bf4c885cbd7bb2790320b263673b5fafc53958ee04c740d69562403b816bbf0c6999e07dceeeb2d9522c174ffdc992ad9bfc14aaeff2", 0xf1)
ioctl$RNDZAPENTCNT(r2, 0x5204, &(0x7f0000000340)=0xbf41)
r5 = syz_open_dev$evdev(&(0x7f0000000380)='/dev/input/event#\x00', 0x3f, 0xc0)
utimensat(r4, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={{0x0, 0x7530}, {0x77359400}}, 0x100)
setsockopt$inet_group_source_req(r4, 0x0, 0x0, &(0x7f0000000440)={0xbb, {{0x2, 0x4e20, @multicast2=0xe0000002}}, {{0x2, 0x4e24, @broadcast=0xffffffff}}}, 0x108)
sendto$unix(r4, &(0x7f0000000580)="bf01a785aa2191987247e71ac3f51633513328114f20227d1501ad2fd1c0b6690bc624fe268920c6c1bd6af05a0577386e6435e6479fe46e35afe236622146c62f948342f84dedd1683ef7b1471a14b99081c339ad29566a5dcbe8d2b4d720f87f58e3a694bb79b2b384f8f05fb42eb20343d2fc4cf8c6ac2f4f36ca6e99d0934d58d528d270b7b96478f1351500e0156bdb326fca0ed4a0f60dfc94e7ebc67a911ec4c30d3a2aabf87c217460b748cbfa201514862c692d982d9e8e57d00cdbece117bdd212c7f45ff9ea46a2b0de0ce72fe820406110a7d1a01f06eb6c30c78d4248237c816b44c5ef3380c9dcbd9985bce5810d4944cf66c9f5b769", 0xfd, 0x4, &(0x7f0000000680)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$sock_inet_SIOCRTMSG(r4, 0x890d, &(0x7f0000000740)={0xfffffffffffffff8, {0x2, 0x4e23, @broadcast=0xffffffff}, {0x2, 0x4e24, @multicast2=0xe0000002}, {0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}, 0x80, 0x4, 0x7, 0x81, 0x7ff, &(0x7f0000000700)='gre0\x00', 0x80000001, 0x4, 0xfffffffffffffc00})
r6 = semget(0x2, 0x2, 0x0)
semctl$IPC_INFO(r6, 0x1, 0x3, &(0x7f00000007c0)=""/151)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000880)={<r7=>0x0, 0x0, 0x9, 0x1, 0x1000, 0x1ff}, &(0x7f00000008c0)=0x14)
getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000900)={<r8=>r7, 0x5}, &(0x7f0000000940)=0x8)
r9 = syz_open_dev$audion(&(0x7f0000000980)='/dev/audio#\x00', 0x0, 0x0)
sendmsg$nl_netfilter(r4, &(0x7f0000000c00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a00)={0x1a0, 0xa, 0x9, 0x100, 0x70bd2d, 0x25dfdbfd, {0x1, 0x0, 0x8}, [@generic="5a9721451318e0c204de6fbbea44a8bdeea61f73b5edf54448ea805bd2450ab8b2f3f0253897f2fd7076d8d79a407f085879f8aaae4e396552995090910c4b8fe3e8d1eb308b496bb423900d155c733fc07860c7c0eb35ff0c4369a130d88ed90ddb0c16b1b56a47ba14e6b4ab6f7180787be333004e44ff71deb32a8c4f99469ffa8fc59c2ee6ab2f140bf84bf3a0bcd5f7e13488b63568ed5b0a9fbdd12f83f71d1f127bee3ecc916753900d78b5038fead33a82a22b2897", @typed={0x8, 0x15, @ipv4=@multicast2=0xe0000002}, @generic="c5e61f7d48a85fe82933f19ebeab05fce3d739dc9cd9ef853dc1566df977d022af24941c66cfdeb53667ebdcc7d6efabcf68da2b7e5c90d3b83932764b182a0dff68899b54b027de7d67d14bf00c9402376595b887e565bdd174d289a14e1a94d39fba8d37bf2721768505b71a9891dd441227b7e3816f682898db085280ee596b3e0580581e4f93b360693d30f57b7ceb7e004da69b1859c0cec2a49726b42ab775f48bb0daa8bb9bc64b34118b8fbe", @typed={0x18, 0x71, @str="5b3a24656d3173797374656d5e2d5d8600"}]}, 0x1a0}, 0x1, 0x0, 0x0, 0x810}, 0x40)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000000c40)={r8, 0xc5, "3152b0379af946e6ac545e1c7676807872fe5bdf5df21bfb07c80856e07f303f3df5e616bca806010b5c9ba6eaeac5056bce0efce3d2d654fa6bdd3de61cd13b831825c9f8bba4f27008327ec5f4c3ed5d2fc784130b5c555cb8b1a25934c614a373c9cdf4ff0d87e54e6a643926da1b78c11a0a8e34d08f1f733d1317ccbb9c9a93762ed431e4b78f7c186c84cbdf8cca43fd2562ec6ef74118248972d7a92ad4a67d5510b87f5a5a39ea914f5806ffe04278928c6bfd1537d1c6d1bb935bae8bec84cc03"}, &(0x7f0000000d40)=0xcd)
setsockopt$inet_tcp_TLS_RX(r9, 0x6, 0x2, &(0x7f0000000d80)={0x303, 0x33}, 0x4)
rmdir(&(0x7f0000000dc0)='./file0\x00')
ioctl$GIO_UNIMAP(r4, 0x4b66, &(0x7f0000000e40)={0x6, &(0x7f0000000e00)=[{}, {}, {}, {}, {}, {}]})
setsockopt$inet_tcp_int(r4, 0x6, 0x12, &(0x7f0000000e80)=0x6, 0x4)
mount$9p_rdma(&(0x7f0000000ec0)='127.0.0.1\x00', &(0x7f0000000f00)='./file0\x00', &(0x7f0000000f40)='9p\x00', 0x2102000, &(0x7f0000000f80)={'trans=rdma,', {'port', 0x3d, 0x4e21}, 0x2c, {[{@sq={'sq', 0x3d, 0x49}, 0x2c}, {@timeout={'timeout', 0x3d, 0x8}, 0x2c}]}})
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000001000), 0x4)
setsockopt$SO_BINDTODEVICE(r9, 0x1, 0x19, &(0x7f0000001040)='bond0\x00', 0x10)
syz_mount_image$nfs(&(0x7f0000001080)='nfs\x00', &(0x7f00000010c0)='./file0/file0\x00', 0xe0, 0x8, &(0x7f0000002640)=[{&(0x7f0000001100)="1a6dd56ee1e2257d49fd3aaf643da78b7955f2eaabbc0fbe9bc7f42153a05327611b54cfc4a42f588eb95dc4d14375d9015901415efa05423275d2f1e3e5c1c1ea4453bf649b72e5ba92dbb0e3f5243bd90df1cc022387775b4c1e80014c91bbfb75fd588419bf408f155070ebd780dc6cd5b1505511fb20978aea12efe4f013c1d0f60d2a7bd269e3c6ac203e9cd0c50885f8dd09e0b443061d5de0cd115da7b41b7b8cb5fe657d07a63d077b10f440cbd3e016032f7e3d7bad33fb14b13334bf0586b4e7ceaa6a476de7c61e3aec43f87312ca80f231cb4af3eb37740e89f895448083e2ee78aadafc7dd00a4d491e0fa19ae2eb7601356d5806d55f2e8418e8fa3b66023cae68d7e55500733bc99c2a268bdff80499cb8b5e58b0f5a153ab8c5fc178afdd0ebff536c13b07fff5b244d892d44837a28a37ecac78c0d90b7d30e1d932819befec58ef1dd9f2ee415d68d52e19c4cf6981e19d64b105de600178c029c307863bac405308c2737154c439c069c145e14887c4a321acc64890317fc50a7865f884c4ee8c89f89ad5335b77fbf6d029a23ced7371fa7daf5e0f0ed81f52b47aa4742a72db4f42975c8d751438e75b19804162a36993acfebc2819c93daa8a41d8d6fb938c65b3566feb1ec50e5d8db4c71023fcd3d9e4dc550cb214b4066e790cdfb6974e7bea6d64de2403b9d0e50d57a39dfa880c4fbfcac0feaf93f269f6ecc1b9eeec8139084646ee8544213b4ec8ecf69a734c1af82a826106390bb7c58e3e012704bb6c3a2293131dffc6a679584261be71d02c60a1d6d661fa95a94f506f3d13fdf5cfa7c8d91f79277d2d59a10c6d89a314b23afd995cca3d4310fce94cb27e1c4cc9efad69d9576aaad57f1644d67434755b62c799b5df8e902d657539d7412268f2ef3b21918b810668726a3ab63ac07d6ddd5c961e9fcbba5a6c9b88f67f4f22de72d399e91bcaeb54d7011bcf77905b508e281789ea12916b74d8c0d178f3da7f847f9994ef7b8e009c3cf96d867e9f55974682aceebc1b88088731f3e9a9f41881ad1b14380d91104f2d50e5d3f52e49fcca0b923f7f4586e472d4ab4437908760b30b8cd190aaf599752a3c6622e896eb3c7a05f30cf80909f832336482396a55e56e7bd419038ba9f75a88f4123c2f7ac41a29579d82a995f1031c5e3c42da79aac0e678fbdd811f5085dd951ad255fd2ce0c21ab58d7f6a080ae352dea387ee039ac382551d3b1495b4d811d6cd416a4258f63919e25ab28dd63a0c356f7d5a577add8e7262d864080071c3ee9a29cbfbb9527264b38703625793a5579a6f5b1eb9fff3cee57f2ad51c6a94e40027bcd3d512aa448df3db12ae5c238053cfc2e2ed514953d3d64cbd608575999fa0c714b0185af9f3f3f82000e7f91076392acba1faa8e48d442a4474a465e427a47691bbf3348ac10bb5c358c2c12237c6a58a401fcb26da5e0626d57715d7e48f4489ccd4ca7c1bebce6f70bdc8ccd53f05d65a40145199add1191b2f073d6616c06197822fdb877d9789adf1d770fca99459e81ee228838f00398ffda56a8c01a43aa870796a65d46de00a74ca1754db9b441a66063bf0db4756fea4569ef99cb27165a1fd8d0ce3ca5396dcdccd430763fd5576f500bf5bb3f4ef94acdc61d01f312edbd8241bb128d445136eb9bd42f1a51a3379ef920d290fcfe037ba0ad46cf47b843c36dee16876889b87e0adefd526ac2c7d541a0c0a1fe9239098dcb5965b98ccdfda81394c8694a1a7dd8c8fdce9a53c996061655e33d73ba8767d5396c1e941c5623ff9e0b23bf4f487c39978107ad6bd20de990dd093d0531c73c5efbd132a325d924f37c7f74d6aef56680edd1dbb50587cb827c7dcf73c67226c85878248fd2fd9a134020d05d9fc55e7c3db76cf8fc0ebd6aae76f81e705b9f8749fec289d27ae6702d5e4d33536f2ecb4afc67901245ffe49981c7196b2ad3f1716490d72ff45f9d47a8a622690084e8120ec3aba0018b6db24dc8aee18fdbecb7e26ad1477aa544db6114dd0eeb7db7adf17a6d6b5a53a02aeb1db2e410fbb6ed26734e8076ffc1533f222bfda41f8d807b8fdd95a71f3761d4e9971542218322d1ce64560afcc9ae05af6580015370d1039263f42b2e5414cf7588f4207578a953b17a14ce864c8b6c77d9342e5d9724fc0dc0faae269cffc1cd0d9f4af806c4d22241a4a13b9abbc2cb650a6ec35a8dc0e5d7e0533de0c984d6de60a8f1e7cbff577b4434c75d928aed607b2a14d3827822b2d8a7404e6a9a772ea00a0cb797eceab5a51cca09a03aa30a41ecc5e82b4bfb84e7786b58dd74cf9ab19c53675818491f61d0f2e6eba55e43e6bf1b21572565d5f0bac1613f0aa929f8da6c8b019a31b15427eb03f8815b3faebc29117b49c09d59707ab8edcb4b6b75def5c15225090103b89121a0c227bf2831caa0088386d70d8e3b75314d849c0b877f3693ea8b58ae63e3c460df92b67b55b861687a412e605bc63c18a7506d3bad034683beb124a5af3dab9866065124d85f8fda4c8b507335911739796fe389d1652ceedd4fd13ee8c4ae05797a3b186e384a6197a9f7934571dd995dfbd4f2d5c829140a9ee37ff3e8065a039f54a72996b0722fb8fd815a9aaa9b163564c8406370f2169488e6c8454b6229d9bfaad9918dbf3548bcb38eada712dd3fd4d17e4bc1c96def115e1c7be7c8524b7e80282d413933cd5e973d537f54bb1924b61d8773a98ba538d38ade11820f5838ff57569a327e932dc01192898ae0afcb9b3e3363004dc393184ff098072afe9ecaa49a40cdc9c51b5703ad2aa377eb82ea0c234c14a96ab6db5d2b832de76ffd9c907f914567863b6a39d19602298e844647327043d34b88a905a091ad2d746f58a954a147fe1c1c7f095f6886b628ea62109f3ca64d9b0bd77306f4566b955d97996ef5986eaad5885e102682ff109f8d39f15b2c3ffbf002901f2fd348b38bd65646a92cb67e830e9e580cc5cf9c93751ca240142399ddbc07a7160702ef698315d7986d0fe79f370d65451d3f2768fa92d0666fe186fd6def296969ee424a3394d8c982af35cf749bfd356caf20bc17820ff93090bf11836e8ae60a321b844ecae109fbdc4e7de023d948abf93e0832fc1eee872d24383a9a2b32c42dfae1b851266eaf0bc2bb1b8398de1cc6b5b03b2e0bf25916d926ec49ea98c001cbc231f53d8a617a8f5b719cbe5a8dc71168c8091b713b7718ea53453dda276d592d306f58bdca0460a50913be8e5ce898fa3e5e6ab6c6410f2fd5103b003abe75512c3cc097c03d24988a02e83831db07a0d506d002e023c759496c12810615a58bf535ab59d57d6e6c5bc8dc37c723b5ff38d99cca67dddb14324c39f062cc20b17bd4ac8c8c9f841d035d2ee09f76f6794af842b665ace11677fbab7abe977a4fd732ed41fe09e92a42efccc2b765c335100bbdecc42192a5c36c9257490bf3d7e5be427218f98e307c2e1925fc3f96e3c4b23be31080552546256f4b7285b8d8d1d489de23cfe9d7c6e8313e100402cc6ff412efcc9e2d10c7876b6130684545d8587f3536266570544fb93f43d93681dfb978d71616b352e65fbe4069e60000c02ea35dffce94e8fbe5dec8bac728f46b73d2690b8da778f509bbc5a95b77639ed89f28809b6c5623723aee7816315f5d4f78d5313af40fe5a596162fa1d8a43154a8156a665f21831b0214ba8499fbc337b5ef2d20f60771fc5a79653b930e989d8ae4c883fa4a2d91b4c0a69bb682c20b1152ca179b5b800a51855c34d48e02b9fdeb251082697498223e69df36f789c89e1981fa09ebca520f900b7af1998b66a4ea9332b4a1341b696816d59f68f497fe56a5b2c73a4813441028eba92a099c4aa8e3081f8c22bb6a8c7aa9fea37bb24af9bfbabd57c6f041ab2c525e465138bda59ef26d91acc4bcd80061146cd7d851bfc5e537f8deef25b3616f5d755cc0c364a354949376cf985a4997ee430cdf0d2a8b1406df73172892e6b5b8e14591e27164ce48b30c8dd7c89c6f0ba2919acae83f69c248a01e0b0ae033e873548ad9ea5fc09665aca40013dd311a90ad5cc5d39c8340a276c0e5297213b1da5b2be57ff39dc5ff1b307aa751fe35c15d03445125d7a3cf5a5891ef8f1becd2cf92a2d18ffeb0256e7842936053d5b994e2bcde0eec79dbd5871928541f6b2c3d25227386e05655a49699d6c3c16a2a7328210cc86e56f6ed7e0bdc3437971b4da1148ae639dfda9776f3e3971f54f4124c52b055c42e9777de362913f4e9d5e6690438f398d5003783b30900ef976e421f2581d72198210e4f1c05d404390a1b1a5a6aa94425a416e80521f30843223788a3e3e50879dac8e60b0aeff260c01786ad30ea64fbcdc7a45538a6e97218d56871af1f91ef004a67ff1820d1b4d40b00d0010ea4da1698694d5ed416c5c83ccd61eff103138cb55ae46a09ed31eacf40bac592316c4c984599aff0ab081d4e3d84e10dab06baf8d6f62402d961c499ec3bd4ec822dd74195371a05b07b3a224867e41c740e95daf48e624538f8170e3d0827346e1e0ce6d7abc3acfe1b3e53f3144f948cf7d851ff0fff1256c002b7fe0cf980b2b87488923eb267faca69265ef3ee9281855fd4f8fc50186bad67ae002777d0e83d932f9a0ca0084aec639e848296330d749f624723ce73f28922d4e6f9c8c48bc2dc3c67a732eb737d3d921961002d708e6db76b083e0dac224cce723186ec04849c96336275a4de95ec8262705ceba7bcc2be094f819af53fd351931e10a17d338bd507400f79453e8cbc5cb0a5e6469db905be2cbece319c1288f022154485a69a4c5db52df1f8203eb9dc6b35d9a910df63b0e87055a98c4dbf20bef9bf466e1348d09f82830e8bf36f64d46b3eaedadde55c90275dee33cfb50c22c7a4a2e9ab49db186b936fc9a563d40094aa851084dddc012dd76ec8765a497317dd6a7c0308cca661fd48281d060c4f32c1348212dd2a81cdde54cd89fbc92073dd52b6f3d8278c5ca3fe15324a6ade36544ab4032a48c250bf63672988b0f8198699532925fc1df78fee2cfc4af5f3b2372b72b04a4833db7a728ebadea6945739fd5b25e4bb4eaf5d62a044991122975b1a9c0c6acc6c867a9ea48c4596ab73f5c0a7e45671025071326371e28724e542499e31caf10d1403a25f599716c769fa0beab4911ae02fc71163c3ab2cd4171dbe607f804768951062b847c5670d559ad566d873b8f98f69d7c261b620dfce8b9e56a87b47e8c06447e286f43f65e31008c5633722bb743e13a6609d16ec23dac83faef62e352248d54a98f61e99a2c606d1a8da678c01d8df7c06a3df3a70b2e42574ea0ef0a93b5f1cb20931d13bc4ff0bc3a80444877e498effd263bd4cf7ebf881f86689c185ac05236f428212947247aaead60c7f4eca91cb1cad009c967e61a52835eb205e5ff0e4fa57ff8474efaffb52890aabc634dba509c28536e8bf5d301ed10b570afaca5e54c099037f88adbb96776c74c156f24300d83cde716a601a3b8a4f8652fa553868ec4fe9711515da997223e89770efe1630816e4ea8879a21fa948fdcbe96e2245dcb3c01b925b06a2f2cd1d63b64f4aaa45c3f8fd479824d1c34a847499bb2404d441813bbf2a3bafbb575215a2c4aee3a4e54c29adb1cb2153e179b5da263f50bf3c30b981627bfcab5c371a691404655144634bd6e63569b2d7d1bb552d3b2752d8e9c710f77e45799183b7b7527c26edad1fdaafcce", 0x1000, 0x8}, {&(0x7f0000002100)="21943fbf52b61efd187326d10c22d215f5178f77fe72ca7a4f72576fc03e3de0730fc048fb4edf712817a71ce97e878866d06e1499ab0b8f7027d25d446d8f093ced77e3a4662899fb32557ab3dbf55203d14b922f6fd4e239bd7f", 0x5b, 0x1}, {&(0x7f0000002180)="08b03f8e1b367d48386064971df747ff6a03e5c9e8714e3c56012dd4d9e5b263bbe97f75f40e235ae5e5d5e48a6507c3df74378741edaa7aec5c31f7937ac183294e145b9b9c9a53beea5d413bbc6e81badab29c983cac9f0f52cbcdf6b0464fc5bb5ab1edf58045252d60173a89b19adc16c34d649ff29f0e2b355307c99d2b0d96b72b6ef48b2a", 0x88, 0xa4}, {&(0x7f0000002240)="6e35c071154782db972c63e49f5cb9a4e56bb8cc0bd18a0030403dbbc69b61c12a66ae829062a2f707d6092331af27be847878112ad33795dc18cf2fddcc35a1de4cb3f0067d22c876b796277c34785487648c2755fbfb4caaa716a5bc5228f83913b3b773e4e7221ab8be16cc36b5a439c673b459b6f95ce86be00d816f67a03ad2804857831d979abcbf179d02f6564e0f82dd11366b4ef27e91d8913d336db35811d3e48003f65cd3f68b553a11aca82c7dc7be3978863353d3f844a9e9e5b436d1e143b2429cf7778e56a76a61c107489fb133a98e0a48a67409", 0xdc, 0xfff}, {&(0x7f0000002340)="ff957d1a671fc2eff4f91f94bf3ae1004e1ec4a20a3e57062a432e91d5b2f2f6bb436d0e7812d38e7c6eb64a1cbb7ad884d13a259693e2d806f988049320b90d8fa6ada7b3457f5557233ec4b73659718e2878c9b7d28ccd94d8406705da8dbf46e8419aeb78464d4a931e08545379418d778c9aadce51ae63f8a9a016f53e5d25fff8c95eae29d0cc1773bc38f96669d671fc5b48ebc5e0e9e22bcd34b0c4e67ed4056bb4572b1e4a61e3766083cdcf28c8ab353fb7a53d9f2569c6c563a82ee8a0a792214fc3ff68", 0xc9, 0x14a}, {&(0x7f0000002440)="7c354cd687d281a73de3f73b5bec9ca173360579e055b6c831f296f3c4ec18c0fa7bfc5c0fac4dee6acbc4ed12872282e6e40c767b4def09d17a2ee66b32d722f062003c044c55fbbcff08f6c122edf898b1ff3b36eb81ebc758e0e90e8d9256962cf8d5540e4aeaef7024ce571214317049776160d8894c484ebfeed1", 0x7d, 0x8}, {&(0x7f00000024c0)="145db9de08be1bdb7b83bd1180c787f5ec25939732034efdbc05fcb3d113373ad1ad6b69e26f8d3e14c48f890f5324c610b2f00a1d9d8e0bcfc24a2faf00280a9c6aef6b2ed99e23e77cf6cc78680431520ef69011a1b046acc2efb9b569e284838608ea7f03c1c31473d34c4b9022edd6df2272187af02a518afe29e4ed513a37f57f519093b334974d6f5de3a096ee0aed5308364c76a96befb5a396fe5ba1e68661c51e686bc4163c1c7036589537bc74acae4445b8db46ca23be8dd0d8639e4f0c8b237684d240b94fb3db194c36f6c8598667", 0xd5, 0x80}, {&(0x7f00000025c0)="7fcc04d3347a946bd17b8eb1cb513fd4f28da3872cfb79ababf7b9c37f8bbba33bb9f0ec6bb8464892ae44fdb7d03c802b52f3970452b2fd9d7d56bd7bd1dcd523d1c64cf350d6c5c4d801f0b3c03f21df8b490d5f2ad91f2c8b48b8ec4961c434eab7a9e9b8", 0x66, 0x8}], 0x80020, &(0x7f0000002700)=':eth0cgrouplosecuritywlan0*proc\b+\x00')
ioctl$PPPIOCSMRU(r9, 0x40047452, &(0x7f0000002740)=0x2)
poll(&(0x7f0000002780)=[{r9}, {r5, 0x1020}, {r2, 0x4000}, {r3, 0x40}], 0x4, 0x1f)

03:45:40 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x0, 0x0, &(0x7f0000005fd4), 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:40 executing program 2 (fault-call:1 fault-nth:12):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1601.539527] binder: 16916:16920 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1601.573705] binder_alloc: 16916: binder_alloc_buf, no vma
[ 1601.579501] binder: 16916:16920 transaction failed 29189/-3, size 0-0 line 2967
[ 1601.579611] FAULT_INJECTION: forcing a failure.
[ 1601.579611] name failslab, interval 1, probability 0, space 0, times 0
[ 1601.598603] CPU: 1 PID: 16925 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1601.607158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1601.617520] Call Trace:
[ 1601.620131]  dump_stack+0x1c9/0x2b4
[ 1601.623783]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1601.629108]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1601.634760]  should_fail.cold.4+0xa/0x11
03:45:40 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x4c00000000000000, 0x80000002)

03:45:40 executing program 1:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
r1 = socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(r1, &(0x7f0000000100), 0x2, 0x0, 0x0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x800, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x61, &(0x7f0000000100)={'filter\x00', 0x4}, 0x68)
sendmsg$nl_route(r1, &(0x7f0000001400)={&(0x7f00000001c0)={0x10}, 0xc, &(0x7f00000013c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001200050100000000000000000a00cc04d10000ee91e665e41c6b984ddcfa13d2170a0a1b8475b3c46520cfcad2c6ce0b583a6a8ae6ccf227269db7a605445b1bceb9b5cd2f116523bdc9dacbc34a9f9f87725a22cf9c8545e529ea42c55d676f539ee4123a50efe9b23379eae37770e4cb4aa10da18847306b3a5ac118c2c194b02f8ff32de32b8ff7e4594d6efca57418e069ca7487220dfc37703c9d1da4c20f7d4616d64ed8619d1caa"], 0x14}, 0x1}, 0x0)

03:45:40 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x0)

03:45:40 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0xb, &(0x7f0000000000))

[ 1601.638871]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1601.644002]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1601.646391] binder: undelivered TRANSACTION_ERROR: 29189
[ 1601.649560]  ? replace_slot+0xc9/0x4c0
[ 1601.649576]  ? __save_stack_trace+0x8d/0xf0
[ 1601.649595]  ? plist_requeue+0x650/0x650
[ 1601.667465]  ? save_stack+0xa9/0xd0
[ 1601.671142]  ? lock_acquire+0x1e4/0x540
[ 1601.675135]  ? lock_acquire+0x1e4/0x540
[ 1601.679124]  ? fs_reclaim_acquire+0x20/0x20
[ 1601.683455]  ? lock_downgrade+0x8f0/0x8f0
03:45:40 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x0, 0x0, &(0x7f0000005fd4), 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:40 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x6800000000000000, 0x80000002)

