0xbe [ 352.572148] ? syscall_return_slowpath+0x5e0/0x5e0 [ 352.577058] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.581920] ? trace_hardirqs_on_caller+0x310/0x310 [ 352.586915] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 352.591908] ? prepare_exit_to_usermode+0x291/0x3b0 [ 352.596919] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.601783] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.606963] RIP: 0033:0x457569 [ 352.610141] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 352.629107] RSP: 002b:00007f0b8bf74a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 352.636792] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457569 [ 352.644094] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc787 [ 352.651368] RBP: 000000000072bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 352.658613] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0b8bf756d4 [ 352.665861] R13: 00000000004c5225 R14: 00000000004d9010 R15: 0000000000000005 10:02:58 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0xe, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:02:58 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x2}]) 10:02:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xd], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 352.748407] FAT-fs (loop4): bogus number of reserved sectors [ 352.755933] FAT-fs (loop4): Can't find a valid FAT filesystem [ 352.765716] minix_free_inode: bit 1 already cleared 10:02:58 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x1, &(0x7f00000003c0)=[{&(0x7f00000002c0)="89a65985c061ed355ddfba601cf285eda0955a5119a2bc728b99d6f2f88b9a2b11a8ee0f3ca8182c7a0f3b2d2d4c68a9b164fdfa00ca0908d6e05236440215ccfdd11724ccccb1527cb2ecc57787bbfeb2d56e18177d4ed688ff5fbe93e9756fcb2a4e5144e88a8d4ff4dd0c57b6f55c46f9570adfaf0fc19cfc0237d22e08b3bbd861264f7ad309b45b5c3d3e49667b64b7165182211fa67225035e65a8bbbd401c04e58823ce1d9add6a415599e557e593929865c2b6468fda8917c03eedb8ca73332ed1081a0564a82356987e7576c73f7e26994f22aa6b9d33b302f48f63", 0xe0, 0x6}], 0x10002, &(0x7f0000000400)={[{@dots='dots'}, {@nodots='nodots'}, {@dots='dots'}, {@nodots='nodots'}, {@nodots='nodots'}, {@nodots='nodots'}, {@nodots='nodots'}], [{@subj_type={'subj_type', 0x3d, 'nodev'}}, {@permit_directio='permit_directio'}, {@permit_directio='permit_directio'}]}) 10:02:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x3000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 352.840246] JFS: Cannot determine volume size [ 352.847118] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value 10:02:58 executing program 4 (fault-call:2 fault-nth:3): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:02:58 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x300000000000000}]) 10:02:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 352.994783] FAT-fs (loop5): Unrecognized mount option "subj_type=nodev" or missing value [ 353.025240] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:02:58 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:02:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xe80], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 353.063408] FAULT_INJECTION: forcing a failure. [ 353.063408] name failslab, interval 1, probability 0, space 0, times 0 10:02:58 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x10002, &(0x7f0000000400)={[{@dots='dots'}, {@nodots='nodots'}, {@dots='dots'}, {@nodots='nodots'}, {@nodots='nodots'}, {@nodots='nodots'}, {@nodots='nodots'}], [{@subj_type={'subj_type', 0x3d, 'nodev'}}, {@permit_directio='permit_directio'}, {@permit_directio='permit_directio'}]}) 10:02:58 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x8, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 353.169803] CPU: 0 PID: 17781 Comm: syz-executor4 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 353.178416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 353.187779] Call Trace: [ 353.190391] dump_stack+0x244/0x39d [ 353.194021] ? dump_stack_print_info.cold.1+0x20/0x20 [ 353.199207] ? __save_stack_trace+0x8d/0xf0 [ 353.203539] should_fail.cold.4+0xa/0x17 [ 353.207603] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 353.212713] ? save_stack+0x43/0xd0 [ 353.216361] ? kasan_kmalloc+0xc7/0xe0 [ 353.220259] ? percpu_ref_put_many+0x11c/0x260 [ 353.224858] ? graph_lock+0x270/0x270 [ 353.224876] ? find_held_lock+0x36/0x1c0 [ 353.224954] ? nfsd4_set_deviceid+0x818/0xa50 [ 353.232753] ? perf_trace_sched_process_exec+0x860/0x860 [ 353.232784] ? lock_downgrade+0x900/0x900 [ 353.232819] __should_failslab+0x124/0x180 [ 353.246973] should_failslab+0x9/0x14 [ 353.254979] kmem_cache_alloc+0x2be/0x730 [ 353.254993] ? d_set_d_op+0x31d/0x410 [ 353.255017] __alloc_file+0xa8/0x470 [ 353.255048] ? file_free_rcu+0xd0/0xd0 [ 353.262977] ? d_instantiate+0x79/0xa0 [ 353.262993] ? lock_downgrade+0x900/0x900 [ 353.263014] ? kasan_check_read+0x11/0x20 [ 353.263027] ? do_raw_spin_unlock+0xa7/0x330 [ 353.263043] ? do_raw_spin_trylock+0x270/0x270 [ 353.270640] alloc_empty_file+0x72/0x170 [ 353.270656] alloc_file+0x5e/0x4d0 [ 353.270684] ? _raw_spin_unlock+0x2c/0x50 [ 353.270702] alloc_file_pseudo+0x261/0x3f0 [ 353.285628] JFS: Cannot determine volume size [ 353.287255] ? alloc_file+0x4d0/0x4d0 [ 353.287286] ? usercopy_warn+0x110/0x110 10:02:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xffffa888], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:02:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xffffca88], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 353.287311] __shmem_file_setup.part.50+0x110/0x2a0 [ 353.292277] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value [ 353.295994] shmem_file_setup+0x65/0x90 [ 353.296012] __x64_sys_memfd_create+0x2af/0x4f0 [ 353.296028] ? memfd_fcntl+0x1910/0x1910 [ 353.296056] do_syscall_64+0x1b9/0x820 [ 353.296083] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 353.296105] ? syscall_return_slowpath+0x5e0/0x5e0 [ 353.302683] FAT-fs (loop5): Unrecognized mount option "subj_type=nodev" or missing value [ 353.303772] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 353.303790] ? trace_hardirqs_on_caller+0x310/0x310 [ 353.303805] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 353.303823] ? prepare_exit_to_usermode+0x291/0x3b0 [ 353.388132] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 353.392971] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 353.398148] RIP: 0033:0x457569 [ 353.401354] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:02:58 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0xa}]) 10:02:58 executing program 4 (fault-call:2 fault-nth:4): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 353.420231] RSP: 002b:00007f0b8bf74a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 353.427914] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457569 [ 353.435161] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc787 [ 353.442425] RBP: 000000000072bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 353.449699] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0b8bf756d4 [ 353.456993] R13: 00000000004c5225 R14: 00000000004d9010 R15: 0000000000000005 [ 353.496742] minix_free_inode: bit 1 already cleared 10:02:58 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={[{@dots='dots'}, {@nodots='nodots'}, {@dots='dots'}, {@nodots='nodots'}, {@nodots='nodots'}, {@nodots='nodots'}, {@nodots='nodots'}], [{@subj_type={'subj_type', 0x3d, 'nodev'}}, {@permit_directio='permit_directio'}, {@permit_directio='permit_directio'}]}) 10:02:59 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) [ 353.640208] FAULT_INJECTION: forcing a failure. [ 353.640208] name failslab, interval 1, probability 0, space 0, times 0 [ 353.653148] CPU: 1 PID: 17816 Comm: syz-executor4 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 353.661727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 353.671484] Call Trace: [ 353.671499] dump_stack+0x244/0x39d [ 353.671515] ? dump_stack_print_info.cold.1+0x20/0x20 [ 353.671532] ? __save_stack_trace+0x8d/0xf0 [ 353.687234] should_fail.cold.4+0xa/0x17 [ 353.691328] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 353.696440] ? save_stack+0x43/0xd0 [ 353.696452] ? kasan_kmalloc+0xc7/0xe0 [ 353.696471] ? percpu_ref_put_many+0x11c/0x260 [ 353.703956] ? graph_lock+0x270/0x270 [ 353.712334] ? find_held_lock+0x36/0x1c0 [ 353.716499] ? selinux_ip_forward+0x208/0x730 [ 353.721028] ? perf_trace_sched_process_exec+0x860/0x860 [ 353.726503] ? lock_downgrade+0x900/0x900 [ 353.726539] __should_failslab+0x124/0x180 [ 353.726557] should_failslab+0x9/0x14 [ 353.726586] kmem_cache_alloc+0x2be/0x730 [ 353.726612] ? d_set_d_op+0x31d/0x410 [ 353.726632] __alloc_file+0xa8/0x470 [ 353.750450] ? file_free_rcu+0xd0/0xd0 [ 353.754353] ? d_instantiate+0x79/0xa0 [ 353.758244] ? lock_downgrade+0x900/0x900 [ 353.762403] ? kasan_check_read+0x11/0x20 [ 353.766552] ? do_raw_spin_unlock+0xa7/0x330 [ 353.770975] ? do_raw_spin_trylock+0x270/0x270 [ 353.775560] alloc_empty_file+0x72/0x170 [ 353.779642] alloc_file+0x5e/0x4d0 [ 353.783190] ? _raw_spin_unlock+0x2c/0x50 [ 353.787343] alloc_file_pseudo+0x261/0x3f0 [ 353.791588] ? alloc_file+0x4d0/0x4d0 [ 353.795390] ? usercopy_warn+0x110/0x110 [ 353.799460] __shmem_file_setup.part.50+0x110/0x2a0 [ 353.804481] shmem_file_setup+0x65/0x90 [ 353.808454] __x64_sys_memfd_create+0x2af/0x4f0 [ 353.813136] ? memfd_fcntl+0x1910/0x1910 [ 353.817247] do_syscall_64+0x1b9/0x820 [ 353.821134] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 353.826506] ? syscall_return_slowpath+0x5e0/0x5e0 [ 353.831444] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 353.836289] ? trace_hardirqs_on_caller+0x310/0x310 10:02:59 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x4305000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:02:59 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x3a00000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:02:59 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xd000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 353.841302] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 353.846316] ? prepare_exit_to_usermode+0x291/0x3b0 [ 353.851338] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 353.856222] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 353.861410] RIP: 0033:0x457569 [ 353.864601] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 353.883495] RSP: 002b:00007f0b8bf74a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 353.891194] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457569 [ 353.898460] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc787 [ 353.905726] RBP: 000000000072bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 353.912974] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0b8bf756d4 [ 353.920231] R13: 00000000004c5225 R14: 00000000004d9010 R15: 0000000000000005 [ 353.932176] FAT-fs (loop5): Unrecognized mount option "subj_type=nodev" or missing value 10:02:59 executing program 4 (fault-call:2 fault-nth:5): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 353.951893] JFS: Cannot determine volume size [ 353.970747] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value [ 353.993297] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:02:59 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x710000}]) [ 354.025957] FAULT_INJECTION: forcing a failure. [ 354.025957] name failslab, interval 1, probability 0, space 0, times 0 [ 354.038693] CPU: 1 PID: 17843 Comm: syz-executor4 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 354.047281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.056610] Call Trace: [ 354.059176] dump_stack+0x244/0x39d [ 354.062780] ? dump_stack_print_info.cold.1+0x20/0x20 [ 354.067948] ? find_held_lock+0x36/0x1c0 [ 354.072040] should_fail.cold.4+0xa/0x17 [ 354.076159] ? find_held_lock+0x36/0x1c0 [ 354.080223] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 354.085309] ? lock_downgrade+0x900/0x900 [ 354.089449] ? current_time+0x72/0x1b0 [ 354.093320] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.098844] ? timespec64_trunc+0xea/0x180 [ 354.103057] ? inode_init_owner+0x340/0x340 [ 354.107377] ? find_held_lock+0x36/0x1c0 [ 354.111499] ? drm_atomic_set_property+0xbd8/0x2890 [ 354.116504] ? perf_trace_sched_process_exec+0x860/0x860 [ 354.121932] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.127451] __should_failslab+0x124/0x180 [ 354.131668] should_failslab+0x9/0x14 [ 354.135448] kmem_cache_alloc+0x2be/0x730 [ 354.139574] ? do_sys_ftruncate+0x428/0x550 [ 354.143876] ? lock_downgrade+0x900/0x900 [ 354.148003] getname_flags+0xd0/0x590 [ 354.151784] ? __lock_is_held+0xb5/0x140 [ 354.155843] getname+0x19/0x20 [ 354.159019] do_sys_open+0x383/0x700 [ 354.162717] ? filp_open+0x80/0x80 [ 354.166238] ? trace_hardirqs_off_caller+0x300/0x300 [ 354.171318] ? do_sys_ftruncate+0x449/0x550 [ 354.175619] __x64_sys_open+0x7e/0xc0 [ 354.179408] do_syscall_64+0x1b9/0x820 [ 354.183297] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 354.188653] ? syscall_return_slowpath+0x5e0/0x5e0 [ 354.193575] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.198404] ? trace_hardirqs_on_caller+0x310/0x310 [ 354.203405] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 354.208413] ? prepare_exit_to_usermode+0x291/0x3b0 [ 354.213409] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.218233] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.223420] RIP: 0033:0x4111a1 [ 354.226601] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 354.245515] RSP: 002b:00007f0b8bf74a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 354.253223] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004111a1 [ 354.260469] RDX: 00007f0b8bf74afa RSI: 0000000000000002 RDI: 00007f0b8bf74af0 [ 354.267725] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 354.274971] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000006 [ 354.282219] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000005 10:02:59 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x60, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:02:59 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x3a000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:02:59 executing program 4 (fault-call:2 fault-nth:6): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:02:59 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:02:59 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x689], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 354.433746] FAULT_INJECTION: forcing a failure. [ 354.433746] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 354.445563] CPU: 1 PID: 17857 Comm: syz-executor4 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 354.454153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.463505] Call Trace: [ 354.466114] dump_stack+0x244/0x39d [ 354.469757] ? dump_stack_print_info.cold.1+0x20/0x20 [ 354.469782] should_fail.cold.4+0xa/0x17 [ 354.469799] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 354.479046] ? print_usage_bug+0xc0/0xc0 [ 354.479084] ? mark_held_locks+0x130/0x130 [ 354.479099] ? graph_lock+0x270/0x270 [ 354.479116] ? print_usage_bug+0xc0/0xc0 [ 354.479133] ? graph_lock+0x270/0x270 [ 354.504106] ? lock_downgrade+0x900/0x900 [ 354.508263] ? check_preemption_disabled+0x48/0x280 [ 354.513305] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.518859] ? should_fail+0x22d/0xd01 [ 354.522758] ? find_held_lock+0x36/0x1c0 [ 354.526838] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 354.531959] __alloc_pages_nodemask+0x34b/0xdd0 [ 354.536644] ? current_time+0x72/0x1b0 [ 354.540543] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 354.545564] ? inode_init_owner+0x340/0x340 [ 354.549897] ? find_held_lock+0x36/0x1c0 [ 354.549972] ? pci_read_bridge_bases+0x398/0x1260 [ 354.550002] ? trace_hardirqs_off+0xb8/0x310 [ 354.558920] cache_grow_begin+0xa5/0x8c0 [ 354.558937] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 354.558953] ? check_preemption_disabled+0x48/0x280 [ 354.558975] kmem_cache_alloc+0x66b/0x730 10:02:59 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:02:59 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xfffffffffffff000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 354.558989] ? do_sys_ftruncate+0x428/0x550 [ 354.559010] getname_flags+0xd0/0x590 [ 354.590217] ? __lock_is_held+0xb5/0x140 [ 354.594289] getname+0x19/0x20 [ 354.597493] do_sys_open+0x383/0x700 [ 354.601226] ? filp_open+0x80/0x80 [ 354.604775] ? trace_hardirqs_off_caller+0x300/0x300 [ 354.609889] ? do_sys_ftruncate+0x449/0x550 [ 354.614231] __x64_sys_open+0x7e/0xc0 [ 354.618101] do_syscall_64+0x1b9/0x820 [ 354.622008] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 354.627383] ? syscall_return_slowpath+0x5e0/0x5e0 [ 354.632322] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.637179] ? trace_hardirqs_on_caller+0x310/0x310 [ 354.642206] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 354.647231] ? prepare_exit_to_usermode+0x291/0x3b0 [ 354.647255] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.647280] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.647292] RIP: 0033:0x4111a1 [ 354.647311] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 354.657180] RSP: 002b:00007f0b8bf74a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 354.657195] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004111a1 [ 354.657205] RDX: 00007f0b8bf74afa RSI: 0000000000000002 RDI: 00007f0b8bf74af0 [ 354.657213] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 354.657222] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000006 [ 354.657238] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000005 [ 354.676207] JFS: Cannot determine volume size 10:03:00 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:00 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0xa000000}]) [ 354.734462] minix_free_inode: bit 1 already cleared [ 354.743168] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value [ 354.798758] FAT-fs (loop5): bogus number of reserved sectors [ 354.801050] FAT-fs (loop4): bogus number of reserved sectors [ 354.804698] FAT-fs (loop5): Can't find a valid FAT filesystem [ 354.810552] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:00 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:03:00 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xfffff000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:00 executing program 4 (fault-call:2 fault-nth:7): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 354.986525] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:00 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x42f, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:00 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x9300}]) 10:03:00 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 355.056785] JFS: Cannot determine volume size [ 355.074278] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value [ 355.087583] FAULT_INJECTION: forcing a failure. [ 355.087583] name fail_page_alloc, interval 1, probability 0, space 0, times 0 10:03:00 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8035], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 355.099389] CPU: 1 PID: 17905 Comm: syz-executor4 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 355.107958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 355.117303] Call Trace: [ 355.119904] dump_stack+0x244/0x39d [ 355.123542] ? dump_stack_print_info.cold.1+0x20/0x20 [ 355.128751] should_fail.cold.4+0xa/0x17 [ 355.132800] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 355.137912] ? print_usage_bug+0xc0/0xc0 [ 355.141986] ? mark_held_locks+0x130/0x130 [ 355.146228] ? graph_lock+0x270/0x270 [ 355.150036] ? print_usage_bug+0xc0/0xc0 [ 355.154084] ? graph_lock+0x270/0x270 [ 355.157871] ? lock_downgrade+0x900/0x900 [ 355.162009] ? check_preemption_disabled+0x48/0x280 [ 355.167010] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 355.172525] ? should_fail+0x22d/0xd01 [ 355.176430] ? find_held_lock+0x36/0x1c0 [ 355.180500] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 355.185585] __alloc_pages_nodemask+0x34b/0xdd0 [ 355.190260] ? current_time+0x72/0x1b0 [ 355.194145] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 355.199161] ? inode_init_owner+0x340/0x340 [ 355.203471] ? find_held_lock+0x36/0x1c0 [ 355.207520] ? trace_hardirqs_off+0xb8/0x310 [ 355.211916] cache_grow_begin+0xa5/0x8c0 [ 355.215956] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 355.221488] ? check_preemption_disabled+0x48/0x280 [ 355.226520] kmem_cache_alloc+0x66b/0x730 [ 355.230647] ? do_sys_ftruncate+0x428/0x550 [ 355.234965] getname_flags+0xd0/0x590 [ 355.238751] ? __lock_is_held+0xb5/0x140 [ 355.242845] getname+0x19/0x20 [ 355.246021] do_sys_open+0x383/0x700 [ 355.249727] ? filp_open+0x80/0x80 [ 355.253256] ? trace_hardirqs_off_caller+0x300/0x300 [ 355.258352] ? do_sys_ftruncate+0x449/0x550 [ 355.262676] __x64_sys_open+0x7e/0xc0 [ 355.266456] do_syscall_64+0x1b9/0x820 [ 355.270338] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 355.275708] ? syscall_return_slowpath+0x5e0/0x5e0 [ 355.280628] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 