[ 1601.687625]  ? check_same_owner+0x340/0x340
[ 1601.691971]  ? check_same_owner+0x340/0x340
[ 1601.696328]  ? rcu_note_context_switch+0x730/0x730
[ 1601.701296]  __should_failslab+0x124/0x180
[ 1601.705553]  should_failslab+0x9/0x14
[ 1601.709387]  __kmalloc+0x2c8/0x760
[ 1601.712939]  ? rcu_note_context_switch+0x730/0x730
[ 1601.717882]  ? __list_lru_init+0x151/0x840
[ 1601.722145]  __list_lru_init+0x151/0x840
[ 1601.726250]  ? list_lru_destroy+0x500/0x500
[ 1601.730606]  ? prealloc_shrinker+0x124/0x480
[ 1601.735049]  ? prealloc_shrinker+0x213/0x480
[ 1601.739488]  ? __init_waitqueue_head+0x9e/0x150
[ 1601.744179]  ? inactive_list_is_low+0x850/0x850
[ 1601.748893]  ? __lockdep_init_map+0x105/0x590
[ 1601.753412]  alloc_super+0x976/0xb10
[ 1601.757148]  ? destroy_unused_super.part.11+0x110/0x110
[ 1601.762535]  ? lock_downgrade+0x8f0/0x8f0
[ 1601.766709]  ? kasan_check_read+0x11/0x20
[ 1601.770889]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1601.775507]  ? kasan_check_write+0x14/0x20
[ 1601.776767] binder: 16950:16952 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
03:45:40 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xd0e000000000000, 0x80000002)

[ 1601.779759]  ? do_raw_spin_lock+0xc1/0x200
[ 1601.779779]  ? ns_test_super+0x50/0x50
[ 1601.779794]  sget_fc+0x269/0x950
[ 1601.779810]  ? compare_single+0x10/0x10
[ 1601.779830]  ? alloc_super+0xb10/0xb10
[ 1601.806221]  ? kasan_kmalloc+0xc4/0xe0
[ 1601.810145]  ? __kmalloc_track_caller+0x311/0x760
[ 1601.815104]  ? proc_root_lookup+0x60/0x60
[ 1601.819362]  vfs_get_super+0x6e/0x270
[ 1601.823180]  proc_get_tree+0x88/0xb0
[ 1601.826473] binder_alloc: 16950: binder_alloc_buf, no vma
[ 1601.826904]  vfs_get_tree+0x1cb/0x5c0
03:45:40 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x4c00, 0x80000002)

[ 1601.832521] binder: 16950:16952 transaction failed 29189/-3, size 0-0 line 2967
[ 1601.836226]  do_mount+0x6c1/0x1fb0
[ 1601.836243]  ? kasan_check_write+0x14/0x20
[ 1601.836263]  ? copy_mount_string+0x40/0x40
[ 1601.856060]  ? kasan_kmalloc+0xc4/0xe0
[ 1601.859970]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1601.864841]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1601.870403]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1601.875963]  ? copy_mount_options+0x285/0x380
[ 1601.880477]  ksys_mount+0x12d/0x140
[ 1601.884129]  __x64_sys_mount+0xbe/0x150
[ 1601.888154]  do_syscall_64+0x1b9/0x820
[ 1601.892086]  ? finish_task_switch+0x1d3/0x870
[ 1601.896612]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1601.901567]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1601.906514]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1601.909265] binder: undelivered TRANSACTION_ERROR: 29189
[ 1601.911545]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1601.911563]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1601.911580]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1601.911603]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1601.937022] RIP: 0033:0x455e29
[ 1601.940211] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1601.959511] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1601.967240] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1601.974525] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1601.981815] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1601.989452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1601.996748] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000000c
03:45:41 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:41 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0xc, &(0x7f0000000000))

03:45:41 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x6000000, 0x80000002)

03:45:41 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xc00, 0x80000002)

03:45:41 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f, 0x0, 0x3}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:41 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x0)

03:45:41 executing program 2 (fault-call:1 fault-nth:13):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:41 executing program 1:
r0 = socket(0xa, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x2)
ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070")
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x2, 0x2e0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200004c0], 0x0, &(0x7f0000000040), &(0x7f00000004c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x3, 0x0, 0x8100, 'nr0\x00', 'team0\x00', 'vlan0\x00', 'veth0_to_team\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], 0xd0, 0x100, 0x130, [@vlan={'vlan\x00', 0x8, {{0x1, 0x0, 0x892f, 0x7}}}, @connlabel={'connlabel\x00', 0x8}]}, [@common=@STANDARD={'\x00', 0x8}]}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0xb, 0x0, 0x0, 'bond0\x00', 'team0\x00', 'bond0\x00', 'veth1_to_bridge\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0xc0, 0xf0}, [@common=@log={'log\x00', 0x28, {{0x0, "1bf3c55d5257f4f23744c12de105a023359e3d6aa076fb6db6b41c6940a3"}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8}}]}]}, 0x358)

[ 1602.613079] FAULT_INJECTION: forcing a failure.
[ 1602.613079] name failslab, interval 1, probability 0, space 0, times 0
[ 1602.624402] CPU: 0 PID: 16985 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1602.632814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1602.642158] Call Trace:
[ 1602.644792]  dump_stack+0x1c9/0x2b4
[ 1602.648434]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1602.653629]  ? __kernel_text_address+0xd/0x40
[ 1602.658125]  ? unwind_get_return_address+0x61/0xa0
[ 1602.663062]  should_fail.cold.4+0xa/0x11
[ 1602.667141]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1602.672267]  ? save_stack+0xa9/0xd0
[ 1602.675912]  ? save_stack+0x43/0xd0
[ 1602.679556]  ? kasan_kmalloc+0xc4/0xe0
[ 1602.683465]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1602.688328]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1602.693541]  ? __list_lru_init+0x4d6/0x840
[ 1602.697802]  ? alloc_super+0x976/0xb10
[ 1602.701714]  ? vfs_get_super+0x6e/0x270
[ 1602.705725]  ? proc_get_tree+0x88/0xb0
[ 1602.709633]  ? vfs_get_tree+0x1cb/0x5c0
03:45:41 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x44, 0x0, &(0x7f0000000240)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:41 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x0)

[ 1602.713636]  ? do_mount+0x6c1/0x1fb0
[ 1602.716927] binder_alloc: 17000: binder_alloc_buf, no vma
[ 1602.717363]  ? ksys_mount+0x12d/0x140
[ 1602.717380]  ? __x64_sys_mount+0xbe/0x150
[ 1602.717398]  ? do_syscall_64+0x1b9/0x820
[ 1602.717415]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1602.717437]  ? save_stack+0xa9/0xd0
[ 1602.723043] binder: 17000:17002 transaction failed 29189/-3, size 0-0 line 2967
[ 1602.726771]  ? lock_acquire+0x1e4/0x540
[ 1602.726793]  ? fs_reclaim_acquire+0x20/0x20
[ 1602.759690]  ? lock_downgrade+0x8f0/0x8f0
03:45:41 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0xd, &(0x7f0000000000))

03:45:41 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x44, 0x0, &(0x7f0000000240)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

[ 1602.763770] binder: undelivered TRANSACTION_ERROR: 29189
[ 1602.763854]  ? check_same_owner+0x340/0x340
[ 1602.773621]  ? rcu_note_context_switch+0x730/0x730
[ 1602.778569]  __should_failslab+0x124/0x180
[ 1602.783540]  should_failslab+0x9/0x14
[ 1602.787356]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1602.792042]  ? kasan_kmalloc+0xc4/0xe0
[ 1602.795970]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1602.801020]  ? kvfree_rcu+0x20/0x20
[ 1602.804669]  ? __kmalloc_node+0x47/0x70
[ 1602.808664]  __list_lru_init+0x4d6/0x840
03:45:41 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x2000000}})

[ 1602.812749]  ? list_lru_destroy+0x500/0x500
[ 1602.817095]  ? prealloc_shrinker+0x213/0x480
[ 1602.821522]  ? __init_waitqueue_head+0x9e/0x150
[ 1602.826211]  ? inactive_list_is_low+0x850/0x850
[ 1602.830902]  ? __lockdep_init_map+0x105/0x590
[ 1602.835422]  alloc_super+0x976/0xb10
[ 1602.838199] binder_alloc: 17009: binder_alloc_buf, no vma
[ 1602.839154]  ? destroy_unused_super.part.11+0x110/0x110
[ 1602.839175]  ? lock_downgrade+0x8f0/0x8f0
[ 1602.839195]  ? kasan_check_read+0x11/0x20
[ 1602.839216]  ? do_raw_spin_trylock+0x1c0/0x1c0
03:45:41 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x44, 0x0, &(0x7f0000000240)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

[ 1602.844787] binder: 17009:17010 transaction failed 29189/-3, size 0-0 line 2967
[ 1602.850111]  ? kasan_check_write+0x14/0x20
[ 1602.850124]  ? do_raw_spin_lock+0xc1/0x200
[ 1602.850145]  ? ns_test_super+0x50/0x50
[ 1602.869356] binder: undelivered TRANSACTION_ERROR: 29189
[ 1602.870475]  sget_fc+0x269/0x950
[ 1602.870492]  ? compare_single+0x10/0x10
[ 1602.870510]  ? alloc_super+0xb10/0xb10
[ 1602.870526]  ? kasan_kmalloc+0xc4/0xe0
[ 1602.870545]  ? __kmalloc_track_caller+0x311/0x760
[ 1602.908264]  ? proc_root_lookup+0x60/0x60
03:45:41 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3f00}})

[ 1602.912437]  vfs_get_super+0x6e/0x270
[ 1602.916262]  proc_get_tree+0x88/0xb0
[ 1602.919998]  vfs_get_tree+0x1cb/0x5c0
[ 1602.923824]  do_mount+0x6c1/0x1fb0
[ 1602.927380]  ? kasan_check_read+0x11/0x20
[ 1602.931543]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1602.935970]  ? copy_mount_string+0x40/0x40
[ 1602.939966] binder_alloc: 17015: binder_alloc_buf, no vma
[ 1602.940218]  ? kasan_kmalloc+0xc4/0xe0
[ 1602.940244]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1602.945871] binder: 17015:17016 transaction failed 29189/-3, size 0-0 line 2967
03:45:42 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0xff0c0000}})

[ 1602.949661]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1602.949676]  ? copy_mount_options+0x285/0x380
[ 1602.949696]  ksys_mount+0x12d/0x140
[ 1602.962638] binder: undelivered TRANSACTION_ERROR: 29189
[ 1602.967490]  __x64_sys_mount+0xbe/0x150
[ 1602.967509]  do_syscall_64+0x1b9/0x820
[ 1602.967524]  ? finish_task_switch+0x1d3/0x870
[ 1602.967541]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1602.967555]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1602.967574]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1603.008316]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1603.013409]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1603.018110]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1603.022988]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1603.028192] RIP: 0033:0x455e29
[ 1603.031381] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1603.050675] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1603.058399] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1603.065692] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1603.072983] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1603.080269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1603.087556] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000000d
[ 1603.089068] cannot load conntrack support for proto=7
03:45:42 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x3, 0x80000002)

03:45:42 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}, @transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}}], 0x0, 0x0, &(0x7f0000000300)})

03:45:42 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:42 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0xff0c}})

03:45:42 executing program 6 (fault-call:4 fault-nth:0):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:42 executing program 2 (fault-call:1 fault-nth:14):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:42 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xd000000, 0x80000002)

03:45:42 executing program 1:
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000010000)="000100000008000081000000c9035d7cf4000204000000000000000000000000000000000020000000010000000000016e5fbe5a0000ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000180)={[{@journal_checksum='journal_checksum', 0x2c}, {@jqfmt_vfsv1='jqfmt=vfsv1', 0x2c}]})
r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0xffffffff, 0xa00)
ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000040)={0x57, 0x1, 0x181, {0x77, 0x2}, {0xcc}, @const={0x2, {0x5, 0x3, 0x2}}})

[ 1603.570063] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[ 1603.589418] binder: 17045:17046 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1603.601920] FAULT_INJECTION: forcing a failure.
[ 1603.601920] name failslab, interval 1, probability 0, space 0, times 0
[ 1603.605794] FAULT_INJECTION: forcing a failure.
[ 1603.605794] name failslab, interval 1, probability 0, space 0, times 0
[ 1603.613359] CPU: 0 PID: 17048 Comm: syz-executor6 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1603.633538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1603.642886] Call Trace:
[ 1603.645478]  dump_stack+0x1c9/0x2b4
[ 1603.649102]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1603.654291]  ? trace_hardirqs_on+0x10/0x10
[ 1603.658523]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1603.664061]  should_fail.cold.4+0xa/0x11
[ 1603.668122]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1603.673223]  ? lock_release+0xa30/0xa30
[ 1603.677199]  ? dput.part.26+0x248/0x7a0
[ 1603.681174]  ? lock_downgrade+0x8f0/0x8f0
[ 1603.685322]  ? trace_hardirqs_on+0x10/0x10
[ 1603.689556]  ? mntput_no_expire+0x18e/0xbc0
[ 1603.693874]  ? do_raw_spin_lock+0xc1/0x200
[ 1603.698105]  ? mnt_get_count+0x150/0x150
[ 1603.702165]  ? lock_acquire+0x1e4/0x540
[ 1603.706135]  ? fs_reclaim_acquire+0x20/0x20
[ 1603.710455]  ? lock_downgrade+0x8f0/0x8f0
[ 1603.714598]  ? __fdget_pos+0x1bb/0x200
[ 1603.718479]  ? check_same_owner+0x340/0x340
[ 1603.722797]  ? rcu_note_context_switch+0x730/0x730
[ 1603.727724]  __should_failslab+0x124/0x180
[ 1603.731956]  should_failslab+0x9/0x14
[ 1603.735755]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1603.740420]  ? _parse_integer+0x190/0x190
[ 1603.744570]  alloc_pipe_info+0x175/0x5a0
[ 1603.748628]  ? pipe_read+0x940/0x940
[ 1603.752338]  ? ksys_dup3+0x690/0x690
[ 1603.756047]  ? lock_release+0xa30/0xa30
[ 1603.760018]  ? pid_task+0x115/0x200
[ 1603.763645]  splice_direct_to_actor+0x6fc/0x8f0
[ 1603.768316]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1603.773849]  ? pipe_to_sendpage+0x400/0x400
[ 1603.778168]  ? do_splice_to+0x190/0x190
[ 1603.782138]  ? security_file_permission+0x1c2/0x230
[ 1603.787155]  ? rw_verify_area+0x118/0x360
[ 1603.791308]  do_splice_direct+0x2d4/0x420
[ 1603.795462]  ? splice_direct_to_actor+0x8f0/0x8f0
[ 1603.800299]  ? rw_verify_area+0x118/0x360
[ 1603.804439]  do_sendfile+0x62a/0xe20
[ 1603.808152]  ? do_compat_pwritev64+0x1c0/0x1c0
[ 1603.812739]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1603.818272]  ? _copy_from_user+0xdf/0x150
[ 1603.822417]  __x64_sys_sendfile64+0x15d/0x250
[ 1603.826908]  ? __ia32_sys_sendfile+0x2a0/0x2a0
[ 1603.831491]  do_syscall_64+0x1b9/0x820
[ 1603.835374]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1603.840301]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1603.845225]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1603.850236]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1603.855253]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1603.859921]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1603.864762]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1603.869954] RIP: 0033:0x455e29
[ 1603.873131] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1603.892417] RSP: 002b:00007f397f15fc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1603.900122] RAX: ffffffffffffffda RBX: 00007f397f1606d4 RCX: 0000000000455e29
[ 1603.907384] RDX: 00000000200000c0 RSI: 0000000000000015 RDI: 0000000000000014
[ 1603.914650] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[ 1603.921915] R10: 0000000080000002 R11: 0000000000000246 R12: 0000000000000017
[ 1603.929177] R13: 00000000004c1113 R14: 00000000004d1540 R15: 0000000000000000
[ 1603.936454] CPU: 1 PID: 17051 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1603.944874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1603.954227] Call Trace:
[ 1603.956816]  dump_stack+0x1c9/0x2b4
[ 1603.960451]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1603.965652]  should_fail.cold.4+0xa/0x11
[ 1603.969706]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1603.974798]  ? is_bpf_text_address+0xd7/0x170
[ 1603.979302]  ? kernel_text_address+0x79/0xf0
[ 1603.983703]  ? __kernel_text_address+0xd/0x40
[ 1603.988191]  ? unwind_get_return_address+0x61/0xa0
[ 1603.993112]  ? __save_stack_trace+0x8d/0xf0
[ 1603.997432]  ? save_stack+0xa9/0xd0
[ 1604.001055]  ? lock_acquire+0x1e4/0x540
[ 1604.005024]  ? fs_reclaim_acquire+0x20/0x20
[ 1604.009340]  ? lock_downgrade+0x8f0/0x8f0
[ 1604.013475]  ? __x64_sys_mount+0xbe/0x150
[ 1604.017618]  ? check_same_owner+0x340/0x340
[ 1604.021932]  ? rcu_note_context_switch+0x730/0x730
[ 1604.026855]  __should_failslab+0x124/0x180
[ 1604.031080]  should_failslab+0x9/0x14
[ 1604.034873]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1604.039532]  ? kasan_kmalloc+0xc4/0xe0
[ 1604.043411]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1604.048418]  ? kvfree_rcu+0x20/0x20
[ 1604.052035]  ? __kmalloc_node+0x47/0x70
[ 1604.056001]  __list_lru_init+0x4d6/0x840
[ 1604.060057]  ? list_lru_destroy+0x500/0x500
[ 1604.064377]  ? prealloc_shrinker+0x213/0x480
[ 1604.068772]  ? __init_waitqueue_head+0x9e/0x150
[ 1604.073427]  ? inactive_list_is_low+0x850/0x850
[ 1604.078090]  ? __lockdep_init_map+0x105/0x590
[ 1604.082580]  alloc_super+0x976/0xb10
[ 1604.086287]  ? destroy_unused_super.part.11+0x110/0x110
[ 1604.091642]  ? lock_downgrade+0x8f0/0x8f0
[ 1604.095782]  ? kasan_check_read+0x11/0x20
[ 1604.099917]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1604.104491]  ? kasan_check_write+0x14/0x20
[ 1604.108715]  ? do_raw_spin_lock+0xc1/0x200
[ 1604.112938]  ? ns_test_super+0x50/0x50
[ 1604.116812]  sget_fc+0x269/0x950
[ 1604.120167]  ? compare_single+0x10/0x10
[ 1604.124135]  ? alloc_super+0xb10/0xb10
[ 1604.128022]  ? kasan_kmalloc+0xc4/0xe0
[ 1604.131903]  ? __kmalloc_track_caller+0x311/0x760
[ 1604.136740]  ? proc_root_lookup+0x60/0x60
[ 1604.140882]  vfs_get_super+0x6e/0x270
[ 1604.144676]  proc_get_tree+0x88/0xb0
[ 1604.148381]  vfs_get_tree+0x1cb/0x5c0
[ 1604.152174]  do_mount+0x6c1/0x1fb0
[ 1604.155728]  ? kasan_check_write+0x14/0x20
[ 1604.159955]  ? copy_mount_string+0x40/0x40
[ 1604.164180]  ? kasan_kmalloc+0xc4/0xe0
[ 1604.168059]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1604.172895]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1604.178422]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1604.183948]  ? copy_mount_options+0x285/0x380
[ 1604.188434]  ksys_mount+0x12d/0x140
[ 1604.192058]  __x64_sys_mount+0xbe/0x150
[ 1604.196028]  do_syscall_64+0x1b9/0x820
[ 1604.199906]  ? finish_task_switch+0x1d3/0x870
[ 1604.204392]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1604.209315]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1604.214235]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1604.219244]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1604.224251]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1604.228909]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1604.233744]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1604.238920] RIP: 0033:0x455e29
[ 1604.242092] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1604.261295] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1604.268994] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1604.276254] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1604.283512] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1604.290767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1604.298024] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000000e
03:45:43 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0xcff}})

03:45:43 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xd, 0x80000002)

03:45:43 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x500, 0x80000002)

[ 1604.332486] binder_alloc: 17045: binder_alloc_buf, no vma
[ 1604.338166] binder: 17045:17046 transaction failed 29189/-3, size 0-0 line 2967
[ 1604.344937] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
03:45:43 executing program 6 (fault-call:4 fault-nth:1):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

03:45:43 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:43 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
r1 = openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x408000, 0x80)
ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r1, 0x800455d1, &(0x7f0000000280))
getsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000180)={@loopback, @multicast1}, &(0x7f00000001c0)=0x8)
r2 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffb}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f00001bf000/0x1000)=nil, 0x1000, 0x0, 0x4011, r2, 0x0)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000200)={[{0x3, 0xced7, 0xc0a, 0x35, 0x101, 0x5, 0x0, 0x8, 0x7, 0x9c1, 0x8353, 0x2, 0x3ff800000}, {0x7fff, 0x6, 0x8, 0x10001, 0x7e, 0xfe, 0x100000000, 0x5, 0x1, 0x1, 0x80000000, 0x100000001, 0x6}, {0xc1, 0xfff, 0x10000, 0x5, 0x9, 0x2, 0x1f, 0xffff, 0x3, 0x7, 0x4, 0x7, 0x3ff}], 0xddb})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x80, 0x0)
perf_event_open(&(0x7f00000002c0)={0x5, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000040), 0x2}, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, r2, 0xb)

[ 1604.388986] binder: undelivered TRANSACTION_ERROR: 29189
03:45:43 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x68, 0x80000002)

03:45:43 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x2}})

03:45:43 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xfffffffffffff000, 0x80000002)

03:45:43 executing program 2 (fault-call:1 fault-nth:15):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1604.485619] binder: 17077:17078 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1604.600545] FAULT_INJECTION: forcing a failure.
[ 1604.600545] name failslab, interval 1, probability 0, space 0, times 0
[ 1604.611915] CPU: 1 PID: 17097 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1604.619603] FAULT_INJECTION: forcing a failure.
[ 1604.619603] name failslab, interval 1, probability 0, space 0, times 0
[ 1604.620324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1604.620330] Call Trace:
[ 1604.620352]  dump_stack+0x1c9/0x2b4
[ 1604.620378]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1604.652276]  ? __kernel_text_address+0xd/0x40
[ 1604.656773]  ? unwind_get_return_address+0x61/0xa0
[ 1604.661707]  should_fail.cold.4+0xa/0x11
[ 1604.665767]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1604.670870]  ? save_stack+0xa9/0xd0
[ 1604.674497]  ? save_stack+0x43/0xd0
[ 1604.678120]  ? kasan_kmalloc+0xc4/0xe0
[ 1604.682004]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1604.686850]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1604.692038]  ? __list_lru_init+0x4d6/0x840
[ 1604.696268]  ? alloc_super+0x976/0xb10
[ 1604.700153]  ? vfs_get_super+0x6e/0x270
[ 1604.704126]  ? proc_get_tree+0x88/0xb0
[ 1604.708009]  ? vfs_get_tree+0x1cb/0x5c0
[ 1604.711993]  ? do_mount+0x6c1/0x1fb0
[ 1604.715702]  ? ksys_mount+0x12d/0x140
[ 1604.719500]  ? __x64_sys_mount+0xbe/0x150
[ 1604.723651]  ? do_syscall_64+0x1b9/0x820
[ 1604.727710]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1604.733072]  ? save_stack+0xa9/0xd0
[ 1604.736703]  ? lock_acquire+0x1e4/0x540
[ 1604.740672]  ? fs_reclaim_acquire+0x20/0x20
[ 1604.744990]  ? lock_downgrade+0x8f0/0x8f0
[ 1604.749139]  ? __x64_sys_mount+0xbe/0x150
[ 1604.753284]  ? check_same_owner+0x340/0x340
[ 1604.757604]  ? rcu_note_context_switch+0x730/0x730
[ 1604.762533]  __should_failslab+0x124/0x180
[ 1604.766765]  should_failslab+0x9/0x14
[ 1604.770573]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1604.775235]  ? kasan_kmalloc+0xc4/0xe0
[ 1604.779124]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1604.784146]  ? kvfree_rcu+0x20/0x20
[ 1604.787766]  ? __kmalloc_node+0x47/0x70
[ 1604.791736]  __list_lru_init+0x4d6/0x840
[ 1604.795795]  ? list_lru_destroy+0x500/0x500
[ 1604.800114]  ? prealloc_shrinker+0x213/0x480
[ 1604.804516]  ? __init_waitqueue_head+0x9e/0x150
[ 1604.809182]  ? inactive_list_is_low+0x850/0x850
[ 1604.813851]  ? __lockdep_init_map+0x105/0x590
[ 1604.818343]  alloc_super+0x976/0xb10
[ 1604.822056]  ? destroy_unused_super.part.11+0x110/0x110
[ 1604.827436]  ? lock_downgrade+0x8f0/0x8f0
[ 1604.831587]  ? kasan_check_read+0x11/0x20
[ 1604.835727]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1604.840305]  ? kasan_check_write+0x14/0x20
[ 1604.844538]  ? do_raw_spin_lock+0xc1/0x200
[ 1604.848767]  ? ns_test_super+0x50/0x50
[ 1604.852650]  sget_fc+0x269/0x950
[ 1604.856013]  ? compare_single+0x10/0x10
[ 1604.859982]  ? alloc_super+0xb10/0xb10
[ 1604.863867]  ? kasan_kmalloc+0xc4/0xe0
[ 1604.867753]  ? __kmalloc_track_caller+0x311/0x760
[ 1604.872592]  ? proc_root_lookup+0x60/0x60
[ 1604.876737]  vfs_get_super+0x6e/0x270
[ 1604.880531]  proc_get_tree+0x88/0xb0
[ 1604.884236]  vfs_get_tree+0x1cb/0x5c0
[ 1604.888038]  do_mount+0x6c1/0x1fb0
[ 1604.891578]  ? kasan_check_write+0x14/0x20
[ 1604.895813]  ? copy_mount_string+0x40/0x40
[ 1604.900044]  ? kasan_kmalloc+0xc4/0xe0
[ 1604.903930]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1604.908772]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1604.914309]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1604.919842]  ? copy_mount_options+0x285/0x380
[ 1604.924336]  ksys_mount+0x12d/0x140
[ 1604.927960]  __x64_sys_mount+0xbe/0x150
[ 1604.931931]  do_syscall_64+0x1b9/0x820
[ 1604.935817]  ? finish_task_switch+0x1d3/0x870
[ 1604.940307]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1604.945235]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1604.950157]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1604.955170]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1604.960182]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1604.964845]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1604.969688]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1604.974866] RIP: 0033:0x455e29
[ 1604.978043] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1604.997289] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1605.004995] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1605.012258] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1605.019535] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1605.026810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1605.034079] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000000f
[ 1605.041359] CPU: 0 PID: 17075 Comm: syz-executor6 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1605.049773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1605.059311] Call Trace:
[ 1605.061913]  dump_stack+0x1c9/0x2b4
[ 1605.065560]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1605.070768]  ? __kernel_text_address+0xd/0x40
[ 1605.075287]  should_fail.cold.4+0xa/0x11
[ 1605.079372]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1605.084496]  ? save_stack+0xa9/0xd0
[ 1605.088144]  ? save_stack+0x43/0xd0
[ 1605.091770]  ? kasan_kmalloc+0xc4/0xe0
[ 1605.095648]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1605.100480]  ? alloc_pipe_info+0x175/0x5a0
[ 1605.104720]  ? splice_direct_to_actor+0x6fc/0x8f0
[ 1605.109560]  ? do_sendfile+0x62a/0xe20
[ 1605.113443]  ? __x64_sys_sendfile64+0x15d/0x250
[ 1605.118102]  ? do_syscall_64+0x1b9/0x820
[ 1605.122153]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1605.127507]  ? lock_acquire+0x1e4/0x540
[ 1605.131480]  ? percpu_ref_put_many+0x119/0x240
[ 1605.136063]  ? lock_downgrade+0x8f0/0x8f0
[ 1605.140211]  ? lock_acquire+0x1e4/0x540
[ 1605.144178]  ? fs_reclaim_acquire+0x20/0x20
[ 1605.148490]  ? lock_downgrade+0x8f0/0x8f0
[ 1605.152626]  ? lock_downgrade+0x8f0/0x8f0
[ 1605.156767]  ? check_same_owner+0x340/0x340
[ 1605.161074]  ? percpu_ref_put_many+0x131/0x240
[ 1605.165642]  ? rcu_note_context_switch+0x730/0x730
[ 1605.170577]  __should_failslab+0x124/0x180
[ 1605.174824]  should_failslab+0x9/0x14
[ 1605.178614]  __kmalloc+0x2c8/0x760
[ 1605.182143]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1605.186975]  ? _parse_integer+0x190/0x190
[ 1605.191116]  ? alloc_pipe_info+0x2a8/0x5a0
[ 1605.195340]  alloc_pipe_info+0x2a8/0x5a0
[ 1605.199390]  ? pipe_read+0x940/0x940
[ 1605.203097]  ? ksys_dup3+0x690/0x690
[ 1605.206823]  ? lock_release+0xa30/0xa30
[ 1605.210808]  ? pid_task+0x115/0x200
[ 1605.214441]  splice_direct_to_actor+0x6fc/0x8f0
[ 1605.219110]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1605.224637]  ? pipe_to_sendpage+0x400/0x400
[ 1605.228948]  ? do_splice_to+0x190/0x190
[ 1605.232923]  ? security_file_permission+0x1c2/0x230
[ 1605.237935]  ? rw_verify_area+0x118/0x360
[ 1605.242075]  do_splice_direct+0x2d4/0x420
[ 1605.246214]  ? splice_direct_to_actor+0x8f0/0x8f0
[ 1605.251054]  ? rw_verify_area+0x118/0x360
[ 1605.255197]  do_sendfile+0x62a/0xe20
[ 1605.258900]  ? do_compat_pwritev64+0x1c0/0x1c0
[ 1605.263479]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1605.269009]  ? _copy_from_user+0xdf/0x150
[ 1605.273168]  __x64_sys_sendfile64+0x15d/0x250
[ 1605.277655]  ? __ia32_sys_sendfile+0x2a0/0x2a0
[ 1605.282235]  do_syscall_64+0x1b9/0x820
[ 1605.286118]  ? finish_task_switch+0x1d3/0x870
[ 1605.290610]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1605.295614]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1605.300536]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1605.305546]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1605.310553]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1605.315222]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1605.320061]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1605.325234] RIP: 0033:0x455e29
[ 1605.328405] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
03:45:44 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:44 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xe00, 0x80000002)

03:45:44 executing program 5 (fault-call:4 fault-nth:0):
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:44 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0xff0c000000000000}})

03:45:44 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xf00, 0x80000002)

03:45:44 executing program 1:
ioctl(0xffffffffffffffff, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070")
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000700)=@nat={'nat\x00', 0x19, 0x2, 0x290, [0x20000780, 0x0, 0x0, 0x200007b0, 0x20000938], 0x0, &(0x7f0000000000), &(0x7f0000000780)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0100000011004000000000000000696662300000000000000000000000007465716c30000000000000000000000064756d6d793000000000000000000000697036677265746170300000000000000180c20000000000000000000180c20000000000000000000000b000000020010000580100006f776e65720000000000000000000000000000000000000000000000000000001800000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000736e61740c0000000000000000000000000000000000000000000003000000000000000000000000aaaaaaaaaa0000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000002000000000000007400000000000000000000000000000000000000000000000000e9ffff0f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000013000000000000000000627269646765300000000000000000007465616d5f736c6176655f30000000006970366772657461703000000000000073797a6b616c6c657231000000000000ffffffffffff000000000000eec374026e2100000000000000007000000070000000a8000000736c617400000000000000000000000000000000000000000000000000000000100000000000000062d1faecfd4100000000000000000000"]}, 0x308)

03:45:44 executing program 2 (fault-call:1 fault-nth:16):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:44 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0), 0x80000002)

[ 1605.347553] RSP: 002b:00007f397f15fc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1605.355248] RAX: ffffffffffffffda RBX: 00007f397f1606d4 RCX: 0000000000455e29
[ 1605.362507] RDX: 00000000200000c0 RSI: 0000000000000015 RDI: 0000000000000014
[ 1605.369780] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[ 1605.377045] R10: 0000000080000002 R11: 0000000000000246 R12: 0000000000000017
[ 1605.384301] R13: 00000000004c1113 R14: 00000000004d1540 R15: 0000000000000001
[ 1605.430602] binder: 17112:17114 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1605.445075] FAULT_INJECTION: forcing a failure.
[ 1605.445075] name failslab, interval 1, probability 0, space 0, times 0
[ 1605.456404] CPU: 1 PID: 17107 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1605.464816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1605.474179] Call Trace:
[ 1605.476775]  dump_stack+0x1c9/0x2b4
[ 1605.480418]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1605.485626]  ? __kernel_text_address+0xd/0x40
[ 1605.490137]  ? unwind_get_return_address+0x61/0xa0
[ 1605.495092]  should_fail.cold.4+0xa/0x11
[ 1605.499171]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1605.504305]  ? save_stack+0xa9/0xd0
[ 1605.507952]  ? save_stack+0x43/0xd0
[ 1605.511598]  ? kasan_kmalloc+0xc4/0xe0
[ 1605.515506]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1605.520359]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1605.525572]  ? __list_lru_init+0x4d6/0x840
[ 1605.529830]  ? alloc_super+0x976/0xb10
[ 1605.533737]  ? vfs_get_super+0x6e/0x270
[ 1605.537732]  ? proc_get_tree+0x88/0xb0
[ 1605.541680]  ? vfs_get_tree+0x1cb/0x5c0
[ 1605.545672]  ? do_mount+0x6c1/0x1fb0
[ 1605.549397]  ? ksys_mount+0x12d/0x140
[ 1605.553206]  ? __x64_sys_mount+0xbe/0x150
[ 1605.557365]  ? do_syscall_64+0x1b9/0x820
[ 1605.561442]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1605.566831]  ? save_stack+0xa9/0xd0
[ 1605.570477]  ? lock_acquire+0x1e4/0x540
[ 1605.574473]  ? fs_reclaim_acquire+0x20/0x20
[ 1605.578814]  ? lock_downgrade+0x8f0/0x8f0
[ 1605.582978]  ? __x64_sys_mount+0xbe/0x150
[ 1605.587164]  ? check_same_owner+0x340/0x340
[ 1605.591505]  ? rcu_note_context_switch+0x730/0x730
[ 1605.596457]  __should_failslab+0x124/0x180
[ 1605.600707]  should_failslab+0x9/0x14
[ 1605.604503]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1605.609182]  ? kasan_kmalloc+0xc4/0xe0
[ 1605.613065]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1605.618883]  ? kvfree_rcu+0x20/0x20
[ 1605.622503]  ? __kmalloc_node+0x47/0x70
[ 1605.626471]  __list_lru_init+0x4d6/0x840
[ 1605.630525]  ? list_lru_destroy+0x500/0x500
[ 1605.634839]  ? prealloc_shrinker+0x213/0x480
[ 1605.639345]  ? __init_waitqueue_head+0x9e/0x150
[ 1605.644014]  ? inactive_list_is_low+0x850/0x850
[ 1605.648679]  ? __lockdep_init_map+0x105/0x590
[ 1605.653171]  alloc_super+0x976/0xb10
[ 1605.656879]  ? destroy_unused_super.part.11+0x110/0x110
[ 1605.662235]  ? lock_downgrade+0x8f0/0x8f0
[ 1605.666393]  ? kasan_check_read+0x11/0x20
[ 1605.670534]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1605.675109]  ? kasan_check_write+0x14/0x20
[ 1605.679334]  ? do_raw_spin_lock+0xc1/0x200
[ 1605.683581]  ? ns_test_super+0x50/0x50
[ 1605.687465]  sget_fc+0x269/0x950
[ 1605.690825]  ? compare_single+0x10/0x10
[ 1605.694791]  ? alloc_super+0xb10/0xb10
[ 1605.698669]  ? kasan_kmalloc+0xc4/0xe0
[ 1605.702550]  ? __kmalloc_track_caller+0x311/0x760
[ 1605.707386]  ? proc_root_lookup+0x60/0x60
[ 1605.711525]  vfs_get_super+0x6e/0x270
[ 1605.715319]  proc_get_tree+0x88/0xb0
[ 1605.719029]  vfs_get_tree+0x1cb/0x5c0
[ 1605.722828]  do_mount+0x6c1/0x1fb0
[ 1605.726366]  ? kasan_check_write+0x14/0x20
[ 1605.730594]  ? copy_mount_string+0x40/0x40
[ 1605.734819]  ? kasan_kmalloc+0xc4/0xe0
[ 1605.738698]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1605.743536]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1605.749067]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1605.754601]  ? copy_mount_options+0x285/0x380
[ 1605.759088]  ksys_mount+0x12d/0x140
[ 1605.762710]  __x64_sys_mount+0xbe/0x150
[ 1605.766679]  do_syscall_64+0x1b9/0x820
[ 1605.770560]  ? finish_task_switch+0x1d3/0x870
[ 1605.775068]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1605.779990]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1605.784936]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1605.790119]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1605.795131]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1605.799806]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1605.804648]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1605.809830] RIP: 0033:0x455e29
[ 1605.813010] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
03:45:44 executing program 1:
r0 = open(&(0x7f0000000040)='./file0\x00', 0x100, 0x8)
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r0, 0x111, 0x2, 0x1, 0x4)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0)
read(r1, &(0x7f00000000c0)=""/151, 0x97)

03:45:44 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xc, 0x80000002)

03:45:44 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:44 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xfffffff0, 0x80000002)

03:45:44 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:44 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xf0, 0x80000002)

[ 1605.832209] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1605.839905] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1605.847164] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1605.854424] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1605.861681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1605.869042] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000010
03:45:45 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3f00000000000000}})

03:45:45 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xb, 0x80000002)

03:45:45 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:45 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xe, 0x80000002)

[ 1605.962247] binder: 17143:17146 BC_CLEAR_DEATH_NOTIFICATION death notification not active
03:45:45 executing program 2 (fault-call:1 fault-nth:17):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:45 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xf00, 0x80000002)

03:45:45 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xf00000000000000, 0x80000002)

03:45:45 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x200000000000000}})

03:45:45 executing program 0:
read(0xffffffffffffffff, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(0xffffffffffffffff, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:45 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0045877, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

[ 1606.102237] FAULT_INJECTION: forcing a failure.
[ 1606.102237] name failslab, interval 1, probability 0, space 0, times 0
[ 1606.113588] CPU: 1 PID: 17161 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1606.122000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1606.131350] Call Trace:
[ 1606.133937]  dump_stack+0x1c9/0x2b4
[ 1606.137561]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1606.142749]  ? __kernel_text_address+0xd/0x40
[ 1606.147235]  ? unwind_get_return_address+0x61/0xa0
[ 1606.152158]  should_fail.cold.4+0xa/0x11
[ 1606.156212]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1606.161310]  ? save_stack+0xa9/0xd0
[ 1606.164932]  ? save_stack+0x43/0xd0
[ 1606.168549]  ? kasan_kmalloc+0xc4/0xe0
[ 1606.172430]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1606.177267]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1606.182450]  ? __list_lru_init+0x4d6/0x840
[ 1606.186698]  ? alloc_super+0x976/0xb10
[ 1606.190592]  ? vfs_get_super+0x6e/0x270
[ 1606.194563]  ? proc_get_tree+0x88/0xb0
[ 1606.198442]  ? vfs_get_tree+0x1cb/0x5c0
[ 1606.202672]  ? do_mount+0x6c1/0x1fb0
[ 1606.206379]  ? ksys_mount+0x12d/0x140
[ 1606.210170]  ? __x64_sys_mount+0xbe/0x150
[ 1606.214309]  ? do_syscall_64+0x1b9/0x820
[ 1606.218363]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1606.223723]  ? save_stack+0xa9/0xd0
[ 1606.227344]  ? lock_acquire+0x1e4/0x540
[ 1606.231311]  ? fs_reclaim_acquire+0x20/0x20
[ 1606.235623]  ? lock_downgrade+0x8f0/0x8f0
[ 1606.239762]  ? lock_downgrade+0x8f0/0x8f0
[ 1606.243904]  ? check_same_owner+0x340/0x340
[ 1606.248221]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1606.252620]  ? rcu_note_context_switch+0x730/0x730
[ 1606.257545]  __should_failslab+0x124/0x180
[ 1606.261773]  should_failslab+0x9/0x14
[ 1606.265565]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1606.270233]  ? kasan_kmalloc+0xc4/0xe0
[ 1606.274116]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1606.279125]  ? kvfree_rcu+0x20/0x20
[ 1606.282757]  ? __kmalloc_node+0x47/0x70
[ 1606.286722]  __list_lru_init+0x4d6/0x840
[ 1606.290774]  ? list_lru_destroy+0x500/0x500
[ 1606.295090]  ? prealloc_shrinker+0x213/0x480
[ 1606.299488]  ? __init_waitqueue_head+0x9e/0x150
[ 1606.304147]  ? inactive_list_is_low+0x850/0x850
[ 1606.308810]  ? __lockdep_init_map+0x105/0x590
[ 1606.313301]  alloc_super+0x976/0xb10
[ 1606.317012]  ? destroy_unused_super.part.11+0x110/0x110
[ 1606.322377]  ? lock_downgrade+0x8f0/0x8f0
[ 1606.326542]  ? kasan_check_read+0x11/0x20
[ 1606.330679]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1606.335257]  ? kasan_check_write+0x14/0x20
[ 1606.339483]  ? do_raw_spin_lock+0xc1/0x200
[ 1606.343711]  ? ns_test_super+0x50/0x50
[ 1606.347587]  sget_fc+0x269/0x950
[ 1606.350941]  ? compare_single+0x10/0x10
[ 1606.354908]  ? alloc_super+0xb10/0xb10
[ 1606.358786]  ? kasan_kmalloc+0xc4/0xe0
[ 1606.362668]  ? __kmalloc_track_caller+0x311/0x760
[ 1606.367504]  ? proc_root_lookup+0x60/0x60
[ 1606.371649]  vfs_get_super+0x6e/0x270
[ 1606.375442]  proc_get_tree+0x88/0xb0
[ 1606.379145]  vfs_get_tree+0x1cb/0x5c0
[ 1606.382935]  do_mount+0x6c1/0x1fb0
[ 1606.386473]  ? kasan_check_write+0x14/0x20
[ 1606.390716]  ? copy_mount_string+0x40/0x40
[ 1606.394947]  ? retint_kernel+0x10/0x10
[ 1606.398826]  ? copy_mount_options+0x1f0/0x380
[ 1606.403310]  ? copy_mount_options+0x1f6/0x380
[ 1606.407795]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1606.413325]  ? copy_mount_options+0x285/0x380
[ 1606.417813]  ksys_mount+0x12d/0x140
[ 1606.421516]  __x64_sys_mount+0xbe/0x150
[ 1606.425482]  do_syscall_64+0x1b9/0x820
[ 1606.429359]  ? finish_task_switch+0x1d3/0x870
[ 1606.433845]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1606.438764]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1606.443680]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1606.448689]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1606.453701]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1606.458360]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1606.463198]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1606.468377] RIP: 0033:0x455e29
[ 1606.471549] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1606.490759] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1606.498457] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1606.505714] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1606.512971] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1606.520315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1606.527573] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000011
[ 1606.567258] binder: BINDER_SET_CONTEXT_MGR already set
03:45:45 executing program 0:
read(0xffffffffffffffff, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(0xffffffffffffffff, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:45 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xb000000, 0x80000002)

03:45:45 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x400000000000000, 0x80000002)

03:45:45 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x3f000000}})

03:45:45 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x6c000000, 0x80000002)

03:45:45 executing program 2 (fault-call:1 fault-nth:18):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:45 executing program 1:
r0 = socket$inet(0x2, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1)
setsockopt$inet_int(r0, 0x0, 0xd1, &(0x7f0000000040)=0xffffffa4, 0x100)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x0, 0x8})
stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = getuid()
stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000001180)=@nat={'nat\x00', 0x19, 0x3, 0xe28, [0x20000340, 0x0, 0x0, 0x20000370, 0x20000e58], 0x0, &(0x7f00000000c0), &(0x7f0000000340)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xfffffffffffffffc, 0x1, [{{{0x3, 0x1, 0x884c, 'rose0\x00', 'sit0\x00', 'nr0\x00', 'bond0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, [0xff, 0xff, 0x0, 0x0, 0xff, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0x0, 0xff, 0xff, 0xff, 0x0, 0xff], 0x908, 0x988, 0xab8, [@among={'among\x00', 0x838, {{0x757d, 0x8, 0x2, {[0x2, 0x200, 0x5, 0x3, 0x9, 0x5, 0x7fffffff, 0x7f, 0x80, 0x101, 0x6, 0x6, 0x3, 0x2, 0x3, 0x40, 0x9, 0x8, 0x1, 0x0, 0x9, 0xffff, 0x465, 0x101, 0x200, 0xf141, 0x10001, 0xffff, 0x6, 0x9595, 0x0, 0x50, 0x0, 0x5, 0x1, 0x2, 0x2, 0x7, 0x6, 0x18c, 0x9, 0x93, 0x7, 0x6, 0x3, 0x4, 0x4, 0x3ff, 0x898, 0x40, 0x9, 0x4, 0x4, 0x4d, 0xffff, 0x0, 0x8, 0x20, 0x100, 0x800000000000000, 0x1, 0x1, 0x8, 0xffffffffffffff80, 0xc3e5, 0x10001, 0x8, 0x0, 0x7, 0xffff, 0xe28, 0x7fffffff, 0x3, 0x2000000, 0x20, 0x8000, 0x2, 0x3, 0x5, 0x6, 0x100, 0x0, 0xfffffffffffffeff, 0x1b, 0x28128cb1, 0x18000, 0x3, 0x7, 0x100000000, 0x2, 0x1, 0x5, 0x985, 0x1, 0x1f, 0x7f, 0x0, 0xfff, 0x6, 0x3f31, 0x0, 0x5b8, 0x4, 0x3, 0x9, 0xfffffffffffffffe, 0xeb8, 0x1f, 0x7, 0x6, 0x40, 0xfff, 0x0, 0x2, 0x4, 0x3, 0xff, 0x1, 0x401, 0x3, 0x42, 0x9, 0x3ff, 0x2000000000000000, 0xdb6e, 0x8001, 0xec01, 0x7fff, 0x1, 0x4, 0xb2df, 0xfff, 0xed4, 0x4, 0x40, 0xfffffffffffff538, 0x3ff, 0x7ff, 0x4, 0xfffffffffffffffd, 0x3, 0x9, 0x7, 0x8001, 0x7, 0x1, 0x7f, 0x81, 0x7, 0x8, 0x4, 0x3f, 0x3f, 0xfffffffffffffffa, 0x2, 0x0, 0x7, 0x9, 0x3, 0x20f2, 0x20, 0x4, 0x9, 0xfffffffffffffff7, 0xfffffffffffffffe, 0x4, 0x9, 0x400, 0x1, 0x1000, 0xb86, 0x7fff, 0x6, 0x5, 0x1, 0x1f, 0x40, 0x9, 0x0, 0x4, 0x8, 0x2, 0x12, 0xe44, 0x6, 0x9, 0x6, 0x1cfc, 0x532, 0x0, 0x7f, 0x400, 0x6, 0x2, 0x615a, 0x100, 0x80000000, 0x5, 0x9, 0x3, 0x5, 0x5, 0x8, 0x0, 0xe20, 0x32, 0x7f, 0x370c, 0x7, 0x5, 0x4, 0x20a8, 0x7fffffff, 0x68, 0x2, 0x7ff, 0x1, 0xff000, 0x8000, 0x4, 0xad, 0x100, 0x7, 0x7, 0x3f, 0x39, 0x9, 0xd544, 0x0, 0xd1c5, 0x44, 0x8000, 0xffffffffffff3aab, 0x47, 0x5, 0x5, 0x0, 0x9, 0x8, 0xa8e, 0x1ff, 0x8, 0x5, 0x4, 0x1, 0x9, 0x6, 0x3, 0x800, 0x1000, 0x6, 0x3ff, 0x2, 0x99a, 0x1, 0x7ff, 0x6], 0x1, [{[0x4, 0x3], @rand_addr=0x6c5996c1}]}, {[0x5, 0x9, 0x0, 0x7ff, 0x7d, 0x3, 0x200, 0x1, 0x800, 0x8, 0x2, 0x80, 0x67e604ad, 0x3, 0x3d, 0x7, 0xf3ff, 0x0, 0x81, 0x200, 0x4, 0x7, 0x1, 0x4, 0x0, 0x1, 0x7, 0x3ff, 0x6, 0x3, 0xffff, 0x9000000000000000, 0x9, 0x8, 0x48d, 0xfba6, 0x4, 0xaa, 0xfffffffffffffff9, 0x2, 0x1, 0xfffffffffffffffd, 0x4, 0x5a, 0x7, 0xffff, 0x3ff, 0x1, 0x0, 0x22, 0x7, 0x0, 0x6, 0x9, 0x1ff, 0x1800000000, 0x0, 0xffffffff, 0x6, 0x20, 0x2, 0x0, 0x20, 0x6, 0x4, 0x8, 0x1, 0x400, 0x8, 0x2, 0x8001, 0xbc1f8c1, 0x1668b8e4, 0x6, 0x7, 0x7fffffff, 0xfffffffffffffff9, 0x0, 0x40, 0x8ec, 0x7fffffff, 0x50c9, 0x0, 0x3, 0x4, 0x3, 0x9, 0x2, 0xfff, 0x800, 0xe4, 0x400, 0x800, 0x5, 0x3718a29d, 0xa8d, 0x814, 0x3, 0x4f, 0x8001, 0x2, 0x9, 0x8000, 0x8000, 0x1, 0x0, 0x7, 0x8, 0xfff, 0x80000000, 0x3, 0x7fff, 0xfffffffffffffffc, 0x0, 0x82, 0x8, 0x3, 0x5, 0x1, 0xffffffffffffff7f, 0x3, 0x34750ba4, 0xffff, 0x2, 0x4aee, 0x9, 0x0, 0x5, 0x5, 0x5, 0x3ff, 0xffffffffffffb69d, 0x7, 0xfff, 0x1, 0x1f, 0x20, 0x10000, 0x1ff, 0x0, 0x3, 0x80000000, 0x7, 0xffffffff, 0x3, 0x8, 0x400, 0x7, 0x1548a751, 0x8d13, 0x80000000000000, 0xb6e, 0xfff, 0x2, 0x100, 0x8, 0x5, 0x6, 0x4, 0xf930869, 0x7fff, 0x3f, 0x8000, 0xffffffffffffaa7b, 0x6, 0xb1c1, 0x2, 0x10000, 0x7, 0x2, 0xfffffffffffffff7, 0x1, 0xa1c4, 0x9, 0x5, 0x4, 0x3, 0x4, 0x1, 0x5, 0x3, 0xd57, 0xec1, 0x7, 0x3, 0x0, 0x1, 0x33a, 0x7f, 0x8000, 0xffffffffffffff17, 0x3, 0x9, 0x8551, 0x39f2, 0x52, 0x7, 0x0, 0x6, 0x0, 0x6, 0xcf, 0x2, 0x4, 0x4a9e, 0x8, 0x0, 0x8, 0x8, 0x200, 0x469, 0x7ff, 0xff, 0x1000, 0x3ff, 0x8, 0x8, 0x1da, 0x100, 0xfffffffffffffff9, 0x0, 0x101, 0xa97, 0x97, 0x8, 0x1, 0x4, 0x8000, 0x96bf, 0x1, 0x0, 0x64, 0x767c, 0x2, 0x6, 0x1, 0x0, 0x20, 0x4, 0x8001, 0x81e, 0xfffffffffffffff7, 0x6, 0x7, 0x6, 0xffffffff, 0x7fff, 0x5, 0x9, 0x7, 0xffff, 0xad, 0x10000, 0x5, 0x6, 0x8, 0x101], 0x1, [{[0x8, 0x7f], @remote={0xac, 0x14, 0x14, 0xbb}}]}}}}, @mac={'mac\x00', 0x10}]}, [@common=@RATEEST={'RATEEST\x00', 0x20, {{'syz0\x00', 0x5, 0x3, 0x7}}}, @common=@mark={'mark\x00', 0x10, {{0x0, 0xfffffffffffffffd}}}]}, @common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0x8000, 'system_u:object_r:setrans_exec_t:s0\x00'}}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x19, 0x20, 0x88a7, 'yam0\x00', 'bridge_slave_0\x00', 'ip_vti0\x00', 'veth1_to_bond\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, [0xff, 0xff, 0xff, 0xff, 0x0, 0xff], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xa}, [0xff, 0xff, 0x0, 0x6d6023b7f48bb503, 0xff, 0xff], 0xb0, 0x120, 0x158, [@owner={'owner\x00', 0x18, {{r2, r3, r4, r5, 0x6, 0x3}}}]}, [@snat={'snat\x00', 0x10, {{@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xfffffffffffffffc}}}, @snat={'snat\x00', 0x10, {{@random="c87024850759"}}}]}, @snat={'snat\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2}, 0xfffffffffffffffc}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x3, 0x1, 0x8137, 'gretap0\x00', 'veth1_to_bond\x00', 'sit0\x00', 'ip6tnl0\x00', @empty, [0xff, 0x0, 0xff, 0xff, 0xff, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, [0xff, 0xff, 0xff, 0x0, 0x0, 0xff], 0xe8, 0x120, 0x158, [@ip6={'ip6\x00', 0x50, {{@loopback={0x0, 0x1}, @empty, [0xffffffff, 0x0, 0xffffffff, 0xffffffff], [0xffffffff, 0xff0000ff, 0x0, 0xff000000], 0xa000000000000, 0x6f, 0x34, 0x4, 0x4e22, 0x4e23, 0x4e21, 0x4e21}}}]}, [@snat={'snat\x00', 0x10, {{@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 0xfffffffffffffffe}}}]}, @snat={'snat\x00', 0x10, {{@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xffffffffffffffff}}}}]}]}, 0xea0)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)