355.285460] ? trace_hardirqs_on_caller+0x310/0x310 [ 355.290471] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 355.295479] ? prepare_exit_to_usermode+0x291/0x3b0 [ 355.300504] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 355.305334] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 355.310515] RIP: 0033:0x4111a1 [ 355.313698] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 355.332592] RSP: 002b:00007f0b8bf74a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 355.340279] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004111a1 [ 355.347534] RDX: 00007f0b8bf74afa RSI: 0000000000000002 RDI: 00007f0b8bf74af0 [ 355.354780] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 355.362026] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000006 [ 355.369293] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000005 [ 355.385723] minix_free_inode: bit 1 already cleared 10:03:00 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:03:00 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0xff600000}]) [ 355.419454] FAT-fs (loop4): bogus number of reserved sectors [ 355.443691] FAT-fs (loop4): Can't find a valid FAT filesystem [ 355.457606] FAT-fs (loop5): bogus number of reserved sectors 10:03:00 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8864], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:00 executing program 4 (fault-call:2 fault-nth:8): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 355.492813] FAT-fs (loop5): Can't find a valid FAT filesystem [ 355.607059] JFS: Cannot determine volume size 10:03:01 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:01 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x1000000}]) [ 355.636898] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 355.645934] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value [ 355.676755] FAULT_INJECTION: forcing a failure. [ 355.676755] name failslab, interval 1, probability 0, space 0, times 0 [ 355.693345] CPU: 1 PID: 17943 Comm: syz-executor4 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 355.701921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 355.701927] Call Trace: [ 355.701948] dump_stack+0x244/0x39d [ 355.701969] ? dump_stack_print_info.cold.1+0x20/0x20 [ 355.701986] ? lock_downgrade+0x900/0x900 [ 355.702009] ? check_preemption_disabled+0x48/0x280 [ 355.713938] should_fail.cold.4+0xa/0x17 10:03:01 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8906], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:01 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) [ 355.713956] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 355.713977] ? is_bpf_text_address+0xd3/0x170 [ 355.713993] ? kernel_text_address+0x79/0xf0 [ 355.714012] ? __kernel_text_address+0xd/0x40 [ 355.754636] ? unwind_get_return_address+0x61/0xa0 [ 355.759570] ? __save_stack_trace+0x8d/0xf0 [ 355.763889] ? find_held_lock+0x36/0x1c0 [ 355.767965] ? __irqentry_text_end+0x2c0c0/0x1f9688 [ 355.773003] ? do_syscall_64+0x1b9/0x820 [ 355.777093] ? perf_trace_sched_process_exec+0x860/0x860 [ 355.782553] __should_failslab+0x124/0x180 [ 355.786786] should_failslab+0x9/0x14 [ 355.790584] kmem_cache_alloc_trace+0x2d7/0x750 [ 355.795245] ? __might_sleep+0x95/0x190 [ 355.799209] apparmor_file_alloc_security+0x17b/0xac0 [ 355.804382] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 355.809927] ? apparmor_path_rename+0xcd0/0xcd0 [ 355.814616] ? rcu_read_lock_sched_held+0x14f/0x180 [ 355.819625] ? kmem_cache_alloc+0x33a/0x730 [ 355.823960] ? graph_lock+0x270/0x270 [ 355.827787] security_file_alloc+0x4c/0xa0 [ 355.832004] __alloc_file+0x12a/0x470 [ 355.835785] ? file_free_rcu+0xd0/0xd0 [ 355.839690] ? find_held_lock+0x36/0x1c0 [ 355.843758] ? is_bpf_text_address+0xac/0x170 [ 355.848240] ? lock_downgrade+0x900/0x900 [ 355.852374] ? check_preemption_disabled+0x48/0x280 [ 355.857370] alloc_empty_file+0x72/0x170 [ 355.861410] path_openat+0x170/0x5150 [ 355.865204] ? rcu_softirq_qs+0x20/0x20 [ 355.869179] ? unwind_dump+0x190/0x190 [ 355.873079] ? graph_lock+0x270/0x270 [ 355.876862] ? path_lookupat.isra.43+0xc00/0xc00 [ 355.881630] ? unwind_get_return_address+0x61/0xa0 [ 355.886553] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 355.891548] ? expand_files.part.8+0x571/0x9a0 [ 355.896124] ? find_held_lock+0x36/0x1c0 [ 355.900166] ? __alloc_fd+0x347/0x6e0 [ 355.903995] ? lock_downgrade+0x900/0x900 [ 355.908155] ? getname+0x19/0x20 [ 355.911558] ? kasan_check_read+0x11/0x20 [ 355.915741] ? do_raw_spin_unlock+0xa7/0x330 [ 355.920141] ? do_raw_spin_trylock+0x270/0x270 [ 355.924711] ? __lock_is_held+0xb5/0x140 [ 355.928765] ? __check_object_size+0xb1/0x782 [ 355.933243] ? _raw_spin_unlock+0x2c/0x50 [ 355.937368] ? __alloc_fd+0x347/0x6e0 [ 355.941184] do_filp_open+0x255/0x380 [ 355.944995] ? may_open_dev+0x100/0x100 [ 355.948975] ? get_unused_fd_flags+0x122/0x1a0 [ 355.953545] ? __alloc_fd+0x6e0/0x6e0 [ 355.957351] ? __lock_is_held+0xb5/0x140 [ 355.961403] do_sys_open+0x568/0x700 [ 355.965096] ? filp_open+0x80/0x80 [ 355.968653] ? trace_hardirqs_off_caller+0x300/0x300 [ 355.973740] ? do_sys_ftruncate+0x449/0x550 [ 355.978052] __x64_sys_open+0x7e/0xc0 [ 355.981855] do_syscall_64+0x1b9/0x820 [ 355.985730] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 355.991090] ? syscall_return_slowpath+0x5e0/0x5e0 [ 355.996003] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.000876] ? trace_hardirqs_on_caller+0x310/0x310 [ 356.005920] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 356.010920] ? prepare_exit_to_usermode+0x291/0x3b0 [ 356.015919] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.020742] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 356.025921] RIP: 0033:0x4111a1 [ 356.029097] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 356.047999] RSP: 002b:00007f0b8bf74a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 356.055720] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004111a1 [ 356.062979] RDX: 00007f0b8bf74afa RSI: 0000000000000002 RDI: 00007f0b8bf74af0 [ 356.070250] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 356.077519] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000006 [ 356.084787] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000005 10:03:01 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x6, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:01 executing program 4 (fault-call:2 fault-nth:9): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 356.144787] JFS: Cannot determine volume size [ 356.146779] FAT-fs (loop5): bogus number of reserved sectors [ 356.172650] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value [ 356.180488] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:01 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x28], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:01 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x3}]) [ 356.245548] minix_free_inode: bit 1 already cleared [ 356.267458] FAULT_INJECTION: forcing a failure. [ 356.267458] name failslab, interval 1, probability 0, space 0, times 0 [ 356.278797] CPU: 0 PID: 17963 Comm: syz-executor4 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 356.287410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 356.287417] Call Trace: [ 356.287452] dump_stack+0x244/0x39d [ 356.287472] ? dump_stack_print_info.cold.1+0x20/0x20 [ 356.287499] should_fail.cold.4+0xa/0x17 [ 356.287519] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 356.287537] ? pick_next_task_fair+0xa35/0x1c90 [ 356.287557] ? rcu_read_lock_sched_held+0x14f/0x180 [ 356.287582] ? graph_lock+0x270/0x270 [ 356.287614] ? print_usage_bug+0xc0/0xc0 [ 356.287651] ? find_held_lock+0x36/0x1c0 [ 356.287671] ? __lock_is_held+0xb5/0x140 [ 356.287698] ? reweight_entity+0x10f0/0x10f0 [ 356.347505] ? perf_trace_sched_process_exec+0x860/0x860 [ 356.352981] __should_failslab+0x124/0x180 [ 356.357229] should_failslab+0x9/0x14 [ 356.361030] kmem_cache_alloc+0x2be/0x730 [ 356.365169] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 356.370221] __kernfs_new_node+0x127/0x8d0 [ 356.374445] ? trace_hardirqs_off_caller+0x300/0x300 [ 356.379533] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 356.384295] ? _raw_spin_unlock_irq+0x60/0x80 [ 356.388810] ? __schedule+0x168b/0x21d0 [ 356.392795] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 356.397923] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 356.403043] ? graph_lock+0x270/0x270 [ 356.406847] ? graph_lock+0x270/0x270 [ 356.410658] ? enqueue_task_fair+0x24d/0xa50 [ 356.415063] ? find_held_lock+0x36/0x1c0 [ 356.419154] kernfs_new_node+0x95/0x120 [ 356.423146] kernfs_create_dir_ns+0x4d/0x160 [ 356.427571] internal_create_group+0x5fc/0xd80 [ 356.432228] ? remove_files.isra.1+0x190/0x190 [ 356.436828] ? up_write+0x7b/0x220 [ 356.440357] ? down_write_nested+0x130/0x130 [ 356.444747] ? down_read+0x120/0x120 [ 356.448448] sysfs_create_group+0x1f/0x30 [ 356.452627] lo_ioctl+0x166a/0x22a0 [ 356.456281] ? lo_rw_aio+0x1ef0/0x1ef0 [ 356.460196] ? find_held_lock+0x36/0x1c0 [ 356.464246] ? lo_rw_aio+0x1ef0/0x1ef0 [ 356.468151] blkdev_ioctl+0x98e/0x21b0 [ 356.472029] ? blkpg_ioctl+0xc10/0xc10 [ 356.475947] ? lock_downgrade+0x900/0x900 [ 356.480114] ? check_preemption_disabled+0x48/0x280 [ 356.485137] ? kasan_check_read+0x11/0x20 [ 356.489301] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 356.494608] ? rcu_read_unlock_special+0x370/0x370 [ 356.499551] ? __fget+0x4d1/0x740 [ 356.502991] ? ksys_dup3+0x680/0x680 [ 356.506732] block_ioctl+0xee/0x130 [ 356.510364] ? blkdev_fallocate+0x400/0x400 [ 356.514670] do_vfs_ioctl+0x1de/0x1790 [ 356.518553] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 356.524117] ? ioctl_preallocate+0x300/0x300 [ 356.528528] ? __fget_light+0x2e9/0x430 [ 356.532498] ? fget_raw+0x20/0x20 [ 356.535953] ? rcu_read_lock_sched_held+0x14f/0x180 [ 356.540951] ? kmem_cache_free+0x24f/0x290 [ 356.545269] ? putname+0xf7/0x130 [ 356.548733] ? do_syscall_64+0x9a/0x820 [ 356.552687] ? do_syscall_64+0x9a/0x820 [ 356.556640] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 356.561216] ? security_file_ioctl+0x94/0xc0 [ 356.565606] ksys_ioctl+0xa9/0xd0 [ 356.569091] __x64_sys_ioctl+0x73/0xb0 [ 356.572979] do_syscall_64+0x1b9/0x820 [ 356.576858] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 356.582220] ? syscall_return_slowpath+0x5e0/0x5e0 [ 356.587155] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.592010] ? trace_hardirqs_on_caller+0x310/0x310 [ 356.597022] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 356.602043] ? prepare_exit_to_usermode+0x291/0x3b0 [ 356.607041] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.611880] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 356.617085] RIP: 0033:0x4573d7 [ 356.620257] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 356.639151] RSP: 002b:00007f0b8bf74a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 356.646843] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 356.654105] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 356.661380] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a 10:03:02 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) [ 356.668628] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000006 [ 356.675876] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000005 [ 356.758383] FAT-fs (loop4): bogus number of reserved sectors 10:03:02 executing program 5 (fault-call:0 fault-nth:0): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 356.798984] FAT-fs (loop4): Can't find a valid FAT filesystem [ 356.818422] JFS: Cannot determine volume size [ 356.823057] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value 10:03:02 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8dffffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:02 executing program 4 (fault-call:2 fault-nth:10): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:02 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) [ 356.882423] FAULT_INJECTION: forcing a failure. [ 356.882423] name failslab, interval 1, probability 0, space 0, times 0 [ 356.894044] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 356.915432] CPU: 1 PID: 17988 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 356.924028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 356.933381] Call Trace: [ 356.936016] dump_stack+0x244/0x39d [ 356.939639] ? dump_stack_print_info.cold.1+0x20/0x20 [ 356.944821] ? lock_downgrade+0x900/0x900 [ 356.949031] should_fail.cold.4+0xa/0x17 [ 356.953092] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 356.958189] ? lock_downgrade+0x900/0x900 [ 356.962326] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 356.967867] ? proc_fail_nth_write+0x9e/0x210 [ 356.972390] ? proc_cwd_link+0x1d0/0x1d0 [ 356.976454] ? find_held_lock+0x36/0x1c0 [ 356.980517] ? perf_trace_sched_process_exec+0x860/0x860 [ 356.985971] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 356.991528] __should_failslab+0x124/0x180 [ 356.995811] should_failslab+0x9/0x14 [ 356.999627] __kmalloc+0x2e0/0x760 [ 357.003161] ? strncpy_from_user+0x5a0/0x5a0 [ 357.007562] ? fput+0x130/0x1a0 [ 357.010825] ? do_syscall_64+0x9a/0x820 [ 357.014813] ? __x64_sys_memfd_create+0x142/0x4f0 [ 357.019660] ? do_syscall_64+0x9a/0x820 [ 357.023637] __x64_sys_memfd_create+0x142/0x4f0 [ 357.028496] ? memfd_fcntl+0x1910/0x1910 [ 357.032554] do_syscall_64+0x1b9/0x820 [ 357.036425] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 357.041787] ? syscall_return_slowpath+0x5e0/0x5e0 [ 357.046696] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.051522] ? trace_hardirqs_on_caller+0x310/0x310 [ 357.056518] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 357.061515] ? prepare_exit_to_usermode+0x291/0x3b0 [ 357.066617] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.071454] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.076684] RIP: 0033:0x457569 [ 357.079881] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 357.098771] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 357.106467] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457569 [ 357.113730] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc787 [ 357.120996] RBP: 000000000072bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 357.128286] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1130c7e6d4 [ 357.135548] R13: 00000000004c5225 R14: 00000000004d9010 R15: 0000000000000003 10:03:02 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x7}]) 10:03:02 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x74f5ec99, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 357.217269] JFS: Cannot determine volume size 10:03:02 executing program 5 (fault-call:0 fault-nth:1): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 357.267952] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value [ 357.275584] minix_free_inode: bit 1 already cleared [ 357.283775] FAULT_INJECTION: forcing a failure. [ 357.283775] name failslab, interval 1, probability 0, space 0, times 0 [ 357.306359] CPU: 0 PID: 18000 Comm: syz-executor4 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 357.314953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.324309] Call Trace: [ 357.326902] dump_stack+0x244/0x39d [ 357.330524] ? dump_stack_print_info.cold.1+0x20/0x20 [ 357.335693] ? account_entity_enqueue+0x3a3/0x660 [ 357.340546] should_fail.cold.4+0xa/0x17 [ 357.344599] ? __lock_is_held+0xb5/0x140 [ 357.348640] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 357.353751] ? put_prev_task_fair+0x80/0x80 [ 357.358056] ? graph_lock+0x270/0x270 [ 357.361858] ? print_usage_bug+0xc0/0xc0 [ 357.365932] ? find_held_lock+0x36/0x1c0 [ 357.369993] ? __lock_is_held+0xb5/0x140 [ 357.374139] ? usb_kick_hub_wq+0x168/0x1e0 [ 357.378379] ? reweight_entity+0x10f0/0x10f0 [ 357.382793] ? perf_trace_sched_process_exec+0x860/0x860 [ 357.388301] __should_failslab+0x124/0x180 [ 357.392550] should_failslab+0x9/0x14 [ 357.396387] kmem_cache_alloc+0x2be/0x730 [ 357.400520] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 357.405536] __kernfs_new_node+0x127/0x8d0 [ 357.409777] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 357.414549] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 357.419650] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 357.424770] ? graph_lock+0x270/0x270 [ 357.428579] ? print_usage_bug+0xc0/0xc0 [ 357.432620] ? graph_lock+0x270/0x270 [ 357.436461] ? enqueue_task_fair+0x24d/0xa50 [ 357.440858] ? find_held_lock+0x36/0x1c0 [ 357.444903] kernfs_new_node+0x95/0x120 [ 357.448873] kernfs_create_dir_ns+0x4d/0x160 [ 357.453299] internal_create_group+0x5fc/0xd80 [ 357.457869] ? remove_files.isra.1+0x190/0x190 [ 357.462456] ? up_write+0x7b/0x220 [ 357.465992] ? down_write_nested+0x130/0x130 [ 357.470396] ? down_read+0x120/0x120 [ 357.474125] sysfs_create_group+0x1f/0x30 [ 357.478281] lo_ioctl+0x166a/0x22a0 [ 357.481903] ? lo_rw_aio+0x1ef0/0x1ef0 [ 357.485772] ? find_held_lock+0x36/0x1c0 [ 357.489819] ? lo_rw_aio+0x1ef0/0x1ef0 [ 357.493709] blkdev_ioctl+0x98e/0x21b0 [ 357.497588] ? blkpg_ioctl+0xc10/0xc10 [ 357.501456] ? lock_downgrade+0x900/0x900 [ 357.505581] ? check_preemption_disabled+0x48/0x280 [ 357.510590] ? kasan_check_read+0x11/0x20 [ 357.514754] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 357.520020] ? rcu_read_unlock_special+0x370/0x370 [ 357.524974] ? __fget+0x4d1/0x740 [ 357.528468] ? ksys_dup3+0x680/0x680 [ 357.532180] block_ioctl+0xee/0x130 [ 357.535788] ? blkdev_fallocate+0x400/0x400 [ 357.540102] do_vfs_ioctl+0x1de/0x1790 [ 357.543979] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 357.549522] ? ioctl_preallocate+0x300/0x300 [ 357.553959] ? __fget_light+0x2e9/0x430 [ 357.557915] ? fget_raw+0x20/0x20 [ 357.561353] ? rcu_read_lock_sched_held+0x14f/0x180 [ 357.566377] ? kmem_cache_free+0x24f/0x290 [ 357.570611] ? putname+0xf7/0x130 [ 357.574096] ? do_syscall_64+0x9a/0x820 [ 357.578075] ? do_syscall_64+0x9a/0x820 [ 357.582035] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 357.586618] ? security_file_ioctl+0x94/0xc0 [ 357.591007] ksys_ioctl+0xa9/0xd0 [ 357.594441] __x64_sys_ioctl+0x73/0xb0 [ 357.598309] do_syscall_64+0x1b9/0x820 [ 357.602219] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 357.607575] ? syscall_return_slowpath+0x5e0/0x5e0 [ 357.612511] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.617341] ? trace_hardirqs_on_caller+0x310/0x310 [ 357.622358] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 357.627370] ? prepare_exit_to_usermode+0x291/0x3b0 [ 357.632376] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.637219] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.642404] RIP: 0033:0x4573d7 [ 357.645592] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:03:03 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x600000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 357.664493] RSP: 002b:00007f0b8bf74a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 357.672179] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 357.679439] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 357.686714] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 357.694015] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000006 [ 357.701265] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000005 [ 357.742139] FAULT_INJECTION: forcing a failure. [ 357.742139] name failslab, interval 1, probability 0, space 0, times 0 [ 357.753515] CPU: 0 PID: 18010 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 357.762089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.771470] Call Trace: [ 357.774046] dump_stack+0x244/0x39d [ 357.777682] ? dump_stack_print_info.cold.1+0x20/0x20 [ 357.782891] should_fail.cold.4+0xa/0x17 [ 357.786955] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 357.792066] ? graph_lock+0x270/0x270 [ 357.795879] ? __lock_acquire+0x62f/0x4c20 [ 357.800111] ? lock_downgrade+0x900/0x900 [ 357.804236] ? check_preemption_disabled+0x48/0x280 [ 357.809344] ? find_held_lock+0x36/0x1c0 [ 357.813441] ? intel_print_wm_latency+0x1a8/0x2a0 [ 357.818287] ? expand_files.part.8+0x571/0x9a0 [ 357.822863] ? perf_trace_sched_process_exec+0x860/0x860 [ 357.828380] ? find_held_lock+0x36/0x1c0 [ 357.832437] __should_failslab+0x124/0x180 [ 357.836669] should_failslab+0x9/0x14 [ 357.840477] kmem_cache_alloc+0x2be/0x730 [ 357.844647] ? shmem_destroy_callback+0xc0/0xc0 [ 357.849321] shmem_alloc_inode+0x1b/0x40 [ 357.853402] alloc_inode+0x63/0x190 [ 357.857039] new_inode_pseudo+0x71/0x1a0 [ 357.861109] ? prune_icache_sb+0x1c0/0x1c0 [ 357.865353] ? _raw_spin_unlock+0x2c/0x50 [ 357.869489] new_inode+0x1c/0x40 [ 357.872836] shmem_get_inode+0xf1/0x920 [ 357.876801] ? shmem_encode_fh+0x340/0x340 [ 357.881097] ? lock_downgrade+0x900/0x900 [ 357.885228] ? lock_release+0xa10/0xa10 [ 357.889194] ? perf_trace_sched_process_exec+0x860/0x860 [ 357.894662] ? usercopy_warn+0x110/0x110 [ 357.898735] __shmem_file_setup.part.50+0x83/0x2a0 [ 357.903711] shmem_file_setup+0x65/0x90 [ 357.907678] __x64_sys_memfd_create+0x2af/0x4f0 [ 357.912350] ? memfd_fcntl+0x1910/0x1910 [ 357.916413] do_syscall_64+0x1b9/0x820 [ 357.920290] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 