[ 1606.613124] binder: 17178:17179 ioctl 40046207 0 returned -16
[ 1606.646683] binder: 17178:17179 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1606.700914] FAULT_INJECTION: forcing a failure.
[ 1606.700914] name failslab, interval 1, probability 0, space 0, times 0
[ 1606.712233] CPU: 0 PID: 17198 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1606.720645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1606.730012] Call Trace:
[ 1606.732615]  dump_stack+0x1c9/0x2b4
[ 1606.736262]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1606.741409] binder: BINDER_SET_CONTEXT_MGR already set
[ 1606.741472]  ? __kernel_text_address+0xd/0x40
[ 1606.751232]  ? unwind_get_return_address+0x61/0xa0
[ 1606.753498] binder: 17205:17206 ioctl 40046207 0 returned -16
[ 1606.756178]  should_fail.cold.4+0xa/0x11
[ 1606.756197]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1606.756219]  ? save_stack+0xa9/0xd0
[ 1606.774876]  ? save_stack+0x43/0xd0
[ 1606.778513]  ? kasan_kmalloc+0xc4/0xe0
[ 1606.783204]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1606.788078]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1606.793285]  ? __list_lru_init+0x4d6/0x840
[ 1606.797531]  ? alloc_super+0x976/0xb10
[ 1606.801436]  ? vfs_get_super+0x6e/0x270
[ 1606.805425]  ? proc_get_tree+0x88/0xb0
[ 1606.809333]  ? vfs_get_tree+0x1cb/0x5c0
[ 1606.813337]  ? do_mount+0x6c1/0x1fb0
[ 1606.814263] binder: BINDER_SET_CONTEXT_MGR already set
[ 1606.817059]  ? ksys_mount+0x12d/0x140
[ 1606.817072]  ? __x64_sys_mount+0xbe/0x150
[ 1606.817093]  ? do_syscall_64+0x1b9/0x820
[ 1606.829728] binder: 17212:17213 ioctl 40046207 0 returned -16
[ 1606.830292]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1606.830315]  ? save_stack+0xa9/0xd0
[ 1606.849213]  ? lock_acquire+0x1e4/0x540
[ 1606.853197]  ? fs_reclaim_acquire+0x20/0x20
[ 1606.857537]  ? lock_downgrade+0x8f0/0x8f0
[ 1606.861700]  ? __x64_sys_mount+0xbe/0x150
[ 1606.865872]  ? check_same_owner+0x340/0x340
[ 1606.870210]  ? rcu_note_context_switch+0x730/0x730
[ 1606.875157]  __should_failslab+0x124/0x180
[ 1606.879426]  should_failslab+0x9/0x14
[ 1606.883275]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1606.886609] binder: BINDER_SET_CONTEXT_MGR already set
[ 1606.887965]  ? kasan_kmalloc+0xc4/0xe0
[ 1606.887988]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1606.901014] binder: 17219:17220 ioctl 40046207 0 returned -16
[ 1606.902145]  ? kvfree_rcu+0x20/0x20
[ 1606.902168]  ? __kmalloc_node+0x47/0x70
[ 1606.915634]  __list_lru_init+0x4d6/0x840
[ 1606.919766]  ? list_lru_destroy+0x500/0x500
[ 1606.924107]  ? prealloc_shrinker+0x213/0x480
[ 1606.928521]  ? __init_waitqueue_head+0x9e/0x150
[ 1606.933243]  ? inactive_list_is_low+0x850/0x850
[ 1606.937928]  ? __lockdep_init_map+0x105/0x590
[ 1606.942441]  alloc_super+0x976/0xb10
[ 1606.946168]  ? destroy_unused_super.part.11+0x110/0x110
[ 1606.951550]  ? lock_downgrade+0x8f0/0x8f0
[ 1606.955720]  ? kasan_check_read+0x11/0x20
[ 1606.957608] binder: 17226:17227 ioctl c0306225 200003c0 returned -22
[ 1606.959876]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1606.959894]  ? kasan_check_write+0x14/0x20
[ 1606.959905]  ? do_raw_spin_lock+0xc1/0x200
[ 1606.959927]  ? ns_test_super+0x50/0x50
[ 1606.977442] binder: BINDER_SET_CONTEXT_MGR already set
[ 1606.979440]  sget_fc+0x269/0x950
[ 1606.979453]  ? compare_single+0x10/0x10
[ 1606.979472]  ? alloc_super+0xb10/0xb10
[ 1606.989038] binder: 17226:17227 ioctl 40046207 0 returned -16
[ 1606.991982]  ? kasan_kmalloc+0xc4/0xe0
[ 1606.991998]  ? __kmalloc_track_caller+0x311/0x760
[ 1606.992022]  ? proc_root_lookup+0x60/0x60
[ 1607.000742] binder: 17226:17231 ioctl c0306225 200003c0 returned -22
[ 1607.005754]  vfs_get_super+0x6e/0x270
[ 1607.005772]  proc_get_tree+0x88/0xb0
[ 1607.005785]  vfs_get_tree+0x1cb/0x5c0
[ 1607.005805]  do_mount+0x6c1/0x1fb0
[ 1607.039956]  ? kasan_check_write+0x14/0x20
[ 1607.044213]  ? copy_mount_string+0x40/0x40
[ 1607.048466]  ? kasan_kmalloc+0xc4/0xe0
[ 1607.052368]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1607.057245]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1607.062066] binder: 17233:17234 ioctl c0306263 200003c0 returned -22
[ 1607.062807]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1607.074824]  ? copy_mount_options+0x285/0x380
[ 1607.076645] binder: BINDER_SET_CONTEXT_MGR already set
[ 1607.079336]  ksys_mount+0x12d/0x140
[ 1607.079354]  __x64_sys_mount+0xbe/0x150
[ 1607.079377]  do_syscall_64+0x1b9/0x820
[ 1607.086372] binder: 17233:17234 ioctl 40046207 0 returned -16
[ 1607.088264]  ? finish_task_switch+0x1d3/0x870
[ 1607.088283]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1607.088301]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1607.092705] binder: 17233:17238 ioctl c0306263 200003c0 returned -22
[ 1607.096136]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1607.096151]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1607.096167]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1607.096210]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1607.142403]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1607.147605] RIP: 0033:0x455e29
03:45:45 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0x5450, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:45 executing program 0:
read(0xffffffffffffffff, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(0xffffffffffffffff, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:45 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0x4020940d, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:45 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(0xffffffffffffffff, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:45 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0x2, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:45 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(0xffffffffffffffff, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:46 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306225, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:46 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(0xffffffffffffffff, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:46 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306263, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:46 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

[ 1607.150789] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1607.170022] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1607.177750] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1607.185033] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1607.192418] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
03:45:46 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xf0ffffff, 0x80000002)

03:45:46 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0xff0c000000000000}})

03:45:46 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xf00, 0x80000002)

03:45:46 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc030625d, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

[ 1607.199699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1607.206979] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000012
[ 1607.242256] binder: 17246:17248 ioctl c030625d 200003c0 returned -22
03:45:46 executing program 2 (fault-call:1 fault-nth:19):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:46 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x4c00000000000000, 0x80000002)

03:45:46 executing program 1:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x1bc}, 0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=<r1=>0x0, &(0x7f00000001c0)=0x4)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0xd, &(0x7f00000000c0)={r1}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000140), &(0x7f0000000180)=0x4)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000200)={'nat\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78)
syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x5, 0x400000)

03:45:46 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x10, 0x80000002)

03:45:46 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}})

03:45:46 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x4c000000, 0x80000002)

[ 1607.281580] binder: BINDER_SET_CONTEXT_MGR already set
[ 1607.290155] binder: 17246:17248 ioctl 40046207 0 returned -16
[ 1607.311543] sctp: [Deprecated]: syz-executor1 (pid 17259) Use of int in maxseg socket option.
[ 1607.311543] Use struct sctp_assoc_value instead
[ 1607.350791] FAULT_INJECTION: forcing a failure.
[ 1607.350791] name failslab, interval 1, probability 0, space 0, times 0
[ 1607.362236] CPU: 1 PID: 17271 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1607.365831] binder: 17246:17274 ioctl c030625d 200003c0 returned -22
[ 1607.370648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1607.370654] Call Trace:
[ 1607.370675]  dump_stack+0x1c9/0x2b4
[ 1607.370694]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1607.370713]  ? __kernel_text_address+0xd/0x40
[ 1607.370727]  ? unwind_get_return_address+0x61/0xa0
[ 1607.370745]  should_fail.cold.4+0xa/0x11
[ 1607.370765]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1607.378380] sctp: [Deprecated]: syz-executor1 (pid 17275) Use of int in maxseg socket option.
[ 1607.378380] Use struct sctp_assoc_value instead
[ 1607.386620]  ? save_stack+0xa9/0xd0
[ 1607.386637]  ? save_stack+0x43/0xd0
[ 1607.386660]  ? kasan_kmalloc+0xc4/0xe0
[ 1607.440890]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1607.445755]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1607.450965]  ? __list_lru_init+0x4d6/0x840
[ 1607.455225]  ? alloc_super+0x976/0xb10
[ 1607.459130]  ? vfs_get_super+0x6e/0x270
[ 1607.463121]  ? proc_get_tree+0x88/0xb0
[ 1607.467019]  ? vfs_get_tree+0x1cb/0x5c0
[ 1607.471007]  ? do_mount+0x6c1/0x1fb0
[ 1607.474735]  ? ksys_mount+0x12d/0x140
[ 1607.478546]  ? __x64_sys_mount+0xbe/0x150
[ 1607.482711]  ? do_syscall_64+0x1b9/0x820
[ 1607.486789]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1607.492171]  ? save_stack+0xa9/0xd0
[ 1607.495811]  ? lock_acquire+0x1e4/0x540
[ 1607.499802]  ? fs_reclaim_acquire+0x20/0x20
[ 1607.504140]  ? lock_downgrade+0x8f0/0x8f0
[ 1607.508306]  ? __x64_sys_mount+0xbe/0x150
[ 1607.512473]  ? check_same_owner+0x340/0x340
[ 1607.516808]  ? rcu_note_context_switch+0x730/0x730
[ 1607.521758]  __should_failslab+0x124/0x180
[ 1607.526018]  should_failslab+0x9/0x14
[ 1607.529837]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1607.531627] binder: BINDER_SET_CONTEXT_MGR already set
[ 1607.534521]  ? kasan_kmalloc+0xc4/0xe0
[ 1607.534543]  __memcg_init_list_lru_node+0x185/0x2d0
03:45:46 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x7, 0x80000002)

03:45:46 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0xff0c}})

03:45:46 executing program 1:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
listen(r0, 0xffffffffffffff7f)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = accept4(r0, &(0x7f00000003c0)=@in={0x0, 0x0, @multicast1}, &(0x7f0000000040)=0x80, 0x0)
sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
r3 = socket$inet6(0xa, 0x1, 0x0)
chdir(&(0x7f0000000000)='./file0\x00')
ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070")
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f0000000140), 0x4)
getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in={{0x2, 0x0, @dev={0xac, 0x14, 0x14}}}}}, &(0x7f00000002c0)=0xff8b)
r4 = dup(r0)
socketpair(0x5, 0x3, 0xe63, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$ION_IOC_ALLOC(r4, 0xc0184900, &(0x7f00000000c0)={0x81, 0x0, 0x1, r5})

03:45:46 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0x40046207, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:46 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x341, 0x80000002)

[ 1607.534557]  ? kvfree_rcu+0x20/0x20
[ 1607.534570]  ? __kmalloc_node+0x47/0x70
[ 1607.534588]  __list_lru_init+0x4d6/0x840
[ 1607.560394]  ? list_lru_destroy+0x500/0x500
[ 1607.564113] binder: 17287:17288 ioctl 40046207 200003c0 returned -16
[ 1607.564726]  ? prealloc_shrinker+0x213/0x480
[ 1607.564746]  ? __init_waitqueue_head+0x9e/0x150
[ 1607.580301]  ? inactive_list_is_low+0x850/0x850
[ 1607.584983]  ? __lockdep_init_map+0x105/0x590
[ 1607.589494]  alloc_super+0x976/0xb10
[ 1607.593233]  ? destroy_unused_super.part.11+0x110/0x110
[ 1607.593596] binder: BINDER_SET_CONTEXT_MGR already set
[ 1607.598608]  ? lock_downgrade+0x8f0/0x8f0
[ 1607.598628]  ? kasan_check_read+0x11/0x20
[ 1607.598644]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1607.598659]  ? kasan_check_write+0x14/0x20
[ 1607.598670]  ? do_raw_spin_lock+0xc1/0x200
[ 1607.598690]  ? ns_test_super+0x50/0x50
[ 1607.629773]  sget_fc+0x269/0x950
[ 1607.633160]  ? compare_single+0x10/0x10
[ 1607.635403] binder: 17287:17288 ioctl 40046207 0 returned -16
[ 1607.637145]  ? alloc_super+0xb10/0xb10
[ 1607.637166]  ? kasan_kmalloc+0xc4/0xe0
[ 1607.637184]  ? __kmalloc_track_caller+0x311/0x760
[ 1607.637200]  ? proc_root_lookup+0x60/0x60
[ 1607.637218]  vfs_get_super+0x6e/0x270
[ 1607.643806] binder: BINDER_SET_CONTEXT_MGR already set
[ 1607.646974]  proc_get_tree+0x88/0xb0
[ 1607.646989]  vfs_get_tree+0x1cb/0x5c0
[ 1607.647006]  do_mount+0x6c1/0x1fb0
[ 1607.647023]  ? kasan_check_write+0x14/0x20
[ 1607.647041]  ? copy_mount_string+0x40/0x40
[ 1607.647056]  ? kasan_kmalloc+0xc4/0xe0
[ 1607.647076]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1607.651586] binder: 17287:17296 ioctl 40046207 200003c0 returned -16
[ 1607.655794]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1607.655812]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1607.655831]  ? copy_mount_options+0x285/0x380
[ 1607.655852]  ksys_mount+0x12d/0x140
[ 1607.655870]  __x64_sys_mount+0xbe/0x150
[ 1607.726874]  do_syscall_64+0x1b9/0x820
[ 1607.730779]  ? finish_task_switch+0x1d3/0x870
[ 1607.735294]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1607.740241]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1607.745170]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1607.750198]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1607.755224]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1607.759891]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1607.764732]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1607.769933] RIP: 0033:0x455e29
[ 1607.773109] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1607.792348] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1607.800055] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1607.807321] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1607.814583] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1607.821851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1607.829116] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000013
03:45:47 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:47 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}})

03:45:47 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x2, 0x80000002)

03:45:47 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xffffff9e, 0x80000002)

03:45:47 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc020660b, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:47 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x7a00, 0x80000002)

03:45:47 executing program 2 (fault-call:1 fault-nth:20):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:47 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}})

[ 1608.077421] binder: BINDER_SET_CONTEXT_MGR already set
[ 1608.084012] binder: 17314:17317 ioctl 40046207 0 returned -16
[ 1608.084913] FAULT_INJECTION: forcing a failure.
[ 1608.084913] name failslab, interval 1, probability 0, space 0, times 0
[ 1608.101391] CPU: 1 PID: 17308 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1608.109807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1608.119174] Call Trace:
[ 1608.121776]  dump_stack+0x1c9/0x2b4
03:45:47 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xf0ffff, 0x80000002)

03:45:47 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0x40046205, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

[ 1608.125433]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1608.130645]  ? __kernel_text_address+0xd/0x40
[ 1608.135157]  ? unwind_get_return_address+0x61/0xa0
[ 1608.140109]  should_fail.cold.4+0xa/0x11
[ 1608.144183]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1608.149309]  ? save_stack+0xa9/0xd0
[ 1608.152964]  ? save_stack+0x43/0xd0
[ 1608.156609]  ? kasan_kmalloc+0xc4/0xe0
[ 1608.160519]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1608.165380]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1608.170578]  ? __list_lru_init+0x4d6/0x840
03:45:47 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x500000000000000, 0x80000002)

[ 1608.174833]  ? alloc_super+0x976/0xb10
[ 1608.178739]  ? vfs_get_super+0x6e/0x270
[ 1608.182733]  ? proc_get_tree+0x88/0xb0
[ 1608.186637]  ? vfs_get_tree+0x1cb/0x5c0
[ 1608.190625]  ? do_mount+0x6c1/0x1fb0
[ 1608.194354]  ? ksys_mount+0x12d/0x140
[ 1608.198172]  ? __x64_sys_mount+0xbe/0x150
[ 1608.202339]  ? do_syscall_64+0x1b9/0x820
[ 1608.206420]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1608.211807]  ? save_stack+0xa9/0xd0
[ 1608.212344] binder: BINDER_SET_CONTEXT_MGR already set
[ 1608.215451]  ? lock_acquire+0x1e4/0x540
03:45:47 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xd0e, 0x80000002)

[ 1608.215469]  ? fs_reclaim_acquire+0x20/0x20
[ 1608.215484]  ? lock_downgrade+0x8f0/0x8f0
[ 1608.215504]  ? __x64_sys_mount+0xbe/0x150
[ 1608.237350]  ? check_same_owner+0x340/0x340
[ 1608.240898] binder: 17329:17331 ioctl 40046207 0 returned -16
[ 1608.241685]  ? rcu_note_context_switch+0x730/0x730
[ 1608.241706]  __should_failslab+0x124/0x180
[ 1608.241723]  should_failslab+0x9/0x14
[ 1608.241742]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1608.265231]  ? kasan_kmalloc+0xc4/0xe0
[ 1608.269142]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1608.274173]  ? kvfree_rcu+0x20/0x20
03:45:47 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xfffff000, 0x80000002)

[ 1608.277955]  ? __kmalloc_node+0x47/0x70
[ 1608.281945]  __list_lru_init+0x4d6/0x840
[ 1608.286020]  ? list_lru_destroy+0x500/0x500
[ 1608.290354]  ? prealloc_shrinker+0x213/0x480
[ 1608.294774]  ? __init_waitqueue_head+0x9e/0x150
[ 1608.299463]  ? inactive_list_is_low+0x850/0x850
[ 1608.304252]  ? __lockdep_init_map+0x105/0x590
[ 1608.308763]  alloc_super+0x976/0xb10
[ 1608.312500]  ? destroy_unused_super.part.11+0x110/0x110
[ 1608.317875]  ? lock_downgrade+0x8f0/0x8f0
[ 1608.322041]  ? kasan_check_read+0x11/0x20
[ 1608.326196]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1608.330797]  ? kasan_check_write+0x14/0x20
[ 1608.335049]  ? do_raw_spin_lock+0xc1/0x200
[ 1608.339303]  ? ns_test_super+0x50/0x50
[ 1608.343210]  sget_fc+0x269/0x950
[ 1608.346588]  ? compare_single+0x10/0x10
[ 1608.350572]  ? alloc_super+0xb10/0xb10
[ 1608.354474]  ? kasan_kmalloc+0xc4/0xe0
[ 1608.358378]  ? __kmalloc_track_caller+0x311/0x760
[ 1608.363240]  ? proc_root_lookup+0x60/0x60
[ 1608.367402]  vfs_get_super+0x6e/0x270
[ 1608.371220]  proc_get_tree+0x88/0xb0
[ 1608.374949]  vfs_get_tree+0x1cb/0x5c0
[ 1608.378771]  do_mount+0x6c1/0x1fb0
[ 1608.382339]  ? kasan_check_write+0x14/0x20
[ 1608.386594]  ? copy_mount_string+0x40/0x40
[ 1608.390848]  ? kasan_kmalloc+0xc4/0xe0
[ 1608.394793]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1608.399653]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1608.405213]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1608.410793]  ? copy_mount_options+0x285/0x380
[ 1608.415311]  ksys_mount+0x12d/0x140
[ 1608.418949]  __x64_sys_mount+0xbe/0x150
[ 1608.422942]  do_syscall_64+0x1b9/0x820
[ 1608.426842]  ? finish_task_switch+0x1d3/0x870
[ 1608.431358]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1608.436308]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1608.441246]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1608.446277]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1608.451312]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1608.455999]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1608.460864]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1608.466061] RIP: 0033:0x455e29
[ 1608.469248] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1608.488568] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1608.496292] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1608.503568] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1608.510853] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1608.518127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
03:45:47 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc020660b, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:47 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc018620b, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:47 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x5000000, 0x80000002)

[ 1608.525410] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000014
[ 1608.571987] binder: BINDER_SET_CONTEXT_MGR already set
[ 1608.580988] binder: BINDER_SET_CONTEXT_MGR already set
[ 1608.588129] binder: 17360:17363 ioctl 40046207 0 returned -16
[ 1608.594490] binder: 17367:17368 ioctl 40046207 0 returned -16
03:45:48 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:48 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x500, 0x80000002)

03:45:48 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0xcff}})

03:45:48 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xfeffffff, 0x80000002)

03:45:48 executing program 2 (fault-call:1 fault-nth:21):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:48 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x9, 0x80000002)

03:45:48 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc020660b, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:48 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0189436, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

[ 1609.186007] binder: BINDER_SET_CONTEXT_MGR already set
[ 1609.194468] binder: 17390:17391 ioctl 40046207 0 returned -16
[ 1609.195332] FAULT_INJECTION: forcing a failure.
[ 1609.195332] name failslab, interval 1, probability 0, space 0, times 0
[ 1609.211684] CPU: 0 PID: 17389 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1609.220096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1609.229459] Call Trace:
[ 1609.232062]  dump_stack+0x1c9/0x2b4
[ 1609.235711]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1609.240919]  ? __kernel_text_address+0xd/0x40
[ 1609.245437]  ? unwind_get_return_address+0x61/0xa0
[ 1609.250390]  should_fail.cold.4+0xa/0x11
[ 1609.254473]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1609.259604]  ? save_stack+0xa9/0xd0
[ 1609.263264]  ? save_stack+0x43/0xd0
[ 1609.266914]  ? kasan_kmalloc+0xc4/0xe0
[ 1609.270823]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1609.275685]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1609.280895]  ? __list_lru_init+0x4d6/0x840
[ 1609.285150]  ? alloc_super+0x976/0xb10
[ 1609.288499] binder: 17390:17391 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1609.289047]  ? vfs_get_super+0x6e/0x270
[ 1609.289066]  ? proc_get_tree+0x88/0xb0
[ 1609.304620]  ? vfs_get_tree+0x1cb/0x5c0
[ 1609.308610]  ? do_mount+0x6c1/0x1fb0
[ 1609.312339]  ? ksys_mount+0x12d/0x140
[ 1609.316154]  ? __x64_sys_mount+0xbe/0x150
[ 1609.320315]  ? do_syscall_64+0x1b9/0x820
[ 1609.324386]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1609.329812]  ? save_stack+0xa9/0xd0
[ 1609.333460]  ? lock_acquire+0x1e4/0x540
[ 1609.337541]  ? fs_reclaim_acquire+0x20/0x20
[ 1609.341882]  ? lock_downgrade+0x8f0/0x8f0
[ 1609.346047]  ? __x64_sys_mount+0xbe/0x150
[ 1609.350220]  ? check_same_owner+0x340/0x340
[ 1609.354558]  ? rcu_note_context_switch+0x730/0x730
[ 1609.359502]  __should_failslab+0x124/0x180
[ 1609.363745]  should_failslab+0x9/0x14
[ 1609.367562]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1609.372242]  ? kasan_kmalloc+0xc4/0xe0
[ 1609.376148]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1609.381173]  ? kvfree_rcu+0x20/0x20
03:45:48 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xe00, 0x80000002)

03:45:48 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xfffffff0, 0x80000002)

03:45:48 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x2}})

03:45:48 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc020660b, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:48 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}})

03:45:48 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xa00, 0x80000002)

03:45:48 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0x5451, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:48 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

[ 1609.384813]  ? __kmalloc_node+0x47/0x70
[ 1609.388801]  __list_lru_init+0x4d6/0x840
[ 1609.392880]  ? list_lru_destroy+0x500/0x500
[ 1609.397218]  ? prealloc_shrinker+0x213/0x480
[ 1609.401730]  ? __init_waitqueue_head+0x9e/0x150
[ 1609.406414]  ? inactive_list_is_low+0x850/0x850
[ 1609.411096]  ? __lockdep_init_map+0x105/0x590
[ 1609.415611]  alloc_super+0x976/0xb10
[ 1609.419343]  ? destroy_unused_super.part.11+0x110/0x110
[ 1609.424724]  ? lock_downgrade+0x8f0/0x8f0
[ 1609.428895]  ? kasan_check_read+0x11/0x20
[ 1609.433066]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1609.437669]  ? kasan_check_write+0x14/0x20
[ 1609.441916]  ? do_raw_spin_lock+0xc1/0x200
[ 1609.446169]  ? ns_test_super+0x50/0x50
[ 1609.450073]  sget_fc+0x269/0x950
[ 1609.453453]  ? compare_single+0x10/0x10
[ 1609.457451]  ? alloc_super+0xb10/0xb10
[ 1609.461619]  ? kasan_kmalloc+0xc4/0xe0
[ 1609.465520]  ? __kmalloc_track_caller+0x311/0x760
[ 1609.470378]  ? proc_root_lookup+0x60/0x60
[ 1609.474537]  vfs_get_super+0x6e/0x270
[ 1609.478359]  proc_get_tree+0x88/0xb0
[ 1609.482090]  vfs_get_tree+0x1cb/0x5c0
[ 1609.485912]  do_mount+0x6c1/0x1fb0
[ 1609.489468]  ? kasan_check_write+0x14/0x20
[ 1609.493720]  ? copy_mount_string+0x40/0x40
[ 1609.497977]  ? retint_kernel+0x10/0x10
[ 1609.501892]  ? __sanitizer_cov_trace_const_cmp8+0xf/0x20
[ 1609.507367]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1609.512925]  ? copy_mount_options+0x285/0x380
[ 1609.517434]  ksys_mount+0x12d/0x140
[ 1609.521058]  __x64_sys_mount+0xbe/0x150
[ 1609.525034]  do_syscall_64+0x1b9/0x820
[ 1609.528914]  ? finish_task_switch+0x1d3/0x870
[ 1609.533410]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1609.538344]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1609.543273]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1609.548305]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1609.553331]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1609.558014]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1609.562871]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1609.568065] RIP: 0033:0x455e29
[ 1609.571241] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1609.590410] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1609.598130] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1609.605399] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1609.612660] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1609.619937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1609.627206] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000015
[ 1609.656414] binder: BINDER_SET_CONTEXT_MGR already set
[ 1609.677472] binder: 17417:17422 ioctl 40046207 0 returned -16
03:45:49 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:49 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x6800000000000000, 0x80000002)

03:45:49 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xb, 0x80000002)

03:45:49 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:49 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000}})

03:45:49 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x300000000000000, 0x80000002)

03:45:49 executing program 2 (fault-call:1 fault-nth:22):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:49 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0x5452, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

[ 1610.260358] binder: BINDER_SET_CONTEXT_MGR already set
[ 1610.265844] binder: BINDER_SET_CONTEXT_MGR already set
[ 1610.279835] binder: 17440:17444 ioctl 40046207 0 returned -16
[ 1610.285887] FAULT_INJECTION: forcing a failure.
[ 1610.285887] name failslab, interval 1, probability 0, space 0, times 0
[ 1610.297195] CPU: 0 PID: 17445 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
03:45:49 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0x40046208, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:49 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x2000000, 0x80000002)

03:45:49 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0xff0c0000}})

[ 1610.298368] binder: 17441:17452 ioctl 40046207 0 returned -16
[ 1610.305600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1610.305605] Call Trace:
[ 1610.305633]  dump_stack+0x1c9/0x2b4
[ 1610.305654]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1610.332268]  ? __kernel_text_address+0xd/0x40
[ 1610.336786]  ? unwind_get_return_address+0x61/0xa0
[ 1610.341743]  should_fail.cold.4+0xa/0x11
[ 1610.345825]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1610.350950]  ? save_stack+0xa9/0xd0
[ 1610.354599]  ? save_stack+0x43/0xd0
03:45:49 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xb, 0x80000002)

[ 1610.358244]  ? kasan_kmalloc+0xc4/0xe0
[ 1610.362164]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1610.367035]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1610.372242]  ? __list_lru_init+0x4d6/0x840
[ 1610.376497]  ? alloc_super+0x976/0xb10
[ 1610.380405]  ? vfs_get_super+0x6e/0x270
[ 1610.384394]  ? proc_get_tree+0x88/0xb0
[ 1610.386341] binder: BINDER_SET_CONTEXT_MGR already set
[ 1610.388293]  ? vfs_get_tree+0x1cb/0x5c0
[ 1610.388311]  ? do_mount+0x6c1/0x1fb0
[ 1610.388326]  ? ksys_mount+0x12d/0x140
[ 1610.388344]  ? __x64_sys_mount+0xbe/0x150
03:45:49 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0x5460, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

[ 1610.388365]  ? do_syscall_64+0x1b9/0x820
[ 1610.404479] binder: 17465:17466 ioctl 40046207 0 returned -16
[ 1610.405116]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1610.405139]  ? save_stack+0xa9/0xd0
[ 1610.405158]  ? lock_acquire+0x1e4/0x540
[ 1610.405179]  ? fs_reclaim_acquire+0x20/0x20
[ 1610.436515]  ? lock_downgrade+0x8f0/0x8f0
[ 1610.440676]  ? __x64_sys_mount+0xbe/0x150
[ 1610.444834]  ? check_same_owner+0x340/0x340
[ 1610.449168]  ? rcu_note_context_switch+0x730/0x730
[ 1610.454125]  __should_failslab+0x124/0x180
03:45:49 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x48, 0x80000002)

[ 1610.458378]  should_failslab+0x9/0x14
[ 1610.462195]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1610.466878]  ? kasan_kmalloc+0xc4/0xe0
[ 1610.470788]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1610.475819]  ? kvfree_rcu+0x20/0x20
[ 1610.479487]  ? __kmalloc_node+0x47/0x70
[ 1610.483492]  __list_lru_init+0x4d6/0x840
[ 1610.485853] binder: BINDER_SET_CONTEXT_MGR already set
[ 1610.487563]  ? list_lru_destroy+0x500/0x500
[ 1610.487584]  ? prealloc_shrinker+0x213/0x480
[ 1610.487600]  ? __init_waitqueue_head+0x9e/0x150
[ 1610.487612]  ? inactive_list_is_low+0x850/0x850
03:45:49 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:49 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x4800000000000000, 0x80000002)

[ 1610.487632]  ? __lockdep_init_map+0x105/0x590
[ 1610.504211] binder: 17474:17476 ioctl 40046207 0 returned -16
[ 1610.506296]  alloc_super+0x976/0xb10
[ 1610.506318]  ? destroy_unused_super.part.11+0x110/0x110
[ 1610.506336]  ? lock_downgrade+0x8f0/0x8f0
[ 1610.506354]  ? kasan_check_read+0x11/0x20
[ 1610.506373]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1610.543307]  ? kasan_check_write+0x14/0x20
[ 1610.547558]  ? do_raw_spin_lock+0xc1/0x200
[ 1610.551811]  ? ns_test_super+0x50/0x50
[ 1610.555708]  sget_fc+0x269/0x950
[ 1610.559090]  ? compare_single+0x10/0x10
[ 1610.563084]  ? alloc_super+0xb10/0xb10
[ 1610.566995]  ? kasan_kmalloc+0xc4/0xe0
[ 1610.571075]  ? __kmalloc_track_caller+0x311/0x760
[ 1610.575955]  ? proc_root_lookup+0x60/0x60
[ 1610.580125]  vfs_get_super+0x6e/0x270
[ 1610.583939]  proc_get_tree+0x88/0xb0
[ 1610.587663]  vfs_get_tree+0x1cb/0x5c0
[ 1610.591474]  do_mount+0x6c1/0x1fb0
[ 1610.595028]  ? kasan_check_write+0x14/0x20
[ 1610.599276]  ? copy_mount_string+0x40/0x40
[ 1610.603525]  ? retint_kernel+0x10/0x10
[ 1610.607441]  ? copy_mount_options+0x1f0/0x380
[ 1610.611958]  ? copy_mount_options+0x1f6/0x380
[ 1610.613879] binder: 17484:17488 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1610.616466]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1610.616484]  ? copy_mount_options+0x285/0x380
[ 1610.616507]  ksys_mount+0x12d/0x140
[ 1610.637846]  __x64_sys_mount+0xbe/0x150
[ 1610.641836]  do_syscall_64+0x1b9/0x820
[ 1610.645736]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1610.650687]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1610.655636]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1610.660673]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1610.665709]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1610.670402]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1610.675271]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1610.680469] RIP: 0033:0x455e29
[ 1610.683659] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1610.702946] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1610.710676] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1610.717960] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1610.725240] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1610.732511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1610.739853] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000016
03:45:50 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:50 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x6c00000000000000, 0x80000002)

03:45:50 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0x5421, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:50 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xb00000000000000, 0x80000002)

03:45:50 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:50 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xc00, 0x80000002)

03:45:50 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}})

03:45:50 executing program 2 (fault-call:1 fault-nth:23):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:50 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x7000000, 0x80000002)

[ 1611.290157] binder: 17507:17510 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1611.300359] binder: BINDER_SET_CONTEXT_MGR already set
[ 1611.309416] binder: 17511:17513 ioctl 40046207 0 returned -16
[ 1611.310015] FAULT_INJECTION: forcing a failure.
[ 1611.310015] name failslab, interval 1, probability 0, space 0, times 0
[ 1611.326664] CPU: 0 PID: 17515 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
03:45:50 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xa000000, 0x80000002)

03:45:50 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x600, 0x80000002)

[ 1611.335080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1611.344443] Call Trace:
[ 1611.347065]  dump_stack+0x1c9/0x2b4
[ 1611.350709]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1611.355919]  ? __kernel_text_address+0xd/0x40
[ 1611.360426]  ? unwind_get_return_address+0x61/0xa0
[ 1611.365376]  should_fail.cold.4+0xa/0x11
[ 1611.369456]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1611.374578]  ? save_stack+0xa9/0xd0
[ 1611.378228]  ? save_stack+0x43/0xd0
[ 1611.381869]  ? kasan_kmalloc+0xc4/0xe0
[ 1611.385765]  ? kmem_cache_alloc_trace+0x152/0x780
03:45:50 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0045878, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:50 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

[ 1611.390622]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1611.395827]  ? __list_lru_init+0x4d6/0x840
[ 1611.400081]  ? alloc_super+0x976/0xb10
[ 1611.403985]  ? vfs_get_super+0x6e/0x270
[ 1611.407972]  ? proc_get_tree+0x88/0xb0
[ 1611.411872]  ? vfs_get_tree+0x1cb/0x5c0
[ 1611.415864]  ? do_mount+0x6c1/0x1fb0
[ 1611.419595]  ? ksys_mount+0x12d/0x140
[ 1611.423417]  ? __x64_sys_mount+0xbe/0x150
[ 1611.427579]  ? do_syscall_64+0x1b9/0x820
[ 1611.428103] binder: 17525:17527 Acquire 1 refcount change on invalid ref 0 ret -22
03:45:50 executing program 1:
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:50 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x66010000, 0x80000002)

[ 1611.431659]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1611.431681]  ? save_stack+0xa9/0xd0
[ 1611.431702]  ? lock_acquire+0x1e4/0x540
[ 1611.431714]  ? fs_reclaim_acquire+0x20/0x20
[ 1611.431733]  ? lock_downgrade+0x8f0/0x8f0
[ 1611.460811]  ? __x64_sys_mount+0xbe/0x150
[ 1611.464987]  ? check_same_owner+0x340/0x340
[ 1611.469320]  ? rcu_note_context_switch+0x730/0x730
[ 1611.474273]  __should_failslab+0x124/0x180
[ 1611.478528]  should_failslab+0x9/0x14
[ 1611.482345]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1611.487038]  ? kasan_kmalloc+0xc4/0xe0
03:45:50 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff0c}})

[ 1611.490309] binder: 17528:17529 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1611.490938]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1611.490956]  ? kvfree_rcu+0x20/0x20
[ 1611.507289]  ? __kmalloc_node+0x47/0x70
[ 1611.511287]  __list_lru_init+0x4d6/0x840
[ 1611.515365]  ? list_lru_destroy+0x500/0x500
[ 1611.519705]  ? prealloc_shrinker+0x213/0x480
[ 1611.524129]  ? __init_waitqueue_head+0x9e/0x150
[ 1611.528810]  ? inactive_list_is_low+0x850/0x850
[ 1611.533500]  ? __lockdep_init_map+0x105/0x590
[ 1611.538012]  alloc_super+0x976/0xb10
[ 1611.541931]  ? destroy_unused_super.part.11+0x110/0x110
[ 1611.547313]  ? lock_downgrade+0x8f0/0x8f0
[ 1611.551479]  ? kasan_check_read+0x11/0x20
[ 1611.555641]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1611.560242]  ? kasan_check_write+0x14/0x20
[ 1611.564488]  ? do_raw_spin_lock+0xc1/0x200
[ 1611.568743]  ? ns_test_super+0x50/0x50
[ 1611.572647]  sget_fc+0x269/0x950
[ 1611.576031]  ? compare_single+0x10/0x10
[ 1611.580023]  ? alloc_super+0xb10/0xb10
[ 1611.583924]  ? kasan_kmalloc+0xc4/0xe0
[ 1611.587826]  ? __kmalloc_track_caller+0x311/0x760
[ 1611.592685]  ? proc_root_lookup+0x60/0x60
[ 1611.596851]  vfs_get_super+0x6e/0x270
[ 1611.600662]  proc_get_tree+0x88/0xb0
[ 1611.604390]  vfs_get_tree+0x1cb/0x5c0
[ 1611.608207]  do_mount+0x6c1/0x1fb0
[ 1611.611779]  ? kasan_check_write+0x14/0x20
[ 1611.616039]  ? copy_mount_string+0x40/0x40
[ 1611.620288]  ? kasan_kmalloc+0xc4/0xe0
[ 1611.624189]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1611.629056]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1611.634610]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1611.640159]  ? copy_mount_options+0x285/0x380
[ 1611.644670]  ksys_mount+0x12d/0x140
[ 1611.648317]  __x64_sys_mount+0xbe/0x150
[ 1611.652312]  do_syscall_64+0x1b9/0x820
[ 1611.656217]  ? finish_task_switch+0x1d3/0x870
[ 1611.660729]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1611.662855] binder: BINDER_SET_CONTEXT_MGR already set
[ 1611.665672]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1611.665689]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1611.665703]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1611.665722]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1611.681572] binder: 17523:17540 ioctl 40046207 0 returned -16
[ 1611.685941]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1611.685964]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1611.685976] RIP: 0033:0x455e29
[ 1611.685980] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1611.729005] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1611.736728] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1611.744014] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1611.751289] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1611.758568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1611.765847] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000017
03:45:51 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:51 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcff}})

03:45:51 executing program 1:
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:51 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x48000000, 0x80000002)

03:45:51 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x7a, 0x80000002)

03:45:51 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x6, 0x80000002)

03:45:51 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0046209, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:51 executing program 2 (fault-call:1 fault-nth:24):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1612.264133] binder: 17563:17565 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1612.286367] binder: BINDER_SET_CONTEXT_MGR already set
[ 1612.298653] FAULT_INJECTION: forcing a failure.
[ 1612.298653] name failslab, interval 1, probability 0, space 0, times 0
[ 1612.302011] binder: 17568:17575 ioctl 40046207 0 returned -16
[ 1612.310016] CPU: 1 PID: 17576 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1612.324230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1612.333593] Call Trace:
[ 1612.336200]  dump_stack+0x1c9/0x2b4
[ 1612.339845]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1612.345058]  should_fail.cold.4+0xa/0x11
[ 1612.349141]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1612.354260]  ? is_bpf_text_address+0xd7/0x170
[ 1612.358816]  ? kernel_text_address+0x79/0xf0
[ 1612.363255]  ? __kernel_text_address+0xd/0x40
[ 1612.367765]  ? unwind_get_return_address+0x61/0xa0
[ 1612.370869] binder: 17582:17584 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1612.372728]  ? __save_stack_trace+0x8d/0xf0
[ 1612.372752]  ? save_stack+0xa9/0xd0
[ 1612.372776]  ? lock_acquire+0x1e4/0x540
[ 1612.392378]  ? fs_reclaim_acquire+0x20/0x20
[ 1612.396718]  ? lock_downgrade+0x8f0/0x8f0
[ 1612.400897]  ? __x64_sys_mount+0xbe/0x150
[ 1612.405065]  ? check_same_owner+0x340/0x340
[ 1612.409410]  ? rcu_note_context_switch+0x730/0x730
[ 1612.414364]  __should_failslab+0x124/0x180
[ 1612.418622]  should_failslab+0x9/0x14
[ 1612.422455]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1612.427139]  ? kasan_kmalloc+0xc4/0xe0
[ 1612.431049]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1612.436080]  ? kvfree_rcu+0x20/0x20
[ 1612.439721]  ? __kmalloc_node+0x47/0x70
[ 1612.443707]  __list_lru_init+0x4d6/0x840
[ 1612.447780]  ? list_lru_destroy+0x500/0x500
[ 1612.452113]  ? prealloc_shrinker+0x213/0x480
[ 1612.456533]  ? __init_waitqueue_head+0x9e/0x150
03:45:51 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}})

03:45:51 executing program 1:
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:51 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff0c000000000000}})

03:45:51 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:51 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x9effffff, 0x80000002)

03:45:51 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0x40049409, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:51 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000}})

03:45:51 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x4c, 0x80000002)

[ 1612.461218]  ? inactive_list_is_low+0x850/0x850
[ 1612.465898]  ? __lockdep_init_map+0x105/0x590
[ 1612.470409]  alloc_super+0x9a6/0xb10
[ 1612.474153]  ? destroy_unused_super.part.11+0x110/0x110
[ 1612.479535]  ? lock_downgrade+0x8f0/0x8f0
[ 1612.483103] binder: BINDER_SET_CONTEXT_MGR already set
[ 1612.483699]  ? kasan_check_read+0x11/0x20
[ 1612.483714]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1612.483733]  ? kasan_check_write+0x14/0x20
[ 1612.501967]  ? do_raw_spin_lock+0xc1/0x200
[ 1612.506222]  ? ns_test_super+0x50/0x50
[ 1612.510120]  sget_fc+0x269/0x950
[ 1612.513502]  ? compare_single+0x10/0x10
[ 1612.517485]  ? alloc_super+0xb10/0xb10
[ 1612.521387]  ? kasan_kmalloc+0xc4/0xe0
[ 1612.525285]  ? __kmalloc_track_caller+0x311/0x760
[ 1612.530148]  ? proc_root_lookup+0x60/0x60
[ 1612.534308]  vfs_get_super+0x6e/0x270
[ 1612.536386] binder: 17589:17590 ioctl 40046207 0 returned -16
[ 1612.538121]  proc_get_tree+0x88/0xb0
[ 1612.538139]  vfs_get_tree+0x1cb/0x5c0
[ 1612.538157]  do_mount+0x6c1/0x1fb0
[ 1612.538177]  ? check_same_owner+0x340/0x340
[ 1612.559415]  ? lock_release+0xa30/0xa30
[ 1612.563416]  ? copy_mount_string+0x40/0x40
[ 1612.567676]  ? kasan_kmalloc+0xc4/0xe0
[ 1612.571578]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1612.576440]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1612.581994]  ? _copy_from_user+0xdf/0x150
[ 1612.586159]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1612.591714]  ? copy_mount_options+0x285/0x380
[ 1612.596219]  ksys_mount+0x12d/0x140
[ 1612.599857]  __x64_sys_mount+0xbe/0x150
[ 1612.603845]  do_syscall_64+0x1b9/0x820
[ 1612.607743]  ? finish_task_switch+0x1d3/0x870
[ 1612.612249]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1612.617192]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1612.622136]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1612.627165]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1612.632189]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1612.636874]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1612.641736]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1612.646937] RIP: 0033:0x455e29
[ 1612.650131] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1612.669368] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1612.677090] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1612.684383] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1612.691672] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1612.698953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1612.706235] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000018
03:45:52 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0x0, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:52 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x7a, 0x80000002)

03:45:52 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:52 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xc000000, 0x80000002)

03:45:52 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}})

03:45:52 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x48, 0x80000002)

03:45:52 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306209, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:52 executing program 2 (fault-call:1 fault-nth:25):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1613.237769] FAULT_INJECTION: forcing a failure.
[ 1613.237769] name failslab, interval 1, probability 0, space 0, times 0
[ 1613.249204] CPU: 1 PID: 17617 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1613.257624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1613.260995] binder: 17623:17627 ioctl c0306209 200003c0 returned -22
[ 1613.266985] Call Trace:
[ 1613.267011]  dump_stack+0x1c9/0x2b4
[ 1613.267029]  ? dump_stack_print_info.cold.2+0x52/0x52
03:45:52 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xfeffffff00000000, 0x80000002)

[ 1613.267051]  ? __kernel_text_address+0xd/0x40
[ 1613.267074]  ? unwind_get_return_address+0x61/0xa0
[ 1613.294377]  should_fail.cold.4+0xa/0x11
[ 1613.298459]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1613.303590]  ? save_stack+0xa9/0xd0
[ 1613.307238]  ? save_stack+0x43/0xd0
[ 1613.310883]  ? kasan_kmalloc+0xc4/0xe0
[ 1613.314786]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1613.319647]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1613.324850]  ? __list_lru_init+0x4d6/0x840
[ 1613.325926] binder: BINDER_SET_CONTEXT_MGR already set
[ 1613.329097]  ? alloc_super+0x9a6/0xb10
03:45:52 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

[ 1613.329115]  ? vfs_get_super+0x6e/0x270
[ 1613.329131]  ? proc_get_tree+0x88/0xb0
[ 1613.329145]  ? vfs_get_tree+0x1cb/0x5c0
[ 1613.329164]  ? do_mount+0x6c1/0x1fb0
[ 1613.353840]  ? ksys_mount+0x12d/0x140
[ 1613.357662]  ? __x64_sys_mount+0xbe/0x150
[ 1613.361832]  ? do_syscall_64+0x1b9/0x820
[ 1613.365906]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1613.371289]  ? save_stack+0xa9/0xd0
[ 1613.374200] binder: 17623:17627 ioctl 40046207 0 returned -16
[ 1613.374929]  ? lock_acquire+0x1e4/0x540
[ 1613.374944]  ? fs_reclaim_acquire+0x20/0x20
[ 1613.374964]  ? lock_downgrade+0x8f0/0x8f0
[ 1613.393276]  ? __x64_sys_mount+0xbe/0x150
[ 1613.397451]  ? check_same_owner+0x340/0x340
[ 1613.401796]  ? rcu_note_context_switch+0x730/0x730
[ 1613.405425] binder: 17623:17642 ioctl c0306209 200003c0 returned -22
[ 1613.406751]  __should_failslab+0x124/0x180
[ 1613.406770]  should_failslab+0x9/0x14
[ 1613.406788]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1613.406803]  ? kasan_kmalloc+0xc4/0xe0
[ 1613.406823]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1613.434873]  ? kvfree_rcu+0x20/0x20
03:45:52 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:52 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xfffffffe, 0x80000002)

[ 1613.438514]  ? __kmalloc_node+0x47/0x70
[ 1613.442510]  __list_lru_init+0x4d6/0x840
[ 1613.446580]  ? list_lru_destroy+0x500/0x500
[ 1613.450916]  ? prealloc_shrinker+0x213/0x480
[ 1613.455328]  ? __init_waitqueue_head+0x9e/0x150
[ 1613.460008]  ? inactive_list_is_low+0x850/0x850
[ 1613.464690]  ? __lockdep_init_map+0x105/0x590
[ 1613.469202]  alloc_super+0x9a6/0xb10
[ 1613.472924]  ? destroy_unused_super.part.11+0x110/0x110
[ 1613.478287]  ? lock_downgrade+0x8f0/0x8f0
[ 1613.482446]  ? kasan_check_read+0x11/0x20
03:45:52 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x166, 0x80000002)

03:45:52 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

[ 1613.486607]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1613.491198]  ? kasan_check_write+0x14/0x20
[ 1613.495444]  ? do_raw_spin_lock+0xc1/0x200
[ 1613.499692]  ? ns_test_super+0x50/0x50
[ 1613.503591]  sget_fc+0x269/0x950
[ 1613.506964]  ? compare_single+0x10/0x10
[ 1613.510951]  ? alloc_super+0xb10/0xb10
[ 1613.514855]  ? kasan_kmalloc+0xc4/0xe0
[ 1613.518758]  ? __kmalloc_track_caller+0x311/0x760
[ 1613.523614]  ? proc_root_lookup+0x60/0x60
[ 1613.527770]  vfs_get_super+0x6e/0x270
[ 1613.531580]  proc_get_tree+0x88/0xb0
[ 1613.535304]  vfs_get_tree+0x1cb/0x5c0
[ 1613.539120]  do_mount+0x6c1/0x1fb0
[ 1613.542672]  ? kasan_check_read+0x11/0x20
[ 1613.546827]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1613.551242]  ? copy_mount_string+0x40/0x40
[ 1613.555493]  ? kasan_kmalloc+0xc4/0xe0
[ 1613.559399]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1613.564258]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1613.569807]  ? copy_mount_options+0x285/0x380
[ 1613.571357] binder: 17657:17658 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1613.574312]  ksys_mount+0x12d/0x140
03:45:52 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x0, 0x0, &(0x7f0000005fd4), 0x0, 0x0, &(0x7f0000012fc7)})