357.925655] ? syscall_return_slowpath+0x5e0/0x5e0 [ 357.930568] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.935420] ? trace_hardirqs_on_caller+0x310/0x310 [ 357.940498] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 357.945541] ? prepare_exit_to_usermode+0x291/0x3b0 [ 357.950553] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.955380] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.960556] RIP: 0033:0x457569 [ 357.963737] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 357.982624] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f 10:03:03 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x7f9774a70000}]) [ 357.990342] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457569 [ 357.997611] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc787 [ 358.004866] RBP: 000000000072bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 358.012137] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1130c7e6d4 [ 358.019417] R13: 00000000004c5225 R14: 00000000004d9010 R15: 0000000000000003 10:03:03 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:03:03 executing program 5 (fault-call:0 fault-nth:2): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 358.076565] FAT-fs (loop4): bogus number of reserved sectors [ 358.114013] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:03 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8035000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:03 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 358.244797] JFS: Cannot determine volume size [ 358.245834] FAULT_INJECTION: forcing a failure. [ 358.245834] name failslab, interval 1, probability 0, space 0, times 0 [ 358.254506] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value 10:03:03 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x7100}]) [ 358.293149] CPU: 0 PID: 18031 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 358.301755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 358.311139] Call Trace: [ 358.313745] dump_stack+0x244/0x39d [ 358.317393] ? dump_stack_print_info.cold.1+0x20/0x20 [ 358.322608] should_fail.cold.4+0xa/0x17 [ 358.326680] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 358.331779] ? __kernel_text_address+0xd/0x40 [ 358.336272] ? unwind_get_return_address+0x61/0xa0 [ 358.341212] ? find_held_lock+0x36/0x1c0 [ 358.345367] ? dm_bufio_client_destroy+0x38/0xbb0 [ 358.350233] ? perf_trace_sched_process_exec+0x860/0x860 [ 358.355706] __should_failslab+0x124/0x180 [ 358.359956] should_failslab+0x9/0x14 [ 358.363778] kmem_cache_alloc+0x2be/0x730 [ 358.367936] ? mpol_shared_policy_init+0x235/0x650 [ 358.372860] ? current_time+0x72/0x1b0 [ 358.376746] __d_alloc+0xc8/0xb90 [ 358.380203] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 358.385216] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 358.390248] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 358.395466] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.401008] ? timespec64_trunc+0xea/0x180 [ 358.405253] ? inode_init_owner+0x340/0x340 [ 358.409594] ? _raw_spin_unlock+0x2c/0x50 [ 358.413742] ? current_time+0x10b/0x1b0 [ 358.417738] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.423284] ? __lockdep_init_map+0x105/0x590 [ 358.427788] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 358.433329] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 358.438924] d_alloc_pseudo+0x1d/0x30 [ 358.442756] alloc_file_pseudo+0x158/0x3f0 [ 358.446993] ? alloc_file+0x4d0/0x4d0 [ 358.450806] ? usercopy_warn+0x110/0x110 [ 358.454885] __shmem_file_setup.part.50+0x110/0x2a0 [ 358.459899] shmem_file_setup+0x65/0x90 [ 358.463880] __x64_sys_memfd_create+0x2af/0x4f0 [ 358.468574] ? memfd_fcntl+0x1910/0x1910 [ 358.472665] do_syscall_64+0x1b9/0x820 [ 358.476583] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 358.481958] ? syscall_return_slowpath+0x5e0/0x5e0 [ 358.486899] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 358.491743] ? trace_hardirqs_on_caller+0x310/0x310 [ 358.496761] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 358.501780] ? prepare_exit_to_usermode+0x291/0x3b0 [ 358.506795] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 358.511667] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.516865] RIP: 0033:0x457569 [ 358.520093] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:03:03 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x543], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:03 executing program 5 (fault-call:0 fault-nth:3): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 358.539003] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 358.546739] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457569 [ 358.554004] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc787 [ 358.561266] RBP: 000000000072bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 358.568530] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1130c7e6d4 [ 358.575801] R13: 00000000004c5225 R14: 00000000004d9010 R15: 0000000000000003 10:03:04 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) [ 358.678197] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 358.713463] FAULT_INJECTION: forcing a failure. [ 358.713463] name failslab, interval 1, probability 0, space 0, times 0 [ 358.735567] FAT-fs (loop4): bogus number of reserved sectors [ 358.777288] CPU: 0 PID: 18051 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 358.785899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 358.795264] Call Trace: [ 358.795759] JFS: Cannot determine volume size [ 358.797878] dump_stack+0x244/0x39d [ 358.797902] ? dump_stack_print_info.cold.1+0x20/0x20 [ 358.797924] ? __save_stack_trace+0x8d/0xf0 [ 358.797951] should_fail.cold.4+0xa/0x17 [ 358.802442] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value [ 358.806102] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 358.806121] ? save_stack+0x43/0xd0 [ 358.806136] ? kasan_kmalloc+0xc7/0xe0 [ 358.806163] ? percpu_ref_put_many+0x11c/0x260 [ 358.812255] FAT-fs (loop4): Can't find a valid FAT filesystem [ 358.815677] ? graph_lock+0x270/0x270 [ 358.815698] ? find_held_lock+0x36/0x1c0 [ 358.815737] ? perf_trace_sched_process_exec+0x860/0x860 [ 358.815755] ? lock_downgrade+0x900/0x900 [ 358.815784] __should_failslab+0x124/0x180 [ 358.827557] should_failslab+0x9/0x14 [ 358.827573] kmem_cache_alloc+0x2be/0x730 [ 358.827588] ? d_set_d_op+0x31d/0x410 [ 358.827615] __alloc_file+0xa8/0x470 [ 358.827635] ? file_free_rcu+0xd0/0xd0 [ 358.836368] ? d_instantiate+0x79/0xa0 [ 358.836387] ? lock_downgrade+0x900/0x900 [ 358.836411] ? kasan_check_read+0x11/0x20 [ 358.836427] ? do_raw_spin_unlock+0xa7/0x330 [ 358.836442] ? do_raw_spin_trylock+0x270/0x270 [ 358.836462] alloc_empty_file+0x72/0x170 [ 358.917245] alloc_file+0x5e/0x4d0 [ 358.920779] ? _raw_spin_unlock+0x2c/0x50 [ 358.924930] alloc_file_pseudo+0x261/0x3f0 [ 358.929164] ? alloc_file+0x4d0/0x4d0 [ 358.932974] ? usercopy_warn+0x110/0x110 [ 358.937045] __shmem_file_setup.part.50+0x110/0x2a0 [ 358.942111] shmem_file_setup+0x65/0x90 [ 358.946113] __x64_sys_memfd_create+0x2af/0x4f0 [ 358.950778] ? memfd_fcntl+0x1910/0x1910 [ 358.954857] do_syscall_64+0x1b9/0x820 [ 358.958762] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 358.964133] ? syscall_return_slowpath+0x5e0/0x5e0 [ 358.969056] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 358.973922] ? trace_hardirqs_on_caller+0x310/0x310 [ 358.978947] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 358.983968] ? prepare_exit_to_usermode+0x291/0x3b0 [ 358.988983] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 358.993841] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.999034] RIP: 0033:0x457569 [ 359.002221] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 359.021123] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f 10:03:04 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x432, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:04 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x500000000000000}]) 10:03:04 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x58], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 359.028823] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457569 [ 359.036106] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc787 [ 359.043369] RBP: 000000000072bf00 R08: 0000000000000000 R09: 00000000fbad8001 [ 359.050660] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1130c7e6d4 [ 359.057922] R13: 00000000004c5225 R14: 00000000004d9010 R15: 0000000000000003 10:03:04 executing program 5 (fault-call:0 fault-nth:4): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:04 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='\nsdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 359.135534] minix_free_inode: bit 1 already cleared 10:03:04 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x70700000000000}]) [ 359.251681] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 359.280507] FAULT_INJECTION: forcing a failure. [ 359.280507] name failslab, interval 1, probability 0, space 0, times 0 10:03:04 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:03:04 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8848000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 359.367320] CPU: 1 PID: 18079 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 359.375931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 359.385299] Call Trace: [ 359.387912] dump_stack+0x244/0x39d [ 359.391572] ? dump_stack_print_info.cold.1+0x20/0x20 [ 359.396794] ? lock_downgrade+0x900/0x900 [ 359.400979] ? check_preemption_disabled+0x48/0x280 [ 359.406026] should_fail.cold.4+0xa/0x17 [ 359.410138] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 359.415278] ? is_bpf_text_address+0xd3/0x170 [ 359.419802] ? kernel_text_address+0x79/0xf0 [ 359.424233] ? __kernel_text_address+0xd/0x40 [ 359.428735] ? unwind_get_return_address+0x61/0xa0 [ 359.433680] ? __save_stack_trace+0x8d/0xf0 [ 359.438015] ? find_held_lock+0x36/0x1c0 [ 359.442112] ? __x64_sys_memfd_create+0x2af/0x4f0 [ 359.446953] ? perf_trace_sched_process_exec+0x860/0x860 [ 359.452404] __should_failslab+0x124/0x180 [ 359.456639] should_failslab+0x9/0x14 [ 359.460437] kmem_cache_alloc_trace+0x2d7/0x750 [ 359.465139] ? __might_sleep+0x95/0x190 [ 359.469157] apparmor_file_alloc_security+0x17b/0xac0 [ 359.474361] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 359.479937] ? apparmor_path_rename+0xcd0/0xcd0 [ 359.484620] ? rcu_read_lock_sched_held+0x14f/0x180 [ 359.489629] ? kmem_cache_alloc+0x33a/0x730 [ 