03:45:52 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x2, 0x80000002)

[ 1613.574330]  __x64_sys_mount+0xbe/0x150
[ 1613.574352]  do_syscall_64+0x1b9/0x820
[ 1613.574371]  ? finish_task_switch+0x1d3/0x870
[ 1613.598626]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1613.603575]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1613.608527]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1613.613558]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1613.619192]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1613.623869]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1613.628730]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1613.632343] binder: BINDER_SET_CONTEXT_MGR already set
[ 1613.633924] RIP: 0033:0x455e29
[ 1613.633928] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1613.661667] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1613.669404] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1613.676689] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1613.677843] binder: 17657:17658 ioctl 40046207 0 returned -16
[ 1613.683963] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1613.683970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1613.683978] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000019
[ 1613.748357] binder: 17657:17669 BC_CLEAR_DEATH_NOTIFICATION death notification not active
03:45:53 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0x0, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:53 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xfffffffffffff000, 0x80000002)

03:45:53 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x0, 0x0, &(0x7f0000005fd4), 0x0, 0x0, &(0x7f0000012fc7)})

03:45:53 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x8a08000000000000, 0x80000002)

03:45:53 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff0c0000}})

03:45:53 executing program 2 (fault-call:1 fault-nth:26):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:53 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xd00000000000000, 0x80000002)

03:45:53 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x2, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:53 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}})

03:45:53 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x4c00, 0x80000002)

[ 1614.301596] binder: 17682:17690 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1614.310811] FAULT_INJECTION: forcing a failure.
[ 1614.310811] name failslab, interval 1, probability 0, space 0, times 0
[ 1614.322103] CPU: 1 PID: 17688 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1614.330514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1614.339881] Call Trace:
[ 1614.342490]  dump_stack+0x1c9/0x2b4
[ 1614.346130]  ? dump_stack_print_info.cold.2+0x52/0x52
03:45:53 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x7a00, 0x80000002)

03:45:53 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}})

[ 1614.351336]  ? __kernel_text_address+0xd/0x40
[ 1614.355847]  ? unwind_get_return_address+0x61/0xa0
[ 1614.360800]  should_fail.cold.4+0xa/0x11
[ 1614.364881]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1614.370012]  ? save_stack+0xa9/0xd0
[ 1614.373658]  ? save_stack+0x43/0xd0
[ 1614.377308]  ? kasan_kmalloc+0xc4/0xe0
[ 1614.381209]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1614.386070]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1614.391274]  ? __list_lru_init+0x4d6/0x840
[ 1614.395527]  ? alloc_super+0x9a6/0xb10
03:45:53 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}})

[ 1614.399433]  ? vfs_get_super+0x6e/0x270
[ 1614.403418]  ? proc_get_tree+0x88/0xb0
[ 1614.407332]  ? vfs_get_tree+0x1cb/0x5c0
[ 1614.411322]  ? do_mount+0x6c1/0x1fb0
[ 1614.415046]  ? ksys_mount+0x12d/0x140
[ 1614.418860]  ? __x64_sys_mount+0xbe/0x150
[ 1614.423022]  ? do_syscall_64+0x1b9/0x820
[ 1614.427099]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1614.432481]  ? save_stack+0xa9/0xd0
[ 1614.436130]  ? lock_acquire+0x1e4/0x540
[ 1614.440117]  ? fs_reclaim_acquire+0x20/0x20
[ 1614.444457]  ? lock_downgrade+0x8f0/0x8f0
03:45:53 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x9effffff, 0x80000002)

03:45:53 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xa000000, 0x80000002)

03:45:53 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff0c}})

[ 1614.448618]  ? __x64_sys_mount+0xbe/0x150
[ 1614.452785]  ? check_same_owner+0x340/0x340
[ 1614.457119]  ? rcu_note_context_switch+0x730/0x730
[ 1614.462183]  __should_failslab+0x124/0x180
[ 1614.466436]  should_failslab+0x9/0x14
[ 1614.470252]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1614.474942]  ? kasan_kmalloc+0xc4/0xe0
[ 1614.478851]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1614.483882]  ? kvfree_rcu+0x20/0x20
[ 1614.487524]  ? __kmalloc_node+0x47/0x70
[ 1614.491513]  __list_lru_init+0x4d6/0x840
[ 1614.495586]  ? list_lru_destroy+0x500/0x500
[ 1614.499922]  ? prealloc_shrinker+0x213/0x480
[ 1614.504345]  ? __init_waitqueue_head+0x9e/0x150
[ 1614.509031]  ? inactive_list_is_low+0x850/0x850
[ 1614.513732]  ? __lockdep_init_map+0x105/0x590
[ 1614.518246]  alloc_super+0x9a6/0xb10
[ 1614.521979]  ? destroy_unused_super.part.11+0x110/0x110
[ 1614.527365]  ? lock_downgrade+0x8f0/0x8f0
[ 1614.531532]  ? kasan_check_read+0x11/0x20
[ 1614.535691]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1614.540305]  ? kasan_check_write+0x14/0x20
[ 1614.544554]  ? do_raw_spin_lock+0xc1/0x200
[ 1614.548802]  ? ns_test_super+0x50/0x50
[ 1614.552698]  sget_fc+0x269/0x950
[ 1614.556073]  ? compare_single+0x10/0x10
[ 1614.560061]  ? alloc_super+0xb10/0xb10
[ 1614.563961]  ? kasan_kmalloc+0xc4/0xe0
[ 1614.567859]  ? __kmalloc_track_caller+0x311/0x760
[ 1614.572710]  ? proc_root_lookup+0x60/0x60
[ 1614.576865]  vfs_get_super+0x6e/0x270
[ 1614.580671]  proc_get_tree+0x88/0xb0
[ 1614.584393]  vfs_get_tree+0x1cb/0x5c0
[ 1614.588208]  do_mount+0x6c1/0x1fb0
[ 1614.591762]  ? check_same_owner+0x340/0x340
[ 1614.596089]  ? lock_release+0xa30/0xa30
[ 1614.600073]  ? copy_mount_string+0x40/0x40
[ 1614.604320]  ? kasan_kmalloc+0xc4/0xe0
[ 1614.608238]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1614.613099]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1614.618647]  ? _copy_from_user+0xdf/0x150
[ 1614.622814]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1614.628368]  ? copy_mount_options+0x285/0x380
[ 1614.632879]  ksys_mount+0x12d/0x140
[ 1614.633284] binder: BINDER_SET_CONTEXT_MGR already set
[ 1614.636511]  __x64_sys_mount+0xbe/0x150
[ 1614.636527]  do_syscall_64+0x1b9/0x820
[ 1614.636546]  ? finish_task_switch+0x1d3/0x870
[ 1614.644670] binder: 17682:17690 ioctl 40046207 0 returned -16
[ 1614.645788]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1614.645806]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1614.645821]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1614.645840]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1614.667172] binder: 17682:17730 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1614.669926]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1614.669943]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1614.669965]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1614.669982] RIP: 0033:0x455e29
[ 1614.706159] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1614.725455] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1614.733182] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1614.740468] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1614.747747] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1614.755005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1614.762272] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000001a
03:45:54 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0x0, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:54 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcff}})

03:45:54 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xd0e000000000000, 0x80000002)

03:45:54 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xfeffffff, 0x80000002)

03:45:54 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x68, 0x80000002)

03:45:54 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x0, 0x0, &(0x7f0000005fd4), 0x0, 0x0, &(0x7f0000012fc7)})

03:45:54 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x11, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:54 executing program 2 (fault-call:1 fault-nth:27):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1615.641387] binder: 17757:17758 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1615.649888] binder: 17757:17758 unknown command 0
[ 1615.655576] FAULT_INJECTION: forcing a failure.
[ 1615.655576] name failslab, interval 1, probability 0, space 0, times 0
[ 1615.666891] CPU: 1 PID: 17756 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1615.675306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1615.684810] Call Trace:
[ 1615.687419]  dump_stack+0x1c9/0x2b4
[ 1615.691067]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1615.696278]  ? __kernel_text_address+0xd/0x40
[ 1615.698188] binder: 17757:17758 ioctl c0306201 200003c0 returned -22
[ 1615.700785]  ? unwind_get_return_address+0x61/0xa0
[ 1615.700806]  should_fail.cold.4+0xa/0x11
[ 1615.700827]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1615.721740]  ? save_stack+0xa9/0xd0
[ 1615.725389]  ? save_stack+0x43/0xd0
[ 1615.729035]  ? kasan_kmalloc+0xc4/0xe0
[ 1615.732943]  ? kmem_cache_alloc_trace+0x152/0x780
03:45:54 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x4800, 0x80000002)

03:45:54 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}})

03:45:54 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x6, 0x80000002)

03:45:54 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x700000000000000, 0x80000002)

03:45:54 executing program 1 (fault-call:3 fault-nth:0):
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

[ 1615.738060]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1615.743268]  ? __list_lru_init+0x4d6/0x840
[ 1615.747518]  ? alloc_super+0x9a6/0xb10
[ 1615.751425]  ? vfs_get_super+0x6e/0x270
[ 1615.755415]  ? proc_get_tree+0x88/0xb0
[ 1615.759323]  ? vfs_get_tree+0x1cb/0x5c0
[ 1615.763312]  ? do_mount+0x6c1/0x1fb0
[ 1615.767039]  ? ksys_mount+0x12d/0x140
[ 1615.770853]  ? __x64_sys_mount+0xbe/0x150
[ 1615.775010]  ? do_syscall_64+0x1b9/0x820
[ 1615.779086]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1615.779325] binder: BINDER_SET_CONTEXT_MGR already set
[ 1615.784461]  ? save_stack+0xa9/0xd0
[ 1615.784481]  ? lock_acquire+0x1e4/0x540
[ 1615.784496]  ? fs_reclaim_acquire+0x20/0x20
[ 1615.784511]  ? lock_downgrade+0x8f0/0x8f0
[ 1615.784524]  ? __x64_sys_mount+0xbe/0x150
[ 1615.784544]  ? check_same_owner+0x340/0x340
[ 1615.799207] FAULT_INJECTION: forcing a failure.
[ 1615.799207] name failslab, interval 1, probability 0, space 0, times 0
[ 1615.801717]  ? rcu_note_context_switch+0x730/0x730
[ 1615.801737]  __should_failslab+0x124/0x180
[ 1615.801756]  should_failslab+0x9/0x14
[ 1615.801770]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1615.801788]  ? kasan_kmalloc+0xc4/0xe0
[ 1615.846963]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1615.851974]  ? kvfree_rcu+0x20/0x20
[ 1615.855595]  ? __kmalloc_node+0x47/0x70
[ 1615.859569]  __list_lru_init+0x4d6/0x840
[ 1615.863647]  ? list_lru_destroy+0x500/0x500
[ 1615.867965]  ? prealloc_shrinker+0x213/0x480
[ 1615.872367]  ? __init_waitqueue_head+0x9e/0x150
[ 1615.877030]  ? inactive_list_is_low+0x850/0x850
[ 1615.881697]  ? __lockdep_init_map+0x105/0x590
[ 1615.886195]  alloc_super+0x9a6/0xb10
[ 1615.889913]  ? destroy_unused_super.part.11+0x110/0x110
[ 1615.895272]  ? lock_downgrade+0x8f0/0x8f0
[ 1615.899417]  ? kasan_check_read+0x11/0x20
[ 1615.903560]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1615.908140]  ? kasan_check_write+0x14/0x20
[ 1615.912372]  ? do_raw_spin_lock+0xc1/0x200
[ 1615.916601]  ? ns_test_super+0x50/0x50
[ 1615.920484]  sget_fc+0x269/0x950
[ 1615.923871]  ? compare_single+0x10/0x10
[ 1615.927842]  ? alloc_super+0xb10/0xb10
[ 1615.931724]  ? kasan_kmalloc+0xc4/0xe0
[ 1615.935609]  ? __kmalloc_track_caller+0x311/0x760
[ 1615.940450]  ? proc_root_lookup+0x60/0x60
[ 1615.944593]  vfs_get_super+0x6e/0x270
[ 1615.948387]  proc_get_tree+0x88/0xb0
[ 1615.952095]  vfs_get_tree+0x1cb/0x5c0
[ 1615.955891]  do_mount+0x6c1/0x1fb0
[ 1615.959424]  ? check_same_owner+0x340/0x340
[ 1615.963741]  ? lock_release+0xa30/0xa30
[ 1615.967712]  ? copy_mount_string+0x40/0x40
[ 1615.971941]  ? kasan_kmalloc+0xc4/0xe0
[ 1615.975823]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1615.980662]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1615.986194]  ? _copy_from_user+0xdf/0x150
[ 1615.990342]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1615.995879]  ? copy_mount_options+0x285/0x380
[ 1616.000368]  ksys_mount+0x12d/0x140
[ 1616.003991]  __x64_sys_mount+0xbe/0x150
[ 1616.007961]  do_syscall_64+0x1b9/0x820
[ 1616.011837]  ? finish_task_switch+0x1d3/0x870
[ 1616.016324]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1616.021246]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1616.026171]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1616.031183]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1616.036197]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1616.040864]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1616.045707]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1616.050886] RIP: 0033:0x455e29
[ 1616.054062] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1616.073307] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1616.081010] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1616.088274] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1616.095535] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1616.102795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1616.110055] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000001b
[ 1616.117332] CPU: 0 PID: 17771 Comm: syz-executor1 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1616.125747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1616.135105] Call Trace:
[ 1616.137700]  dump_stack+0x1c9/0x2b4
[ 1616.141336]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1616.146541]  should_fail.cold.4+0xa/0x11
[ 1616.150636]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1616.155747]  ? xa_set_tag+0x40/0x40
[ 1616.159386]  ? environ_open+0x90/0x90
[ 1616.163199]  ? trace_hardirqs_on+0x10/0x10
[ 1616.163947] binder: 17757:17758 ioctl 40046207 0 returned -16
[ 1616.167450]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1616.167470]  ? trace_hardirqs_on+0x10/0x10
[ 1616.167484]  ? trace_hardirqs_on+0x10/0x10
[ 1616.167504]  ? lock_acquire+0x1e4/0x540
[ 1616.191323]  ? fs_reclaim_acquire+0x20/0x20
[ 1616.195661]  ? lock_downgrade+0x8f0/0x8f0
[ 1616.199822]  ? lock_acquire+0x1e4/0x540
[ 1616.200718] binder: 17757:17767 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1616.203807]  ? check_same_owner+0x340/0x340
[ 1616.203820]  ? do_raw_spin_lock+0xc1/0x200
[ 1616.203840]  ? rcu_note_context_switch+0x730/0x730
[ 1616.210769] binder: 17757:17767 unknown command 0
[ 1616.215060]  __should_failslab+0x124/0x180
[ 1616.215077]  should_failslab+0x9/0x14
[ 1616.215099]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1616.241736]  ? do_raw_spin_lock+0xc1/0x200
[ 1616.245991]  ? _raw_spin_unlock+0x22/0x30
[ 1616.250155]  binder_get_thread+0x255/0x880
[ 1616.254404]  ? check_same_owner+0x340/0x340
[ 1616.258734]  ? binder_open+0x920/0x920
[ 1616.262647]  ? check_same_owner+0x340/0x340
[ 1616.266980]  ? _kstrtoull+0x188/0x250
[ 1616.270795]  ? rcu_note_context_switch+0x730/0x730
[ 1616.275742]  binder_ioctl+0x25d/0x141e
[ 1616.277396] FAULT_INJECTION: forcing a failure.
[ 1616.277396] name failslab, interval 1, probability 0, space 0, times 0
[ 1616.279640]  ? binder_ioctl_write_read.isra.42+0xb10/0xb10
[ 1616.279658]  ? lock_acquire+0x1e4/0x540
[ 1616.279673]  ? __fget+0x4ac/0x740
[ 1616.279686]  ? lock_downgrade+0x8f0/0x8f0
[ 1616.279709]  ? lock_release+0xa30/0xa30
[ 1616.312066]  ? pid_task+0x115/0x200
[ 1616.315686]  ? find_vpid+0xf0/0xf0
[ 1616.319221]  ? __f_unlock_pos+0x19/0x20
[ 1616.323188]  ? __fget+0x4d5/0x740
[ 1616.326637]  ? ksys_dup3+0x690/0x690
[ 1616.330346]  ? kasan_check_write+0x14/0x20
[ 1616.334575]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1616.339497]  ? fsnotify+0xbac/0x14e0
[ 1616.343206]  ? vfs_write+0x2f3/0x560
[ 1616.346914]  ? binder_ioctl_write_read.isra.42+0xb10/0xb10
[ 1616.352534]  do_vfs_ioctl+0x1de/0x1720
[ 1616.356414]  ? fsnotify_first_mark+0x350/0x350
[ 1616.360988]  ? __fsnotify_parent+0xcc/0x420
[ 1616.365312]  ? ioctl_preallocate+0x300/0x300
[ 1616.369717]  ? __fget_light+0x2f7/0x440
[ 1616.373684]  ? fget_raw+0x20/0x20
[ 1616.377136]  ? __sb_end_write+0xac/0xe0
[ 1616.381109]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1616.386644]  ? fput+0x130/0x1a0
[ 1616.389914]  ? ksys_write+0x1ae/0x260
[ 1616.393708]  ? security_file_ioctl+0x94/0xc0
[ 1616.398111]  ksys_ioctl+0xa9/0xd0
[ 1616.401559]  __x64_sys_ioctl+0x73/0xb0
[ 1616.405443]  do_syscall_64+0x1b9/0x820
[ 1616.409320]  ? finish_task_switch+0x1d3/0x870
[ 1616.413818]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1616.418741]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1616.423666]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1616.428681]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1616.433695]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1616.438360]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1616.443201]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1616.448382] RIP: 0033:0x455e29
[ 1616.451556] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1616.470789] RSP: 002b:00007fc4c4420c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1616.478493] RAX: ffffffffffffffda RBX: 00007fc4c44216d4 RCX: 0000000000455e29
[ 1616.485756] RDX: 0000000020012000 RSI: 00000000c0306201 RDI: 0000000000000014
03:45:55 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff0c000000000000}})

03:45:55 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x3, 0x80000002)

03:45:55 executing program 2 (fault-call:1 fault-nth:28):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1616.493031] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[ 1616.500302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[ 1616.507560] R13: 00000000004bca1c R14: 00000000004caeb0 R15: 0000000000000000
[ 1616.514848] CPU: 1 PID: 17786 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1616.523262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1616.532624] Call Trace:
[ 1616.535227]  dump_stack+0x1c9/0x2b4
[ 1616.538861]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1616.544072]  ? __kernel_text_address+0xd/0x40
[ 1616.545363] binder: 17757:17767 ioctl c0306201 200003c0 returned -22
[ 1616.548586]  ? unwind_get_return_address+0x61/0xa0
[ 1616.548605]  should_fail.cold.4+0xa/0x11
[ 1616.548625]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1616.563595] binder: 17764:17771 ioctl c0306201 20012000 returned -12
[ 1616.564080]  ? save_stack+0xa9/0xd0
[ 1616.564103]  ? save_stack+0x43/0xd0
[ 1616.582916]  ? kasan_kmalloc+0xc4/0xe0
[ 1616.586814]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1616.591660]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1616.596857]  ? __list_lru_init+0x4d6/0x840
[ 1616.601111]  ? alloc_super+0x9a6/0xb10
[ 1616.605011]  ? vfs_get_super+0x6e/0x270
[ 1616.608992]  ? proc_get_tree+0x88/0xb0
[ 1616.612885]  ? vfs_get_tree+0x1cb/0x5c0
[ 1616.616864]  ? do_mount+0x6c1/0x1fb0
[ 1616.620578]  ? ksys_mount+0x12d/0x140
[ 1616.624379]  ? __x64_sys_mount+0xbe/0x150
[ 1616.628533]  ? do_syscall_64+0x1b9/0x820
[ 1616.632600]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1616.637973]  ? save_stack+0xa9/0xd0
[ 1616.641614]  ? lock_acquire+0x1e4/0x540
[ 1616.645601]  ? fs_reclaim_acquire+0x20/0x20
[ 1616.649938]  ? lock_downgrade+0x8f0/0x8f0
[ 1616.654113]  ? __x64_sys_mount+0xbe/0x150
[ 1616.658275]  ? check_same_owner+0x340/0x340
[ 1616.662618]  ? rcu_note_context_switch+0x730/0x730
[ 1616.667570]  __should_failslab+0x124/0x180
[ 1616.671821]  should_failslab+0x9/0x14
[ 1616.675636]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1616.680321]  ? kasan_kmalloc+0xc4/0xe0
[ 1616.684230]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1616.689272]  ? kvfree_rcu+0x20/0x20
[ 1616.692923]  ? __kmalloc_node+0x47/0x70
[ 1616.696910]  __list_lru_init+0x4d6/0x840
[ 1616.700991]  ? list_lru_destroy+0x500/0x500
[ 1616.705325]  ? prealloc_shrinker+0x213/0x480
[ 1616.709719]  ? __init_waitqueue_head+0x9e/0x150
[ 1616.714376]  ? inactive_list_is_low+0x850/0x850
[ 1616.719059]  ? __lockdep_init_map+0x105/0x590
[ 1616.723551]  alloc_super+0x9a6/0xb10
[ 1616.727271]  ? destroy_unused_super.part.11+0x110/0x110
[ 1616.732619]  ? lock_downgrade+0x8f0/0x8f0
[ 1616.736767]  ? kasan_check_read+0x11/0x20
[ 1616.740911]  ? do_raw_spin_trylock+0x1c0/0x1c0
03:45:55 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:55 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xc00000000000000, 0x80000002)

03:45:55 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}})

03:45:55 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xf0ffff, 0x80000002)

03:45:55 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x5d, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:55 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x6000000, 0x80000002)

03:45:55 executing program 1 (fault-call:3 fault-nth:1):
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

[ 1616.745483]  ? kasan_check_write+0x14/0x20
[ 1616.749703]  ? do_raw_spin_lock+0xc1/0x200
[ 1616.753938]  ? ns_test_super+0x50/0x50
[ 1616.757820]  sget_fc+0x269/0x950
[ 1616.761187]  ? compare_single+0x10/0x10
[ 1616.765167]  ? alloc_super+0xb10/0xb10
[ 1616.769058]  ? kasan_kmalloc+0xc4/0xe0
[ 1616.772958]  ? __kmalloc_track_caller+0x311/0x760
[ 1616.777810]  ? proc_root_lookup+0x60/0x60
[ 1616.781964]  vfs_get_super+0x6e/0x270
[ 1616.785767]  proc_get_tree+0x88/0xb0
[ 1616.789510]  vfs_get_tree+0x1cb/0x5c0
[ 1616.793318]  do_mount+0x6c1/0x1fb0
[ 1616.796862]  ? check_same_owner+0x340/0x340
[ 1616.801187]  ? lock_release+0xa30/0xa30
[ 1616.805172]  ? copy_mount_string+0x40/0x40
[ 1616.809420]  ? kasan_kmalloc+0xc4/0xe0
[ 1616.810417] binder: 17802:17805 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1616.813348]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1616.813387]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1616.813418]  ? _copy_from_user+0xdf/0x150
[ 1616.813439]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1616.813471]  ? copy_mount_options+0x285/0x380
03:45:55 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x6c00000000000000, 0x80000002)

[ 1616.821801] binder: 17802:17805 unknown command 0
[ 1616.826618]  ksys_mount+0x12d/0x140
[ 1616.826634]  __x64_sys_mount+0xbe/0x150
[ 1616.826655]  do_syscall_64+0x1b9/0x820
[ 1616.862599]  ? finish_task_switch+0x1d3/0x870
[ 1616.863282] binder: 17802:17805 ioctl c0306201 200003c0 returned -22
[ 1616.867100]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1616.867117]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1616.867132]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1616.867148]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1616.867162]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1616.867176]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1616.867194]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1616.867211] RIP: 0033:0x455e29
[ 1616.907394] binder: BINDER_SET_CONTEXT_MGR already set
[ 1616.908195] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1616.919334] binder: 17802:17805 ioctl 40046207 0 returned -16
03:45:56 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xe000000, 0x80000002)

03:45:56 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xe00000000000000, 0x80000002)

[ 1616.935911] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1616.935925] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1616.935932] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1616.935939] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1616.935945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1616.935952] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000001c
[ 1616.992134] FAULT_INJECTION: forcing a failure.
[ 1616.992134] name failslab, interval 1, probability 0, space 0, times 0
[ 1616.995134] binder: 17802:17820 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1617.003397] CPU: 0 PID: 17817 Comm: syz-executor1 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1617.003406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1617.003410] Call Trace:
[ 1617.003433]  dump_stack+0x1c9/0x2b4
[ 1617.003455]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1617.010397] binder: 17802:17820 unknown command 0
[ 1617.018785]  should_fail.cold.4+0xa/0x11
[ 1617.018805]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1617.018828]  ? __mutex_lock+0x6c4/0x1680
[ 1617.030913] binder: 17802:17820 ioctl c0306201 200003c0 returned -22
[ 1617.034377]  ? binder_thread_write+0x1864/0x2c30
[ 1617.034397]  ? mutex_trylock+0x2b0/0x2b0
[ 1617.034419]  ? lock_acquire+0x1e4/0x540
[ 1617.034438]  ? fs_reclaim_acquire+0x20/0x20
[ 1617.081208]  ? lock_downgrade+0x8f0/0x8f0
[ 1617.085378]  ? lock_acquire+0x1e4/0x540
[ 1617.089365]  ? check_same_owner+0x340/0x340
[ 1617.093691]  ? rcu_note_context_switch+0x730/0x730
[ 1617.098629]  __should_failslab+0x124/0x180
[ 1617.102880]  should_failslab+0x9/0x14
[ 1617.106691]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1617.111382]  ? do_raw_spin_lock+0xc1/0x200
[ 1617.115622]  ? _raw_spin_unlock+0x22/0x30
[ 1617.119776]  binder_inc_ref_for_node+0x225/0xbb0
[ 1617.124544]  ? check_same_owner+0x340/0x340
[ 1617.129031]  ? binder_poll+0x3b0/0x3b0
[ 1617.132929]  binder_thread_write+0x18a8/0x2c30
[ 1617.137524]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 1617.142566]  ? binder_transaction+0x7930/0x7930
[ 1617.147242]  ? lock_downgrade+0x8f0/0x8f0
[ 1617.151399]  ? lock_release+0xa30/0xa30
[ 1617.155381]  ? kasan_check_read+0x11/0x20
[ 1617.159536]  ? rcu_is_watching+0x8c/0x150
[ 1617.163691]  ? rcu_cleanup_dead_rnp+0x200/0x200
[ 1617.168371]  ? trace_hardirqs_on+0x10/0x10
[ 1617.172628]  ? is_bpf_text_address+0xd7/0x170
[ 1617.177137]  ? kernel_text_address+0x79/0xf0
[ 1617.181555]  ? __kernel_text_address+0xd/0x40
[ 1617.186059]  ? ___ratelimit.cold.2+0x6b/0x6b
[ 1617.190480]  ? __save_stack_trace+0x8d/0xf0
[ 1617.194836]  ? save_stack+0xa9/0xd0
[ 1617.198477]  ? save_stack+0x43/0xd0
[ 1617.202110]  ? kasan_kmalloc+0xc4/0xe0
[ 1617.205999]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1617.210857]  ? lock_acquire+0x1e4/0x540
[ 1617.214848]  ? __might_fault+0x12b/0x1e0
[ 1617.218925]  ? lock_downgrade+0x8f0/0x8f0
[ 1617.223086]  ? lock_release+0xa30/0xa30
[ 1617.227075]  ? check_same_owner+0x340/0x340
[ 1617.231416]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1617.236968]  ? _copy_from_user+0xdf/0x150
[ 1617.241133]  binder_ioctl_write_read.isra.42+0x2e7/0xb10
[ 1617.246598]  ? binder_thread_write+0x2c30/0x2c30
[ 1617.251369]  ? _raw_spin_unlock+0x22/0x30
[ 1617.255533]  ? _binder_inner_proc_unlock+0x43/0x50
[ 1617.260504]  ? binder_get_thread+0x1b6/0x880
[ 1617.264922]  ? binder_open+0x920/0x920
[ 1617.268818]  ? check_same_owner+0x340/0x340
[ 1617.273149]  ? rcu_note_context_switch+0x730/0x730
[ 1617.278107]  binder_ioctl+0xd2f/0x141e
[ 1617.282004]  ? binder_ioctl_write_read.isra.42+0xb10/0xb10
[ 1617.287647]  ? lock_acquire+0x1e4/0x540
[ 1617.291631]  ? __fget+0x4ac/0x740
03:45:56 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x7000000, 0x80000002)

03:45:56 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x7400, 0x80000002)

03:45:56 executing program 2 (fault-call:1 fault-nth:29):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:56 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000}})

03:45:56 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x4103, 0x80000002)

03:45:56 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}})

[ 1617.295093]  ? lock_downgrade+0x8f0/0x8f0
[ 1617.299252]  ? lock_release+0xa30/0xa30
[ 1617.303237]  ? pid_task+0x115/0x200
[ 1617.306876]  ? find_vpid+0xf0/0xf0
[ 1617.310430]  ? __f_unlock_pos+0x19/0x20
[ 1617.314411]  ? __fget+0x4d5/0x740
[ 1617.317871]  ? ksys_dup3+0x690/0x690
[ 1617.321601]  ? kasan_check_write+0x14/0x20
[ 1617.325847]  ? __mutex_unlock_slowpath+0x197/0x8c0
[ 1617.330785]  ? fsnotify+0xbac/0x14e0
[ 1617.334508]  ? vfs_write+0x2f3/0x560
[ 1617.338235]  ? binder_ioctl_write_read.isra.42+0xb10/0xb10
[ 1617.343870]  do_vfs_ioctl+0x1de/0x1720
[ 1617.344108] FAULT_INJECTION: forcing a failure.
[ 1617.344108] name failslab, interval 1, probability 0, space 0, times 0
[ 1617.347765]  ? fsnotify_first_mark+0x350/0x350
[ 1617.347780]  ? __fsnotify_parent+0xcc/0x420
[ 1617.347796]  ? ioctl_preallocate+0x300/0x300
[ 1617.347820]  ? __fget_light+0x2f7/0x440
[ 1617.376220]  ? fget_raw+0x20/0x20
[ 1617.379670]  ? __sb_end_write+0xac/0xe0
[ 1617.383641]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 1617.389172]  ? fput+0x130/0x1a0
[ 1617.392443]  ? ksys_write+0x1ae/0x260
[ 1617.396240]  ? security_file_ioctl+0x94/0xc0
[ 1617.400640]  ksys_ioctl+0xa9/0xd0
[ 1617.404088]  __x64_sys_ioctl+0x73/0xb0
[ 1617.407972]  do_syscall_64+0x1b9/0x820
[ 1617.411851]  ? finish_task_switch+0x1d3/0x870
[ 1617.416344]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1617.421265]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1617.426185]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1617.431198]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1617.436222]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1617.440883]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1617.445727]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1617.450905] RIP: 0033:0x455e29
[ 1617.454079] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1617.473329] RSP: 002b:00007fc4c4420c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1617.481030] RAX: ffffffffffffffda RBX: 00007fc4c44216d4 RCX: 0000000000455e29
[ 1617.488289] RDX: 0000000020012000 RSI: 00000000c0306201 RDI: 0000000000000014
[ 1617.495551] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[ 1617.502808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[ 1617.510068] R13: 00000000004bca1c R14: 00000000004caeb0 R15: 0000000000000001
[ 1617.517345] CPU: 1 PID: 17850 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1617.517434] binder: 17801:17817 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1617.525742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1617.525747] Call Trace:
[ 1617.525767]  dump_stack+0x1c9/0x2b4
[ 1617.525785]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1617.554887]  ? __kernel_text_address+0xd/0x40
[ 1617.559396]  ? unwind_get_return_address+0x61/0xa0
[ 1617.564336]  should_fail.cold.4+0xa/0x11
[ 1617.568407]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1617.573521]  ? save_stack+0xa9/0xd0
[ 1617.577173]  ? save_stack+0x43/0xd0
[ 1617.580806]  ? kasan_kmalloc+0xc4/0xe0
[ 1617.584695]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1617.589551]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1617.594741]  ? __list_lru_init+0x4d6/0x840
[ 1617.598979]  ? alloc_super+0x9a6/0xb10
[ 1617.602883]  ? vfs_get_super+0x6e/0x270
[ 1617.606865]  ? proc_get_tree+0x88/0xb0
[ 1617.610762]  ? vfs_get_tree+0x1cb/0x5c0
[ 1617.615546]  ? do_mount+0x6c1/0x1fb0
[ 1617.619266]  ? ksys_mount+0x12d/0x140
[ 1617.623078]  ? __x64_sys_mount+0xbe/0x150
[ 1617.627234]  ? do_syscall_64+0x1b9/0x820
[ 1617.631296]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1617.636651]  ? save_stack+0xa9/0xd0
[ 1617.640286]  ? lock_acquire+0x1e4/0x540
[ 1617.644257]  ? fs_reclaim_acquire+0x20/0x20
[ 1617.648579]  ? lock_downgrade+0x8f0/0x8f0
[ 1617.652721]  ? __x64_sys_mount+0xbe/0x150
[ 1617.656862]  ? check_same_owner+0x340/0x340
[ 1617.661172]  ? rcu_note_context_switch+0x730/0x730
[ 1617.666098]  __should_failslab+0x124/0x180
[ 1617.670324]  should_failslab+0x9/0x14
[ 1617.674108]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1617.678778]  ? kasan_kmalloc+0xc4/0xe0
[ 1617.682656]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1617.687656]  ? kvfree_rcu+0x20/0x20
[ 1617.691276]  ? __kmalloc_node+0x47/0x70
[ 1617.695236]  __list_lru_init+0x4d6/0x840
[ 1617.699313]  ? list_lru_destroy+0x500/0x500
[ 1617.703623]  ? prealloc_shrinker+0x213/0x480
[ 1617.708024]  ? __init_waitqueue_head+0x9e/0x150
[ 1617.712686]  ? inactive_list_is_low+0x850/0x850
[ 1617.717342]  ? __lockdep_init_map+0x105/0x590
[ 1617.721830]  alloc_super+0x9a6/0xb10
[ 1617.725531]  ? destroy_unused_super.part.11+0x110/0x110
[ 1617.730889]  ? lock_downgrade+0x8f0/0x8f0
[ 1617.735040]  ? kasan_check_read+0x11/0x20
[ 1617.739180]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1617.743749]  ? kasan_check_write+0x14/0x20
[ 1617.747964]  ? do_raw_spin_lock+0xc1/0x200
[ 1617.752184]  ? ns_test_super+0x50/0x50
[ 1617.756063]  sget_fc+0x269/0x950
[ 1617.759419]  ? compare_single+0x10/0x10
[ 1617.763383]  ? alloc_super+0xb10/0xb10
[ 1617.767264]  ? kasan_kmalloc+0xc4/0xe0
[ 1617.771146]  ? __kmalloc_track_caller+0x311/0x760
[ 1617.776016]  ? proc_root_lookup+0x60/0x60
[ 1617.780159]  vfs_get_super+0x6e/0x270
[ 1617.783946]  proc_get_tree+0x88/0xb0
[ 1617.787644]  vfs_get_tree+0x1cb/0x5c0
[ 1617.791440]  do_mount+0x6c1/0x1fb0
[ 1617.794984]  ? check_same_owner+0x340/0x340
[ 1617.799306]  ? copy_mount_string+0x40/0x40
[ 1617.803525]  ? retint_kernel+0x10/0x10
[ 1617.807399]  ? copy_mount_options+0x213/0x380
[ 1617.811883]  ? write_comp_data+0x22/0x70
[ 1617.815947]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1617.821481]  ? copy_mount_options+0x285/0x380
[ 1617.825981]  ksys_mount+0x12d/0x140
[ 1617.829613]  __x64_sys_mount+0xbe/0x150
[ 1617.833595]  do_syscall_64+0x1b9/0x820
[ 1617.837491]  ? finish_task_switch+0x1d3/0x870
[ 1617.841998]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1617.846938]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1617.851876]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1617.856917]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1617.861945]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1617.866624]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1617.871483]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1617.876675] RIP: 0033:0x455e29
[ 1617.879860] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
03:45:56 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:56 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x7a, 0x80000002)

03:45:56 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff0c0000}})

03:45:56 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x4000000, 0x80000002)

03:45:56 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xc, 0x80000002)

03:45:56 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x9, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:56 executing program 1 (fault-call:3 fault-nth:2):
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:56 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:56 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xffffff9e, 0x80000002)

[ 1617.899148] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1617.906869] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1617.914147] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1617.921444] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1617.928720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1617.936001] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000001d
03:45:57 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}})

03:45:57 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x10, 0x80000002)

03:45:57 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x7a000000, 0x80000002)

[ 1617.946921] binder: 17862:17870 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1617.970744] binder: BINDER_SET_CONTEXT_MGR already set
[ 1617.988840] binder: 17862:17870 ioctl 40046207 0 returned -16
03:45:57 executing program 2 (fault-call:1 fault-nth:30):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:57 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xb00000000000000, 0x80000002)

03:45:57 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x40046205, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

[ 1618.019237] binder: 17862:17888 BC_CLEAR_DEATH_NOTIFICATION death notification not active
03:45:57 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000))

[ 1618.121582] FAULT_INJECTION: forcing a failure.
[ 1618.121582] name failslab, interval 1, probability 0, space 0, times 0
[ 1618.132894] CPU: 1 PID: 17907 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1618.141307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1618.150670] Call Trace:
[ 1618.153274]  dump_stack+0x1c9/0x2b4
[ 1618.156941]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1618.162171]  ? __kernel_text_address+0xd/0x40
[ 1618.166677]  ? unwind_get_return_address+0x61/0xa0
[ 1618.171626]  should_fail.cold.4+0xa/0x11
[ 1618.175706]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1618.180823]  ? save_stack+0xa9/0xd0
[ 1618.184466]  ? save_stack+0x43/0xd0
[ 1618.188109]  ? kasan_kmalloc+0xc4/0xe0
[ 1618.192005]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1618.196859]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1618.202061]  ? __list_lru_init+0x4d6/0x840
[ 1618.206311]  ? alloc_super+0x9a6/0xb10
[ 1618.210221]  ? vfs_get_super+0x6e/0x270
[ 1618.214212]  ? proc_get_tree+0x88/0xb0
[ 1618.218111]  ? vfs_get_tree+0x1cb/0x5c0
[ 1618.222098]  ? do_mount+0x6c1/0x1fb0
[ 1618.225825]  ? ksys_mount+0x12d/0x140
[ 1618.229644]  ? __x64_sys_mount+0xbe/0x150
[ 1618.233796]  ? do_syscall_64+0x1b9/0x820
[ 1618.237862]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1618.243249]  ? save_stack+0xa9/0xd0
[ 1618.246896]  ? lock_acquire+0x1e4/0x540
[ 1618.250887]  ? fs_reclaim_acquire+0x20/0x20
[ 1618.255211]  ? lock_downgrade+0x8f0/0x8f0
[ 1618.259353]  ? __x64_sys_mount+0xbe/0x150
[ 1618.263495]  ? check_same_owner+0x340/0x340
[ 1618.267810]  ? rcu_note_context_switch+0x730/0x730
[ 1618.272726]  __should_failslab+0x124/0x180
[ 1618.276951]  should_failslab+0x9/0x14
[ 1618.280740]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1618.285396]  ? kasan_kmalloc+0xc4/0xe0
[ 1618.289273]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1618.294282]  ? kvfree_rcu+0x20/0x20
[ 1618.297905]  ? __kmalloc_node+0x47/0x70
[ 1618.301867]  __list_lru_init+0x4d6/0x840
[ 1618.305914]  ? list_lru_destroy+0x500/0x500
[ 1618.310221]  ? prealloc_shrinker+0x213/0x480
[ 1618.314739]  ? __init_waitqueue_head+0x9e/0x150
[ 1618.319398]  ? inactive_list_is_low+0x850/0x850
[ 1618.324073]  ? __lockdep_init_map+0x105/0x590
[ 1618.328558]  alloc_super+0x9a6/0xb10
[ 1618.332260]  ? destroy_unused_super.part.11+0x110/0x110
[ 1618.337626]  ? lock_downgrade+0x8f0/0x8f0
[ 1618.341886]  ? kasan_check_read+0x11/0x20
[ 1618.346030]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1618.350602]  ? kasan_check_write+0x14/0x20
[ 1618.354824]  ? do_raw_spin_lock+0xc1/0x200
[ 1618.359052]  ? ns_test_super+0x50/0x50
[ 1618.362926]  sget_fc+0x269/0x950
[ 1618.366288]  ? compare_single+0x10/0x10
[ 1618.370269]  ? alloc_super+0xb10/0xb10
[ 1618.374144]  ? kasan_kmalloc+0xc4/0xe0
[ 1618.378026]  ? __kmalloc_track_caller+0x311/0x760
[ 1618.382874]  ? proc_root_lookup+0x60/0x60
[ 1618.387013]  vfs_get_super+0x6e/0x270
[ 1618.390810]  proc_get_tree+0x88/0xb0
[ 1618.394523]  vfs_get_tree+0x1cb/0x5c0
[ 1618.398311]  do_mount+0x6c1/0x1fb0
[ 1618.401838]  ? check_same_owner+0x340/0x340
[ 1618.406159]  ? lock_release+0xa30/0xa30
[ 1618.410132]  ? copy_mount_string+0x40/0x40
[ 1618.414374]  ? kasan_kmalloc+0xc4/0xe0
[ 1618.418250]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1618.423083]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1618.428608]  ? _copy_from_user+0xdf/0x150
[ 1618.432745]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1618.438268]  ? copy_mount_options+0x285/0x380
[ 1618.442751]  ksys_mount+0x12d/0x140
[ 1618.446368]  __x64_sys_mount+0xbe/0x150
[ 1618.450331]  do_syscall_64+0x1b9/0x820
[ 1618.454202]  ? finish_task_switch+0x1d3/0x870
[ 1618.458684]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1618.463611]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1618.468531]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1618.473538]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1618.478543]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1618.483208]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1618.488060]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1618.493238] RIP: 0033:0x455e29
[ 1618.496411] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1618.515553] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1618.523248] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1618.530502] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1618.537766] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1618.545034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1618.552289] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000001e
03:45:57 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0045877, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:57 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x63, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:57 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x6c00, 0x80000002)

03:45:57 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:57 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x1000000000000000, 0x80000002)

03:45:57 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x7a00000000000000, 0x80000002)

03:45:57 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000))

03:45:57 executing program 2 (fault-call:1 fault-nth:31):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1618.882151] binder: 17927:17932 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1618.890571] binder: 17927:17932 unknown command 0
[ 1618.907169] binder: 17927:17932 ioctl c0306201 200003c0 returned -22
[ 1618.907742] FAULT_INJECTION: forcing a failure.
[ 1618.907742] name failslab, interval 1, probability 0, space 0, times 0
03:45:58 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xffffffff00000000, 0x80000002)

[ 1618.925070] CPU: 1 PID: 17940 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1618.925239] binder: BINDER_SET_CONTEXT_MGR already set
[ 1618.933470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1618.933476] Call Trace:
[ 1618.933502]  dump_stack+0x1c9/0x2b4
[ 1618.933519]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1618.933541]  ? __kernel_text_address+0xd/0x40
[ 1618.964279]  ? unwind_get_return_address+0x61/0xa0
[ 1618.968126] binder: 17927:17932 ioctl 40046207 0 returned -16
[ 1618.969314]  should_fail.cold.4+0xa/0x11
[ 1618.969332]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1618.969355]  ? save_stack+0xa9/0xd0
[ 1618.984875] binder: 17927:17948 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1618.987990]  ? save_stack+0x43/0xd0
[ 1618.988007]  ? kasan_kmalloc+0xc4/0xe0
[ 1618.988022]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1618.988042]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1618.996408] binder: 17927:17948 unknown command 0
[ 1618.999995]  ? __list_lru_init+0x4d6/0x840
[ 1619.000011]  ? alloc_super+0x9a6/0xb10
[ 1619.000024]  ? vfs_get_super+0x6e/0x270
03:45:58 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x40049409, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:58 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x1000000000000000, 0x80000002)

03:45:58 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x2000000, 0x80000002)

[ 1619.000045]  ? proc_get_tree+0x88/0xb0
[ 1619.004450] binder: 17927:17948 ioctl c0306201 200003c0 returned -22
[ 1619.008746]  ? vfs_get_tree+0x1cb/0x5c0
[ 1619.008761]  ? do_mount+0x6c1/0x1fb0
[ 1619.008775]  ? ksys_mount+0x12d/0x140
[ 1619.008786]  ? __x64_sys_mount+0xbe/0x150
[ 1619.008806]  ? do_syscall_64+0x1b9/0x820
[ 1619.060858]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1619.066245]  ? save_stack+0xa9/0xd0
[ 1619.069898]  ? lock_acquire+0x1e4/0x540
[ 1619.073894]  ? fs_reclaim_acquire+0x20/0x20
[ 1619.078230]  ? lock_downgrade+0x8f0/0x8f0
03:45:58 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0xa, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

[ 1619.082389]  ? lock_downgrade+0x8f0/0x8f0
[ 1619.086548]  ? check_same_owner+0x340/0x340
[ 1619.090878]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1619.095303]  ? rcu_note_context_switch+0x730/0x730
[ 1619.100247]  __should_failslab+0x124/0x180
[ 1619.104496]  should_failslab+0x9/0x14
[ 1619.108308]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1619.112990]  ? kasan_kmalloc+0xc4/0xe0
[ 1619.116898]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1619.121929]  ? kvfree_rcu+0x20/0x20
[ 1619.125571]  ? __kmalloc_node+0x47/0x70
03:45:58 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x2, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

[ 1619.129561]  __list_lru_init+0x4d6/0x840
[ 1619.133630]  ? list_lru_destroy+0x500/0x500
[ 1619.137971]  ? prealloc_shrinker+0x213/0x480
[ 1619.142391]  ? __init_waitqueue_head+0x9e/0x150
[ 1619.147068]  ? inactive_list_is_low+0x850/0x850
[ 1619.151750]  ? __lockdep_init_map+0x105/0x590
[ 1619.156264]  alloc_super+0x9a6/0xb10
[ 1619.159993]  ? destroy_unused_super.part.11+0x110/0x110
[ 1619.165375]  ? lock_downgrade+0x8f0/0x8f0
[ 1619.169539]  ? kasan_check_read+0x11/0x20
[ 1619.173700]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1619.178295]  ? kasan_check_write+0x14/0x20
03:45:58 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xf000, 0x80000002)

03:45:58 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x9000000, 0x80000002)

[ 1619.182540]  ? do_raw_spin_lock+0xc1/0x200
[ 1619.186787]  ? ns_test_super+0x50/0x50
[ 1619.190618] binder: 17964:17965 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1619.190681]  sget_fc+0x269/0x950
[ 1619.202338]  ? compare_single+0x10/0x10
[ 1619.206325]  ? alloc_super+0xb10/0xb10
[ 1619.210230]  ? kasan_kmalloc+0xc4/0xe0
[ 1619.214138]  ? __kmalloc_track_caller+0x311/0x760
[ 1619.218990]  ? proc_root_lookup+0x60/0x60
[ 1619.223153]  vfs_get_super+0x6e/0x270
[ 1619.226971]  proc_get_tree+0x88/0xb0
03:45:58 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306203, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

[ 1619.230694]  vfs_get_tree+0x1cb/0x5c0
[ 1619.234507]  do_mount+0x6c1/0x1fb0
[ 1619.238058]  ? check_same_owner+0x340/0x340
[ 1619.242391]  ? lock_release+0xa30/0xa30
[ 1619.245490] binder: BINDER_SET_CONTEXT_MGR already set
[ 1619.246377]  ? copy_mount_string+0x40/0x40
[ 1619.246395]  ? kasan_kmalloc+0xc4/0xe0
[ 1619.246413]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1619.246435]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1619.270158]  ? _copy_from_user+0xdf/0x150
[ 1619.274326]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
03:45:58 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xe00000000000000, 0x80000002)

[ 1619.279880]  ? copy_mount_options+0x285/0x380
[ 1619.282734] binder: 17964:17965 ioctl 40046207 0 returned -16
[ 1619.284389]  ksys_mount+0x12d/0x140
[ 1619.284409]  __x64_sys_mount+0xbe/0x150
[ 1619.284426]  do_syscall_64+0x1b9/0x820
[ 1619.284447]  ? finish_task_switch+0x1d3/0x870
[ 1619.306262]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1619.311212]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1619.316152]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1619.321176]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1619.326206]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1619.327204] binder: 17978:17979 ioctl c0306203 20012000 returned -22
[ 1619.330888]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1619.330909]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1619.330925] RIP: 0033:0x455e29
[ 1619.339372] binder: 17964:17980 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1619.342240] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
03:45:58 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x6c000000, 0x80000002)

[ 1619.378151] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1619.385876] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1619.393153] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1619.400431] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1619.407706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1619.414982] R13: 00000000004c248a R14: 00000000004d0058 R15: 000000000000001f
03:45:59 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:45:59 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000))

03:45:59 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x223, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:45:59 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x4c, 0x80000002)

03:45:59 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xf000000, 0x80000002)

03:45:59 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x4020940d, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:59 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x300, 0x80000002)

03:45:59 executing program 2 (fault-call:1 fault-nth:32):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:45:59 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000))

[ 1620.433343] binder: 18000:18002 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1620.441842] binder: 18000:18002 unknown command 0
[ 1620.469136] binder: 18000:18002 ioctl c0306201 200003c0 returned -22
03:45:59 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0189436, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:45:59 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x7a00, 0x80000002)

[ 1620.481373] FAULT_INJECTION: forcing a failure.
[ 1620.481373] name failslab, interval 1, probability 0, space 0, times 0
[ 1620.492679] CPU: 1 PID: 18006 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1620.501095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1620.510451] Call Trace:
[ 1620.513052]  dump_stack+0x1c9/0x2b4
[ 1620.516699]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1620.517674] binder: BINDER_SET_CONTEXT_MGR already set
[ 1620.521902]  ? __kernel_text_address+0xd/0x40
03:45:59 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x6c00, 0x80000002)

03:45:59 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x6c, 0x80000002)

[ 1620.521919]  ? unwind_get_return_address+0x61/0xa0
[ 1620.521944]  should_fail.cold.4+0xa/0x11
[ 1620.535176] binder: 18000:18002 ioctl 40046207 0 returned -16
[ 1620.536628]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1620.536649]  ? save_stack+0xa9/0xd0
[ 1620.536669]  ? save_stack+0x43/0xd0
[ 1620.558927]  ? kasan_kmalloc+0xc4/0xe0
[ 1620.562827]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1620.567681]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1620.572885]  ? __list_lru_init+0x4d6/0x840
[ 1620.577130]  ? alloc_super+0x9a6/0xb10
[ 1620.581029]  ? vfs_get_super+0x6e/0x270
[ 1620.583407] binder: 18000:18031 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1620.585006]  ? proc_get_tree+0x88/0xb0
[ 1620.585022]  ? vfs_get_tree+0x1cb/0x5c0
[ 1620.585037]  ? do_mount+0x6c1/0x1fb0
[ 1620.585051]  ? ksys_mount+0x12d/0x140
[ 1620.585064]  ? __x64_sys_mount+0xbe/0x150
[ 1620.585083]  ? do_syscall_64+0x1b9/0x820
[ 1620.593421] binder: 18000:18031 unknown command 0
[ 1620.597281]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1620.597299]  ? save_stack+0xa9/0xd0
03:45:59 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x9000000, 0x80000002)

03:45:59 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xf, 0x80000002)