359.493945] ? d_set_d_op+0x31d/0x410 [ 359.497745] security_file_alloc+0x4c/0xa0 [ 359.501978] __alloc_file+0x12a/0x470 [ 359.505774] ? file_free_rcu+0xd0/0xd0 [ 359.509668] ? d_instantiate+0x79/0xa0 [ 359.513564] ? lock_downgrade+0x900/0x900 [ 359.517872] ? kasan_check_read+0x11/0x20 [ 359.522030] ? do_raw_spin_unlock+0xa7/0x330 [ 359.526434] ? do_raw_spin_trylock+0x270/0x270 [ 359.531015] alloc_empty_file+0x72/0x170 [ 359.535092] alloc_file+0x5e/0x4d0 [ 359.538647] ? _raw_spin_unlock+0x2c/0x50 [ 359.542806] alloc_file_pseudo+0x261/0x3f0 [ 359.547041] ? alloc_file+0x4d0/0x4d0 [ 359.550841] ? usercopy_warn+0x110/0x110 [ 359.554920] __shmem_file_setup.part.50+0x110/0x2a0 [ 359.559951] shmem_file_setup+0x65/0x90 [ 359.563923] __x64_sys_memfd_create+0x2af/0x4f0 [ 359.568629] ? memfd_fcntl+0x1910/0x1910 [ 359.572692] do_syscall_64+0x1b9/0x820 [ 359.576576] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 359.581935] ? syscall_return_slowpath+0x5e0/0x5e0 [ 359.586863] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.591704] ? trace_hardirqs_on_caller+0x310/0x310 [ 359.596717] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 359.601729] ? prepare_exit_to_usermode+0x291/0x3b0 [ 359.606856] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.611730] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 359.616913] RIP: 0033:0x457569 [ 359.620114] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 359.639009] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 359.646707] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457569 [ 359.654014] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc787 [ 359.661285] RBP: 000000000072bf00 R08: 0000000000000000 R09: 00000000fbad8001 10:03:05 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x435, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 359.668686] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1130c7e6d4 [ 359.675949] R13: 00000000004c5225 R14: 00000000004d9010 R15: 0000000000000003 [ 359.726507] minix_free_inode: bit 1 already cleared 10:03:05 executing program 5 (fault-call:0 fault-nth:5): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:05 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x6000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:05 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x60ff}]) 10:03:05 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x300], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:05 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='%sdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 359.858531] FAULT_INJECTION: forcing a failure. [ 359.858531] name failslab, interval 1, probability 0, space 0, times 0 [ 359.881530] JFS: Cannot determine volume size [ 359.905360] CPU: 1 PID: 18106 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 359.913966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 359.923332] Call Trace: [ 359.925946] dump_stack+0x244/0x39d [ 359.929602] ? dump_stack_print_info.cold.1+0x20/0x20 [ 359.934816] ? find_held_lock+0x36/0x1c0 [ 359.938236] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value [ 359.938914] should_fail.cold.4+0xa/0x17 [ 359.938936] ? find_held_lock+0x36/0x1c0 [ 359.954779] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 359.959909] ? lock_downgrade+0x900/0x900 [ 359.964099] ? current_time+0x72/0x1b0 [ 359.968015] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 359.973571] ? timespec64_trunc+0xea/0x180 [ 359.977832] ? inode_init_owner+0x340/0x340 [ 359.982179] ? find_held_lock+0x36/0x1c0 [ 359.986249] ? perf_trace_sched_process_exec+0x860/0x860 [ 359.991697] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 359.997251] __should_failslab+0x124/0x180 [ 360.001488] should_failslab+0x9/0x14 [ 360.005299] kmem_cache_alloc+0x2be/0x730 [ 360.009454] ? do_sys_ftruncate+0x428/0x550 [ 360.013768] ? lock_downgrade+0x900/0x900 [ 360.017912] getname_flags+0xd0/0x590 [ 360.021732] ? __lock_is_held+0xb5/0x140 [ 360.025805] getname+0x19/0x20 [ 360.029003] do_sys_open+0x383/0x700 [ 360.032728] ? filp_open+0x80/0x80 [ 360.036267] ? trace_hardirqs_off_caller+0x300/0x300 [ 360.041364] ? do_sys_ftruncate+0x449/0x550 [ 360.045684] __x64_sys_open+0x7e/0xc0 [ 360.049482] do_syscall_64+0x1b9/0x820 [ 360.053370] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 360.058744] ? syscall_return_slowpath+0x5e0/0x5e0 [ 360.063684] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.068524] ? trace_hardirqs_on_caller+0x310/0x310 [ 360.073552] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 360.078577] ? prepare_exit_to_usermode+0x291/0x3b0 [ 360.083605] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.088479] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.093677] RIP: 0033:0x4111a1 [ 360.096866] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 360.115762] RSP: 002b:00007f1130c7da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 360.123460] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004111a1 [ 360.130849] RDX: 00007f1130c7dafa RSI: 0000000000000002 RDI: 00007f1130c7daf0 [ 360.138132] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 360.145405] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 360.152681] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:05 executing program 5 (fault-call:0 fault-nth:6): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:05 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0xa00}]) [ 360.249983] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:05 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8100], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:05 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) [ 360.350033] FAULT_INJECTION: forcing a failure. [ 360.350033] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 360.361889] CPU: 0 PID: 18133 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 360.370476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.379843] Call Trace: [ 360.382460] dump_stack+0x244/0x39d [ 360.386145] ? dump_stack_print_info.cold.1+0x20/0x20 [ 360.391382] should_fail.cold.4+0xa/0x17 [ 360.395470] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 360.400606] ? print_usage_bug+0xc0/0xc0 [ 360.404748] ? mark_held_locks+0x130/0x130 [ 360.409006] ? graph_lock+0x270/0x270 [ 360.412833] ? print_usage_bug+0xc0/0xc0 [ 360.416919] ? graph_lock+0x270/0x270 [ 360.420736] ? lock_downgrade+0x900/0x900 [ 360.424901] ? check_preemption_disabled+0x48/0x280 [ 360.429950] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 360.429966] ? should_fail+0x22d/0xd01 [ 360.429981] ? find_held_lock+0x36/0x1c0 [ 360.430000] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 360.430024] __alloc_pages_nodemask+0x34b/0xdd0 [ 360.439458] ? current_time+0x72/0x1b0 [ 360.457184] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 360.462222] ? inode_init_owner+0x340/0x340 [ 360.462246] ? find_held_lock+0x36/0x1c0 [ 360.462286] ? trace_hardirqs_off+0xb8/0x310 [ 360.475092] cache_grow_begin+0xa5/0x8c0 [ 360.479181] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 360.484731] ? check_preemption_disabled+0x48/0x280 [ 360.484755] kmem_cache_alloc+0x66b/0x730 [ 360.484772] ? trace_hardirqs_on_caller+0xc0/0x310 [ 360.484794] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 360.503646] getname_flags+0xd0/0x590 [ 360.507466] ? __lock_is_held+0xb5/0x140 [ 360.511549] getname+0x19/0x20 [ 360.514761] do_sys_open+0x383/0x700 [ 360.518497] ? filp_open+0x80/0x80 [ 360.522068] __x64_sys_open+0x7e/0xc0 [ 360.525912] ? do_syscall_64+0xca/0x820 [ 360.529911] do_syscall_64+0x1b9/0x820 [ 360.533818] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 360.533838] ? syscall_return_slowpath+0x5e0/0x5e0 [ 360.533854] ? trace_hardirqs_off_thunk+0x1a/0x1c 10:03:05 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x438, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:05 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x3a00], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 360.533874] ? trace_hardirqs_on_caller+0x310/0x310 [ 360.533891] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 360.533912] ? prepare_exit_to_usermode+0x291/0x3b0 [ 360.559136] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.559162] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.559175] RIP: 0033:0x4111a1 [ 360.559192] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 360.559201] RSP: 002b:00007f1130c7da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 360.559216] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004111a1 [ 360.559227] RDX: 00007f1130c7dafa RSI: 0000000000000002 RDI: 00007f1130c7daf0 [ 360.559235] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 360.559244] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 360.559253] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 [ 360.643303] JFS: Cannot determine volume size 10:03:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x200000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 360.653556] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value [ 360.663997] minix_free_inode: bit 1 already cleared [ 360.690733] FAT-fs (loop5): bogus number of reserved sectors 10:03:06 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x400000000000000}]) 10:03:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x800000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 360.718848] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:06 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='mXdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:06 executing program 5 (fault-call:0 fault-nth:7): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:06 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x3000000}]) [ 361.017496] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:06 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:03:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x88480000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 361.067686] FAULT_INJECTION: forcing a failure. [ 361.067686] name failslab, interval 1, probability 0, space 0, times 0 [ 361.141720] CPU: 0 PID: 18184 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 361.150332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 361.159725] Call Trace: [ 361.162355] dump_stack+0x244/0x39d [ 361.166019] ? dump_stack_print_info.cold.1+0x20/0x20 [ 361.171235] ? print_usage_bug+0xc0/0xc0 [ 361.175327] should_fail.cold.4+0xa/0x17 [ 361.179414] ? find_held_lock+0x36/0x1c0 [ 361.183495] ? fault_create_debugfs_attr+0x1f0/0x1f0 10:03:06 