[ 1620.597321]  ? lock_acquire+0x1e4/0x540
[ 1620.634747]  ? fs_reclaim_acquire+0x20/0x20
[ 1620.639086]  ? lock_downgrade+0x8f0/0x8f0
[ 1620.643239]  ? __x64_sys_mount+0xbe/0x150
[ 1620.647405]  ? check_same_owner+0x340/0x340
[ 1620.651742]  ? rcu_note_context_switch+0x730/0x730
[ 1620.656698]  __should_failslab+0x124/0x180
[ 1620.660956]  should_failslab+0x9/0x14
[ 1620.664778]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1620.669461]  ? kasan_kmalloc+0xc4/0xe0
[ 1620.673360]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1620.678390]  ? kvfree_rcu+0x20/0x20
[ 1620.682041]  ? __kmalloc_node+0x47/0x70
[ 1620.682218] binder: 18000:18031 ioctl c0306201 200003c0 returned -22
[ 1620.686021]  __list_lru_init+0x4d6/0x840
[ 1620.686039]  ? list_lru_destroy+0x500/0x500
[ 1620.686059]  ? prealloc_shrinker+0x213/0x480
[ 1620.686072]  ? __init_waitqueue_head+0x9e/0x150
[ 1620.686091]  ? inactive_list_is_low+0x850/0x850
[ 1620.714668]  ? __lockdep_init_map+0x105/0x590
[ 1620.719174]  alloc_super+0x9a6/0xb10
[ 1620.723076]  ? destroy_unused_super.part.11+0x110/0x110
[ 1620.728452]  ? lock_downgrade+0x8f0/0x8f0
03:45:59 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xa00000000000000, 0x80000002)

[ 1620.732620]  ? kasan_check_read+0x11/0x20
[ 1620.736785]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1620.741379]  ? kasan_check_write+0x14/0x20
[ 1620.745621]  ? do_raw_spin_lock+0xc1/0x200
[ 1620.749869]  ? ns_test_super+0x50/0x50
[ 1620.753774]  sget_fc+0x269/0x950
[ 1620.757181]  ? compare_single+0x10/0x10
[ 1620.761174]  ? alloc_super+0xb10/0xb10
[ 1620.765074]  ? kasan_kmalloc+0xc4/0xe0
[ 1620.768974]  ? __kmalloc_track_caller+0x311/0x760
[ 1620.773827]  ? proc_root_lookup+0x60/0x60
[ 1620.777987]  vfs_get_super+0x6e/0x270
[ 1620.781799]  proc_get_tree+0x88/0xb0
[ 1620.785526]  vfs_get_tree+0x1cb/0x5c0
[ 1620.789343]  do_mount+0x6c1/0x1fb0
[ 1620.792892]  ? check_same_owner+0x340/0x340
[ 1620.797233]  ? lock_release+0xa30/0xa30
[ 1620.801228]  ? copy_mount_string+0x40/0x40
[ 1620.805477]  ? retint_kernel+0x10/0x10
[ 1620.809385]  ? copy_mount_options+0x1f0/0x380
[ 1620.813896]  ? __sanitizer_cov_trace_pc+0x38/0x50
[ 1620.818792]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1620.824352]  ? copy_mount_options+0x285/0x380
[ 1620.828865]  ksys_mount+0x12d/0x140
[ 1620.832508]  __x64_sys_mount+0xbe/0x150
[ 1620.836498]  do_syscall_64+0x1b9/0x820
[ 1620.840393]  ? finish_task_switch+0x1d3/0x870
[ 1620.844901]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1620.849838]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1620.854785]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1620.859815]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1620.864843]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1620.869521]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1620.874381]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1620.879579] RIP: 0033:0x455e29
[ 1620.882800] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1620.901949] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1620.909670] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1620.916944] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1620.924223] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1620.931500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1620.938774] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000020
03:46:00 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:46:00 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x1000000, 0x80000002)

03:46:00 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0xe, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:46:00 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x7400000000000000, 0x80000002)

03:46:00 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000))

03:46:00 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5421, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:46:00 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x7400000000000000, 0x80000002)

03:46:00 executing program 2 (fault-call:1 fault-nth:33):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

[ 1621.300899] FAULT_INJECTION: forcing a failure.
[ 1621.300899] name failslab, interval 1, probability 0, space 0, times 0
[ 1621.312272] CPU: 1 PID: 18061 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1621.320685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1621.330052] Call Trace:
[ 1621.332655]  dump_stack+0x1c9/0x2b4
[ 1621.336295]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1621.341503]  ? __kernel_text_address+0xd/0x40
[ 1621.346003]  ? unwind_get_return_address+0x61/0xa0
[ 1621.350944]  should_fail.cold.4+0xa/0x11
[ 1621.355017]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1621.360138]  ? save_stack+0xa9/0xd0
[ 1621.363778]  ? save_stack+0x43/0xd0
[ 1621.367419]  ? kasan_kmalloc+0xc4/0xe0
[ 1621.371320]  ? kmem_cache_alloc_trace+0x152/0x780
[ 1621.376176]  ? __memcg_init_list_lru_node+0x185/0x2d0
[ 1621.381376]  ? __list_lru_init+0x4d6/0x840
[ 1621.385624]  ? alloc_super+0x9a6/0xb10
[ 1621.389526]  ? vfs_get_super+0x6e/0x270
[ 1621.393511]  ? proc_get_tree+0x88/0xb0
[ 1621.397408]  ? vfs_get_tree+0x1cb/0x5c0
[ 1621.401387]  ? do_mount+0x6c1/0x1fb0
[ 1621.405127]  ? ksys_mount+0x12d/0x140
[ 1621.408939]  ? __x64_sys_mount+0xbe/0x150
[ 1621.413099]  ? do_syscall_64+0x1b9/0x820
[ 1621.417172]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1621.422553]  ? save_stack+0xa9/0xd0
[ 1621.426201]  ? lock_acquire+0x1e4/0x540
[ 1621.430188]  ? fs_reclaim_acquire+0x20/0x20
[ 1621.434518]  ? lock_downgrade+0x8f0/0x8f0
[ 1621.438670]  ? lock_downgrade+0x8f0/0x8f0
[ 1621.442833]  ? check_same_owner+0x340/0x340
[ 1621.447160]  ? do_raw_spin_unlock+0xa7/0x2f0
03:46:00 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x4c000000, 0x80000002)

03:46:00 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xd, 0x80000002)

03:46:00 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x100000000000000, 0x80000002)

03:46:00 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x4000000, 0x80000002)

[ 1621.451573]  ? rcu_note_context_switch+0x730/0x730
[ 1621.456514]  __should_failslab+0x124/0x180
[ 1621.460765]  should_failslab+0x9/0x14
[ 1621.464582]  kmem_cache_alloc_trace+0x2cb/0x780
[ 1621.469269]  ? kasan_kmalloc+0xc4/0xe0
[ 1621.473178]  __memcg_init_list_lru_node+0x185/0x2d0
[ 1621.478203]  ? kvfree_rcu+0x20/0x20
[ 1621.481839]  ? __kmalloc_node+0x47/0x70
[ 1621.485826]  __list_lru_init+0x4d6/0x840
[ 1621.489903]  ? list_lru_destroy+0x500/0x500
03:46:00 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x500000000000000, 0x80000002)

[ 1621.494201] binder: 18067:18077 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1621.494239]  ? prealloc_shrinker+0x213/0x480
[ 1621.506940]  ? __init_waitqueue_head+0x9e/0x150
[ 1621.511614]  ? inactive_list_is_low+0x850/0x850
[ 1621.516293]  ? __lockdep_init_map+0x105/0x590
[ 1621.516504] binder: BINDER_SET_CONTEXT_MGR already set
[ 1621.520793]  alloc_super+0x9a6/0xb10
[ 1621.520813]  ? destroy_unused_super.part.11+0x110/0x110
[ 1621.520829]  ? lock_downgrade+0x8f0/0x8f0
[ 1621.520849]  ? kasan_check_read+0x11/0x20
[ 1621.520863]  ? do_raw_spin_trylock+0x1c0/0x1c0
[ 1621.520881]  ? kasan_check_write+0x14/0x20
[ 1621.552256]  ? do_raw_spin_lock+0xc1/0x200
[ 1621.556509]  ? ns_test_super+0x50/0x50
[ 1621.557588] binder: 18067:18100 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1621.560402]  sget_fc+0x269/0x950
[ 1621.560418]  ? compare_single+0x10/0x10
[ 1621.560434]  ? alloc_super+0xb10/0xb10
[ 1621.560451]  ? kasan_kmalloc+0xc4/0xe0
[ 1621.560469]  ? __kmalloc_track_caller+0x311/0x760
[ 1621.587759] binder: 18067:18077 ioctl 40046207 0 returned -16
[ 1621.588690]  ? proc_root_lookup+0x60/0x60
[ 1621.588709]  vfs_get_super+0x6e/0x270
03:46:00 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5452, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:46:00 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x3000000, 0x80000002)

03:46:00 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xd0e0000, 0x80000002)

[ 1621.588726]  proc_get_tree+0x88/0xb0
[ 1621.588741]  vfs_get_tree+0x1cb/0x5c0
[ 1621.588760]  do_mount+0x6c1/0x1fb0
[ 1621.613568]  ? check_same_owner+0x340/0x340
[ 1621.618520]  ? lock_release+0xa30/0xa30
[ 1621.622503]  ? copy_mount_string+0x40/0x40
[ 1621.626755]  ? kasan_kmalloc+0xc4/0xe0
[ 1621.630670]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1621.635529]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1621.641075]  ? _copy_from_user+0xdf/0x150
[ 1621.645241]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1621.650796]  ? copy_mount_options+0x285/0x380
[ 1621.655306]  ksys_mount+0x12d/0x140
[ 1621.658944]  __x64_sys_mount+0xbe/0x150
[ 1621.662928]  do_syscall_64+0x1b9/0x820
[ 1621.666824]  ? finish_task_switch+0x1d3/0x870
[ 1621.671332]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1621.676274]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1621.681217]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1621.686243]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1621.691273]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1621.696012]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1621.700873]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1621.706067] RIP: 0033:0x455e29
[ 1621.709253] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1621.728491] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1621.736210] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1621.743487] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1621.750765] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1621.758058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1621.765336] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000021
03:46:01 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000240)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:46:01 executing program 5:
r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x6, 0x0, &(0x7f0000000240)=[@clear_death={0x400c630f}], 0x0, 0x0, &(0x7f0000000300)})

03:46:01 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x40046207, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:46:01 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x8000000, 0x80000002)

03:46:01 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x48000000, 0x80000002)

03:46:01 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000))

03:46:01 executing program 2 (fault-call:1 fault-nth:34):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000b79ff8)='./file0\x00', &(0x7f0000db0ff8)='./file0\x00', &(0x7f0000f9cffb)='proc\x00', 0x0, &(0x7f0000000040))

03:46:01 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0x700, 0x80000002)

[ 1622.199570] binder: BINDER_SET_CONTEXT_MGR already set
[ 1622.215654] FAULT_INJECTION: forcing a failure.
[ 1622.215654] name failslab, interval 1, probability 0, space 0, times 0
[ 1622.226976] CPU: 0 PID: 18134 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1622.235404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1622.244768] Call Trace:
[ 1622.247372]  dump_stack+0x1c9/0x2b4
[ 1622.251013]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1622.256225]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1622.257053] binder: 18132:18140 ioctl 40046207 0 returned -16
[ 1622.261769]  ? replace_slot+0xc9/0x4c0
[ 1622.261793]  should_fail.cold.4+0xa/0x11
[ 1622.275603]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[ 1622.280720]  ? save_stack+0xa9/0xd0
[ 1622.284365]  ? save_stack+0x43/0xd0
[ 1622.288007]  ? kasan_kmalloc+0xc4/0xe0
[ 1622.291904]  ? __kmalloc+0x14e/0x760
[ 1622.295636]  ? register_shrinker+0x17/0x40
[ 1622.299883]  ? sget_fc+0x76f/0x950
[ 1622.303439]  ? __radix_tree_replace+0x188/0x2f0
[ 1622.308145]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1622.313696]  ? node_tag_clear+0xc0/0x1c0
[ 1622.317774]  ? lock_acquire+0x1e4/0x540
[ 1622.321760]  ? fs_reclaim_acquire+0x20/0x20
[ 1622.326099]  ? lock_downgrade+0x8f0/0x8f0
[ 1622.330272]  ? check_same_owner+0x340/0x340
[ 1622.334606]  ? rcu_note_context_switch+0x730/0x730
[ 1622.339551]  ? rcu_note_context_switch+0x730/0x730
[ 1622.344496]  __should_failslab+0x124/0x180
[ 1622.348747]  should_failslab+0x9/0x14
[ 1622.352558]  kmem_cache_alloc+0x2af/0x760
[ 1622.356720]  ? lock_downgrade+0x8f0/0x8f0
[ 1622.360873]  ? prealloc_shrinker+0x124/0x480
[ 1622.365288]  ? proc_i_callback+0x30/0x30
[ 1622.369353]  proc_alloc_inode+0x1b/0x190
[ 1622.373416]  alloc_inode+0x63/0x190
[ 1622.377045]  new_inode_pseudo+0x71/0x1a0
[ 1622.381125]  ? prune_icache_sb+0x1b0/0x1b0
[ 1622.385368]  ? register_shrinker+0x38/0x40
[ 1622.389615]  proc_get_inode+0x1e/0x680
[ 1622.393517]  proc_fill_super+0x32c/0x630
[ 1622.397589]  ? proc_root_lookup+0x60/0x60
[ 1622.401843]  ? __kmalloc_track_caller+0x311/0x760
[ 1622.406695]  ? proc_root_lookup+0x60/0x60
[ 1622.410850]  vfs_get_super+0x15e/0x270
[ 1622.414744]  proc_get_tree+0x88/0xb0
[ 1622.418474]  vfs_get_tree+0x1cb/0x5c0
[ 1622.422290]  do_mount+0x6c1/0x1fb0
[ 1622.425845]  ? check_same_owner+0x340/0x340
[ 1622.430178]  ? lock_release+0xa30/0xa30
[ 1622.434167]  ? copy_mount_string+0x40/0x40
[ 1622.438417]  ? kasan_kmalloc+0xc4/0xe0
[ 1622.442318]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1622.447176]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1622.452720]  ? _copy_from_user+0xdf/0x150
[ 1622.456875]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1622.462543]  ? copy_mount_options+0x285/0x380
[ 1622.467047]  ksys_mount+0x12d/0x140
[ 1622.470676]  __x64_sys_mount+0xbe/0x150
[ 1622.474657]  do_syscall_64+0x1b9/0x820
[ 1622.478551]  ? finish_task_switch+0x1d3/0x870
[ 1622.483060]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1622.487998]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1622.492937]  ? prepare_exit_to_usermode+0x3b0/0x3b0
03:46:01 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xe, 0x80000002)

03:46:01 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x4800, 0x80000002)

03:46:01 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000))

03:46:01 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc020660b, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:46:01 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x10000000, 0x80000002)

03:46:01 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xd0e, 0x80000002)

03:46:01 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0045878, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:46:01 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc018620b, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

[ 1622.497964]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1622.502992]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1622.507674]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1622.512525]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1622.517712] RIP: 0033:0x455e29
[ 1622.518772] binder: 18132:18140 Acquire 1 refcount change on invalid ref 0 ret -22
[ 1622.520892] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1622.540532] binder: 18132:18140 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[ 1622.547836] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1622.547851] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1622.547859] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1622.547868] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1622.547876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1622.547884] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000022
[ 1622.548058] proc_fill_super: get root inode failed
[ 1622.574501] binder: 18132:18175 BC_CLEAR_DEATH_NOTIFICATION death notification not active
[ 1622.596634] ==================================================================
[ 1622.619706] BUG: KASAN: use-after-free in dput.part.26+0x634/0x7a0
[ 1622.626042] Read of size 4 at addr ffff880196593080 by task syz-executor2/18134
[ 1622.633483] 
[ 1622.635128] CPU: 0 PID: 18134 Comm: syz-executor2 Not tainted 4.18.0-rc4-next-20180711+ #4
[ 1622.643531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1622.652891] Call Trace:
[ 1622.655493]  dump_stack+0x1c9/0x2b4
[ 1622.659137]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1622.664339]  ? printk+0xa7/0xcf
[ 1622.667638]  ? kmsg_dump_rewind_nolock+0xe4/0xe4
[ 1622.672407]  ? dput.part.26+0x634/0x7a0
[ 1622.676393]  print_address_description+0x6c/0x20b
[ 1622.681250]  ? dput.part.26+0x634/0x7a0
[ 1622.685237]  kasan_report.cold.7+0x242/0x30d
[ 1622.689658]  __asan_report_load4_noabort+0x14/0x20
[ 1622.694581]  dput.part.26+0x634/0x7a0
[ 1622.698368]  ? shrink_dcache_sb+0x350/0x350
[ 1622.702684]  ? __kasan_slab_free+0x131/0x170
[ 1622.707080]  ? trace_hardirqs_on+0xd/0x10
[ 1622.711217]  dput+0x15/0x20
[ 1622.714136]  proc_kill_sb+0x125/0x1e0
[ 1622.717919]  ? proc_get_inode+0x680/0x680
[ 1622.722054]  ? proc_root_lookup+0x60/0x60
[ 1622.726188]  deactivate_locked_super+0x97/0x100
[ 1622.730840]  vfs_get_super+0x20f/0x270
[ 1622.734711]  proc_get_tree+0x88/0xb0
[ 1622.738411]  vfs_get_tree+0x1cb/0x5c0
[ 1622.742199]  do_mount+0x6c1/0x1fb0
[ 1622.745722]  ? check_same_owner+0x340/0x340
[ 1622.750047]  ? lock_release+0xa30/0xa30
[ 1622.754009]  ? copy_mount_string+0x40/0x40
[ 1622.758240]  ? kasan_kmalloc+0xc4/0xe0
[ 1622.762116]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1622.766946]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1622.772477]  ? _copy_from_user+0xdf/0x150
[ 1622.776615]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1622.782670]  ? copy_mount_options+0x285/0x380
[ 1622.787167]  ksys_mount+0x12d/0x140
[ 1622.790781]  __x64_sys_mount+0xbe/0x150
[ 1622.794741]  do_syscall_64+0x1b9/0x820
[ 1622.798616]  ? finish_task_switch+0x1d3/0x870
[ 1622.803099]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1622.808021]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1622.812944]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1622.817963]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1622.822968]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1622.827621]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1622.832454]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1622.837625] RIP: 0033:0x455e29
[ 1622.840794] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1622.859959] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1622.867658] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1622.874914] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1622.882168] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1622.889421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1622.896678] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000022
[ 1622.903938] 
[ 1622.905548] Allocated by task 16658:
[ 1622.909253]  save_stack+0x43/0xd0
[ 1622.912690]  kasan_kmalloc+0xc4/0xe0
[ 1622.916381]  kasan_slab_alloc+0x12/0x20
[ 1622.920342]  kmem_cache_alloc+0x12e/0x760
[ 1622.924504]  __d_alloc+0xc8/0xd50
[ 1622.927947]  d_alloc+0x96/0x380
[ 1622.931208]  d_alloc_name+0xbb/0x120
[ 1622.934901]  proc_setup_self+0xe1/0x3af
[ 1622.938856]  proc_fill_super+0x37e/0x630
[ 1622.942902]  vfs_get_super+0x15e/0x270
[ 1622.946771]  proc_get_tree+0x88/0xb0
[ 1622.950468]  vfs_get_tree+0x1cb/0x5c0
[ 1622.954252]  do_mount+0x6c1/0x1fb0
[ 1622.957774]  ksys_mount+0x12d/0x140
[ 1622.961384]  __x64_sys_mount+0xbe/0x150
[ 1622.965346]  do_syscall_64+0x1b9/0x820
[ 1622.969219]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1622.974385] 
[ 1622.975997] Freed by task 16171:
[ 1622.979354]  save_stack+0x43/0xd0
[ 1622.982791]  __kasan_slab_free+0x11a/0x170
[ 1622.987009]  kasan_slab_free+0xe/0x10
[ 1622.990800]  kmem_cache_free+0x86/0x2d0
[ 1622.994764]  __d_free+0x20/0x30
[ 1622.998034]  rcu_process_callbacks+0xe01/0x2810
03:46:02 executing program 0:
r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000140)=""/28, 0xffffffe2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000240))
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f0000000040)={0x81, 0x1, {0x3, 0x0, 0x0, 0x0, 0x4000000000}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0)

03:46:02 executing program 7:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0xa000000, 0x80000002)

03:46:02 executing program 3:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070")
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r1, r2, &(0x7f00000000c0)=0xfeffffff00000000, 0x80000002)

03:46:02 executing program 1:
syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0046209, &(0x7f0000012000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000012fc7)})

03:46:02 executing program 4:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000000))

03:46:02 executing program 6:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendfile(r0, r1, &(0x7f00000000c0)=0x6800, 0x80000002)

[ 1623.002688]  __do_softirq+0x2e8/0xb17
[ 1623.006465] 
[ 1623.008081] The buggy address belongs to the object at ffff880196593080
[ 1623.008081]  which belongs to the cache dentry(129:syz2) of size 288
[ 1623.021162] The buggy address is located 0 bytes inside of
[ 1623.021162]  288-byte region [ffff880196593080, ffff8801965931a0)
[ 1623.032850] The buggy address belongs to the page:
[ 1623.037779] page:ffffea00065964c0 count:1 mapcount:0 mapping:ffff8801d7a12c80 index:0x0
[ 1623.045927] flags: 0x2fffc0000000100(slab)
[ 1623.050171] raw: 02fffc0000000100 ffffea00063fb648 ffffea0006385f48 ffff8801d7a12c80
[ 1623.058069] raw: 0000000000000000 ffff880196593080 000000010000000b ffff8801b1046700
[ 1623.065945] page dumped because: kasan: bad access detected
[ 1623.071658] page->mem_cgroup:ffff8801b1046700
[ 1623.076158] 
[ 1623.077781] Memory state around the buggy address:
[ 1623.082712]  ffff880196592f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1623.090094]  ffff880196593000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1623.097463] >ffff880196593080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1623.104833]                    ^
[ 1623.108206]  ffff880196593100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1623.115573]  ffff880196593180: fb fb fb fb fc fc fc fc fc fc fc fc fb fb fb fb
[ 1623.122932] ==================================================================
[ 1623.130525] Kernel panic - not syncing: panic_on_warn set ...
[ 1623.130525] 
[ 1623.137900] CPU: 0 PID: 18134 Comm: syz-executor2 Tainted: G    B             4.18.0-rc4-next-20180711+ #4
[ 1623.147699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1623.157066] Call Trace:
[ 1623.159671]  dump_stack+0x1c9/0x2b4
[ 1623.163317]  ? dump_stack_print_info.cold.2+0x52/0x52
[ 1623.168524]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1623.173290]  panic+0x238/0x4e7
[ 1623.176491]  ? add_taint.cold.5+0x16/0x16
[ 1623.180650]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1623.185066]  ? do_raw_spin_unlock+0xa7/0x2f0
[ 1623.189488]  ? dput.part.26+0x634/0x7a0
[ 1623.193470]  kasan_end_report+0x47/0x4f
[ 1623.197461]  kasan_report.cold.7+0x76/0x30d
[ 1623.201795]  __asan_report_load4_noabort+0x14/0x20
[ 1623.206738]  dput.part.26+0x634/0x7a0
[ 1623.210550]  ? shrink_dcache_sb+0x350/0x350
[ 1623.214886]  ? __kasan_slab_free+0x131/0x170
[ 1623.219304]  ? trace_hardirqs_on+0xd/0x10
[ 1623.223464]  dput+0x15/0x20
[ 1623.226920]  proc_kill_sb+0x125/0x1e0
[ 1623.230722]  ? proc_get_inode+0x680/0x680
[ 1623.234879]  ? proc_root_lookup+0x60/0x60
[ 1623.239051]  deactivate_locked_super+0x97/0x100
[ 1623.243731]  vfs_get_super+0x20f/0x270
[ 1623.247629]  proc_get_tree+0x88/0xb0
[ 1623.251346]  vfs_get_tree+0x1cb/0x5c0
[ 1623.255144]  do_mount+0x6c1/0x1fb0
[ 1623.258680]  ? check_same_owner+0x340/0x340
[ 1623.262985]  ? lock_release+0xa30/0xa30
[ 1623.266956]  ? copy_mount_string+0x40/0x40
[ 1623.271179]  ? kasan_kmalloc+0xc4/0xe0
[ 1623.275059]  ? kmem_cache_alloc_trace+0x318/0x780
[ 1623.279891]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 1623.285411]  ? _copy_from_user+0xdf/0x150
[ 1623.289544]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1623.295070]  ? copy_mount_options+0x285/0x380
[ 1623.299551]  ksys_mount+0x12d/0x140
[ 1623.303171]  __x64_sys_mount+0xbe/0x150
[ 1623.307133]  do_syscall_64+0x1b9/0x820
[ 1623.311005]  ? finish_task_switch+0x1d3/0x870
[ 1623.315492]  ? syscall_return_slowpath+0x5e0/0x5e0
[ 1623.320419]  ? syscall_return_slowpath+0x31d/0x5e0
[ 1623.325334]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[ 1623.330338]  ? prepare_exit_to_usermode+0x291/0x3b0
[ 1623.335337]  ? perf_trace_sys_enter+0xb10/0xb10
[ 1623.339993]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1623.344828]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1623.350001] RIP: 0033:0x455e29
[ 1623.353175] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
[ 1623.372303] RSP: 002b:00007f1fad494c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1623.380024] RAX: ffffffffffffffda RBX: 00007f1fad4956d4 RCX: 0000000000455e29
[ 1623.387290] RDX: 0000000020f9cffb RSI: 0000000020db0ff8 RDI: 0000000020b79ff8
[ 1623.394543] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000000
[ 1623.401794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[ 1623.409050] R13: 00000000004c248a R14: 00000000004d0058 R15: 0000000000000022
[ 1623.416808] Dumping ftrace buffer:
[ 1623.420361]    (ftrace buffer empty)
[ 1623.424053] Kernel Offset: disabled
[ 1623.427672] Rebooting in 86400 seconds..