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="580084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xfffffff5], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 361.188627] ? lock_downgrade+0x900/0x900 [ 361.192810] ? check_preemption_disabled+0x48/0x280 [ 361.197854] ? kasan_check_read+0x11/0x20 [ 361.202022] ? find_held_lock+0x36/0x1c0 [ 361.206124] ? perf_trace_sched_process_exec+0x860/0x860 [ 361.211620] __should_failslab+0x124/0x180 [ 361.215870] should_failslab+0x9/0x14 [ 361.219681] kmem_cache_alloc+0x2be/0x730 [ 361.223823] ? graph_lock+0x270/0x270 [ 361.227630] ? print_usage_bug+0xc0/0xc0 [ 361.231715] ? mark_held_locks+0x130/0x130 [ 361.235963] __alloc_file+0xa8/0x470 [ 361.239677] ? file_free_rcu+0xd0/0xd0 [ 361.243567] ? find_held_lock+0x36/0x1c0 [ 361.247628] ? is_bpf_text_address+0xac/0x170 [ 361.252126] ? lock_downgrade+0x900/0x900 [ 361.256268] ? check_preemption_disabled+0x48/0x280 [ 361.261290] alloc_empty_file+0x72/0x170 [ 361.265374] path_openat+0x170/0x5150 [ 361.269174] ? rcu_softirq_qs+0x20/0x20 [ 361.273142] ? unwind_dump+0x190/0x190 [ 361.277049] ? graph_lock+0x270/0x270 [ 361.280883] ? path_lookupat.isra.43+0xc00/0xc00 [ 361.285632] ? unwind_get_return_address+0x61/0xa0 [ 361.290560] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 361.295575] ? expand_files.part.8+0x571/0x9a0 [ 361.300158] ? find_held_lock+0x36/0x1c0 [ 361.304219] ? __alloc_fd+0x347/0x6e0 [ 361.308032] ? lock_downgrade+0x900/0x900 [ 361.312188] ? getname+0x19/0x20 [ 361.315551] ? kasan_check_read+0x11/0x20 [ 361.319695] ? do_raw_spin_unlock+0xa7/0x330 [ 361.324205] ? do_raw_spin_trylock+0x270/0x270 [ 361.328796] ? __lock_is_held+0xb5/0x140 [ 361.332866] ? __check_object_size+0xb1/0x782 [ 361.337370] ? _raw_spin_unlock+0x2c/0x50 [ 361.341516] ? __alloc_fd+0x347/0x6e0 [ 361.345344] do_filp_open+0x255/0x380 [ 361.349159] ? may_open_dev+0x100/0x100 [ 361.353153] ? get_unused_fd_flags+0x122/0x1a0 [ 361.357733] ? __alloc_fd+0x6e0/0x6e0 [ 361.361531] ? __lock_is_held+0xb5/0x140 [ 361.365590] do_sys_open+0x568/0x700 [ 361.369301] ? filp_open+0x80/0x80 [ 361.372843] ? trace_hardirqs_off_caller+0x300/0x300 [ 361.377953] ? do_sys_ftruncate+0x449/0x550 [ 361.382286] __x64_sys_open+0x7e/0xc0 [ 361.386104] do_syscall_64+0x1b9/0x820 [ 361.389999] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 361.395375] ? syscall_return_slowpath+0x5e0/0x5e0 [ 361.400299] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 361.405141] ? trace_hardirqs_on_caller+0x310/0x310 [ 361.410156] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 361.415183] ? prepare_exit_to_usermode+0x291/0x3b0 [ 361.420212] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 361.425054] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 361.430413] RIP: 0033:0x4111a1 [ 361.433602] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 361.452525] RSP: 002b:00007f1130c7da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 361.460225] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004111a1 [ 361.467526] RDX: 00007f1130c7dafa RSI: 0000000000000002 RDI: 00007f1130c7daf0 [ 361.474805] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 361.482070] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 10:03:06 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='m*dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 361.489358] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:06 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x930000000000}]) [ 361.515662] minix_free_inode: bit 1 already cleared [ 361.529541] JFS: Cannot determine volume size [ 361.551279] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value 10:03:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x300000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:06 executing program 5 (fault-call:0 fault-nth:8): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:07 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:03:07 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x800e0000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:07 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x9300}]) [ 361.733392] FAULT_INJECTION: forcing a failure. [ 361.733392] name failslab, interval 1, probability 0, space 0, times 0 [ 361.753988] CPU: 1 PID: 18220 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 361.762585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 361.771932] Call Trace: [ 361.774516] dump_stack+0x244/0x39d [ 361.778143] ? dump_stack_print_info.cold.1+0x20/0x20 [ 361.783351] should_fail.cold.4+0xa/0x17 [ 361.787457] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 361.792560] ? print_usage_bug+0xc0/0xc0 [ 361.796627] ? up_write+0x7b/0x220 [ 361.800166] ? graph_lock+0x270/0x270 [ 361.803960] ? lock_acquire+0x1ed/0x520 [ 361.807942] ? lo_ioctl+0x25d/0x22a0 [ 361.811684] ? find_held_lock+0x36/0x1c0 [ 361.815755] ? __lock_is_held+0xb5/0x140 [ 361.819880] ? perf_trace_xfs_refcount_finish_one_leftover+0x1e8/0x890 [ 361.826559] ? perf_trace_sched_process_exec+0x860/0x860 [ 361.832020] __should_failslab+0x124/0x180 [ 361.836259] should_failslab+0x9/0x14 [ 361.840057] kmem_cache_alloc_trace+0x2d7/0x750 [ 361.844743] ? check_preemption_disabled+0x48/0x280 [ 361.849766] __kthread_create_on_node+0x137/0x540 [ 361.854605] ? loop_get_status64+0x120/0x120 [ 361.859012] ? kthread_parkme+0xb0/0xb0 [ 361.862991] ? __lockdep_init_map+0x105/0x590 [ 361.867483] ? __lockdep_init_map+0x105/0x590 [ 361.871978] ? loop_get_status64+0x120/0x120 [ 361.876386] kthread_create_on_node+0xb1/0xe0 [ 361.880906] ? __kthread_create_on_node+0x540/0x540 [ 361.885935] ? check_preemption_disabled+0x48/0x280 [ 361.890951] lo_ioctl+0xcb3/0x22a0 [ 361.894489] ? lo_rw_aio+0x1ef0/0x1ef0 [ 361.898386] ? find_held_lock+0x36/0x1c0 [ 361.902445] ? lo_rw_aio+0x1ef0/0x1ef0 [ 361.906330] blkdev_ioctl+0x98e/0x21b0 [ 361.910230] ? blkpg_ioctl+0xc10/0xc10 [ 361.914216] ? lock_downgrade+0x900/0x900 [ 361.918474] ? check_preemption_disabled+0x48/0x280 [ 361.923742] ? kasan_check_read+0x11/0x20 [ 361.927898] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 361.933183] ? rcu_read_unlock_special+0x370/0x370 [ 361.938133] ? __fget+0x4d1/0x740 [ 361.941587] ? ksys_dup3+0x680/0x680 [ 361.945325] block_ioctl+0xee/0x130 [ 361.948971] ? blkdev_fallocate+0x400/0x400 [ 361.953302] do_vfs_ioctl+0x1de/0x1790 [ 361.957205] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 361.962752] ? ioctl_preallocate+0x300/0x300 [ 361.967159] ? __fget_light+0x2e9/0x430 [ 361.971140] ? fget_raw+0x20/0x20 [ 361.974604] ? rcu_read_lock_sched_held+0x14f/0x180 [ 361.979630] ? kmem_cache_free+0x24f/0x290 [ 361.983867] ? putname+0xf7/0x130 [ 361.987329] ? do_syscall_64+0x9a/0x820 [ 361.991321] ? do_syscall_64+0x9a/0x820 [ 361.995311] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 361.999903] ? security_file_ioctl+0x94/0xc0 [ 362.004308] ksys_ioctl+0xa9/0xd0 [ 362.007760] __x64_sys_ioctl+0x73/0xb0 [ 362.011644] do_syscall_64+0x1b9/0x820 [ 362.015528] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 362.020889] ? syscall_return_slowpath+0x5e0/0x5e0 [ 362.025811] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 362.030656] ? trace_hardirqs_on_caller+0x310/0x310 [ 362.035678] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 362.040717] ? prepare_exit_to_usermode+0x291/0x3b0 [ 362.045730] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 362.050575] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 362.055764] RIP: 0033:0x4573d7 [ 362.058957] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 362.077863] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 362.085578] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 362.092844] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 362.100116] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 362.107396] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 362.114673] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:07 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='mddos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 362.161184] JFS: Cannot determine volume size [ 362.170291] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 362.194662] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value 10:03:07 executing program 5 (fault-call:0 fault-nth:9): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:07 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8847000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:07 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600884e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:07 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x800000000000000}]) [ 362.315691] minix_free_inode: bit 1 already cleared 10:03:07 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:03:07 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x80350000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 362.385553] FAULT_INJECTION: forcing a failure. [ 362.385553] name failslab, interval 1, probability 0, space 0, times 0 [ 362.404202] CPU: 0 PID: 18252 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 362.412805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 362.422157] Call Trace: [ 362.424757] dump_stack+0x244/0x39d [ 362.428411] ? dump_stack_print_info.cold.1+0x20/0x20 [ 362.433606] ? cpuacct_charge+0x265/0x440 [ 362.437768] should_fail.cold.4+0xa/0x17 [ 362.441824] ? __lock_is_held+0xb5/0x140 [ 362.445885] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 362.450986] ? lock_downgrade+0x900/0x900 [ 362.455150] ? kasan_check_read+0x11/0x20 [ 362.459308] ? graph_lock+0x270/0x270 [ 362.463128] ? print_usage_bug+0xc0/0xc0 [ 362.467202] ? find_held_lock+0x36/0x1c0 [ 362.471260] ? __lock_is_held+0xb5/0x140 [ 362.475344] ? reweight_entity+0x10f0/0x10f0 [ 362.479762] ? perf_trace_sched_process_exec+0x860/0x860 [ 362.485212] __should_failslab+0x124/0x180 [ 362.489445] should_failslab+0x9/0x14 [ 362.493354] kmem_cache_alloc+0x2be/0x730 [ 362.497558] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 362.502569] __kernfs_new_node+0x127/0x8d0 [ 362.506800] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 362.511560] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 362.516674] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 362.521786] ? graph_lock+0x270/0x270 [ 362.525602] ? print_usage_bug+0xc0/0xc0 [ 362.529703] ? graph_lock+0x270/0x270 [ 362.533533] ? enqueue_task_fair+0x24d/0xa50 [ 362.537940] ? find_held_lock+0x36/0x1c0 [ 362.542000] kernfs_new_node+0x95/0x120 [ 362.545971] kernfs_create_dir_ns+0x4d/0x160 [ 362.550376] internal_create_group+0x5fc/0xd80 [ 362.554958] ? remove_files.isra.1+0x190/0x190 [ 362.559533] ? up_write+0x7b/0x220 [ 362.563066] ? down_write_nested+0x130/0x130 [ 362.567486] ? down_read+0x120/0x120 [ 362.571204] sysfs_create_group+0x1f/0x30 [ 362.575382] lo_ioctl+0x166a/0x22a0 [ 362.579013] ? lo_rw_aio+0x1ef0/0x1ef0 [ 362.582898] ? find_held_lock+0x36/0x1c0 [ 362.586995] ? lo_rw_aio+0x1ef0/0x1ef0 [ 362.590881] blkdev_ioctl+0x98e/0x21b0 [ 362.594765] ? blkpg_ioctl+0xc10/0xc10 [ 362.598671] ? lock_downgrade+0x900/0x900 [ 362.602815] ? check_preemption_disabled+0x48/0x280 [ 362.607832] ? kasan_check_read+0x11/0x20 [ 362.611985] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 362.617312] ? rcu_read_unlock_special+0x370/0x370 [ 362.622249] ? __fget+0x4d1/0x740 [ 362.625740] ? ksys_dup3+0x680/0x680 [ 362.629495] block_ioctl+0xee/0x130 [ 362.633143] ? blkdev_fallocate+0x400/0x400 [ 362.637474] do_vfs_ioctl+0x1de/0x1790 [ 362.641359] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 362.646892] ? ioctl_preallocate+0x300/0x300 [ 362.651305] ? __fget_light+0x2e9/0x430 [ 362.655306] ? fget_raw+0x20/0x20 [ 362.658779] ? rcu_read_lock_sched_held+0x14f/0x180 [ 362.663789] ? kmem_cache_free+0x24f/0x290 [ 362.668018] ? putname+0xf7/0x130 [ 362.671467] ? do_syscall_64+0x9a/0x820 [ 362.675477] ? do_syscall_64+0x9a/0x820 [ 362.679450] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 362.684029] ? security_file_ioctl+0x94/0xc0 [ 362.688434] ksys_ioctl+0xa9/0xd0 [ 362.691884] __x64_sys_ioctl+0x73/0xb0 [ 362.695782] do_syscall_64+0x1b9/0x820 [ 362.699665] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 362.705026] ? syscall_return_slowpath+0x5e0/0x5e0 [ 362.709952] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 362.714793] ? trace_hardirqs_on_caller+0x310/0x310 [ 362.719805] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 362.724816] ? prepare_exit_to_usermode+0x291/0x3b0 [ 362.729834] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 362.734677] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 362.739873] RIP: 0033:0x4573d7 [ 362.743061] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 362.761974] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 362.769675] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 362.776944] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 362.784220] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 362.791481] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 362.798749] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:08 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x88caffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:08 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='modos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:08 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x2000000}]) [ 362.866889] FAT-fs (loop5): bogus number of reserved sectors [ 362.877626] FAT-fs (loop5): Can't find a valid FAT filesystem [ 362.878975] JFS: Cannot determine volume size [ 362.888571] jfs: Unrecognized mount option "rootcontext=sysadm_u" or missing value [ 362.966862] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:08 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:03:08 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600384e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:08 executing program 5 (fault-call:0 fault-nth:10): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:08 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8060000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:08 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x20000000}]) [ 363.145653] minix_free_inode: bit 1 already cleared [ 363.195026] FAULT_INJECTION: forcing a failure. [ 363.195026] name failslab, interval 1, probability 0, space 0, times 0 [ 363.229221] CPU: 1 PID: 18295 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 363.237827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.247205] Call Trace: [ 363.249813] dump_stack+0x244/0x39d [ 363.253474] ? dump_stack_print_info.cold.1+0x20/0x20 [ 363.258677] ? cpuacct_charge+0x265/0x440 [ 363.262843] should_fail.cold.4+0xa/0x17 [ 363.266898] ? __lock_is_held+0xb5/0x140 [ 363.270952] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 363.276054] ? lock_downgrade+0x900/0x900 [ 363.280208] ? kasan_check_read+0x11/0x20 [ 363.284346] ? graph_lock+0x270/0x270 [ 363.288197] ? print_usage_bug+0xc0/0xc0 [ 363.292241] ? find_held_lock+0x36/0x1c0 [ 363.296287] ? __lock_is_held+0xb5/0x140 [ 363.300402] ? dwc3_gadget_set_link_state+0x48/0x11c0 [ 363.305601] ? reweight_entity+0x10f0/0x10f0 [ 363.309986] ? perf_trace_sched_process_exec+0x860/0x860 [ 363.315444] __should_failslab+0x124/0x180 [ 363.319686] should_failslab+0x9/0x14 [ 363.323467] kmem_cache_alloc+0x2be/0x730 [ 363.327613] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 363.332621] __kernfs_new_node+0x127/0x8d0 [ 363.336834] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 363.341579] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 363.346673] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 363.351753] ? graph_lock+0x270/0x270 [ 363.355537] ? print_usage_bug+0xc0/0xc0 [ 363.359603] ? graph_lock+0x270/0x270 [ 363.363404] ? enqueue_task_fair+0x24d/0xa50 [ 363.367791] ? find_held_lock+0x36/0x1c0 [ 363.371834] kernfs_new_node+0x95/0x120 [ 363.375793] kernfs_create_dir_ns+0x4d/0x160 [ 363.380200] internal_create_group+0x5fc/0xd80 [ 363.384778] ? remove_files.isra.1+0x190/0x190 [ 363.389366] ? up_write+0x7b/0x220 [ 363.392886] ? down_write_nested+0x130/0x130 [ 363.397283] ? down_read+0x120/0x120 [ 363.400996] sysfs_create_group+0x1f/0x30 [ 363.405144] lo_ioctl+0x166a/0x22a0 [ 363.408768] ? lo_rw_aio+0x1ef0/0x1ef0 [ 363.412647] ? find_held_lock+0x36/0x1c0 [ 363.416688] ? lo_rw_aio+0x1ef0/0x1ef0 [ 363.420566] blkdev_ioctl+0x98e/0x21b0 [ 363.424433] ? blkpg_ioctl+0xc10/0xc10 [ 363.428312] ? lock_downgrade+0x900/0x900 [ 363.432461] ? check_preemption_disabled+0x48/0x280 [ 363.437479] ? kasan_check_read+0x11/0x20 [ 363.441604] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 363.446878] ? rcu_read_unlock_special+0x370/0x370 [ 363.451793] ? __fget+0x4d1/0x740 [ 363.455243] ? ksys_dup3+0x680/0x680 [ 363.458946] block_ioctl+0xee/0x130 [ 363.462553] ? blkdev_fallocate+0x400/0x400 [ 363.466874] do_vfs_ioctl+0x1de/0x1790 [ 363.470764] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 363.476294] ? ioctl_preallocate+0x300/0x300 [ 363.480679] ? __fget_light+0x2e9/0x430 [ 363.484638] ? fget_raw+0x20/0x20 [ 363.488101] ? rcu_read_lock_sched_held+0x14f/0x180 [ 363.493132] ? kmem_cache_free+0x24f/0x290 [ 363.497350] ? putname+0xf7/0x130 [ 363.500812] ? do_syscall_64+0x9a/0x820 [ 363.504764] ? do_syscall_64+0x9a/0x820 [ 363.508737] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 363.513319] ? security_file_ioctl+0x94/0xc0 [ 363.517730] ksys_ioctl+0xa9/0xd0 [ 363.521325] __x64_sys_ioctl+0x73/0xb0 [ 363.525231] do_syscall_64+0x1b9/0x820 [ 363.529106] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 363.534456] ? syscall_return_slowpath+0x5e0/0x5e0 [ 363.539376] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.544211] ? trace_hardirqs_on_caller+0x310/0x310 [ 363.549244] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 363.554251] ? prepare_exit_to_usermode+0x291/0x3b0 [ 363.559260] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.564115] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 363.569291] RIP: 0033:0x4573d7 [ 363.572475] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:03:09 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x4888], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 363.591362] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 363.599049] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 363.606310] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 363.613567] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 363.620847] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 363.628099] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:09 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x100000000000000}]) [ 363.670802] JFS: Cannot determine volume size [ 363.678160] jfs: Unrecognized mount option "dont_measure" or missing value [ 363.693510] FAT-fs (loop5): bogus number of reserved sectors [ 363.711007] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:09 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xf0ffffffffffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:09 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:03:09 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='m+dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 363.879274] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:09 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x100000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:09 executing program 5 (fault-call:0 fault-nth:11): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 363.977306] JFS: Cannot determine volume size 10:03:09 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x8000000}]) 10:03:09 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600484e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:09 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x3], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 364.021810] jfs: Unrecognized mount option "dont_measure" or missing value [ 364.023106] FAULT_INJECTION: forcing a failure. [ 364.023106] name failslab, interval 1, probability 0, space 0, times 0 [ 364.051225] CPU: 1 PID: 18345 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 364.059810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.069163] Call Trace: [ 364.071754] dump_stack+0x244/0x39d [ 364.075380] ? dump_stack_print_info.cold.1+0x20/0x20 [ 364.080554] ? radix_tree_tag_set+0x3d0/0x3d0 [ 364.085030] should_fail.cold.4+0xa/0x17 [ 364.089095] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 364.094184] ? kernfs_activate+0x8e/0x2c0 [ 364.098329] ? graph_lock+0x270/0x270 [ 364.102127] ? lock_release+0xa10/0xa10 [ 364.106084] ? perf_trace_sched_process_exec+0x860/0x860 [ 364.111514] ? find_held_lock+0x36/0x1c0 [ 364.115579] ? __lock_is_held+0xb5/0x140 [ 364.119635] ? perf_trace_sched_process_exec+0x860/0x860 [ 364.125060] ? find_held_lock+0x36/0x1c0 [ 364.129161] __should_failslab+0x124/0x180 [ 364.133388] should_failslab+0x9/0x14 [ 364.137174] kmem_cache_alloc+0x2be/0x730 [ 364.141320] ? find_held_lock+0x36/0x1c0 [ 364.145367] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 364.150388] __kernfs_new_node+0x127/0x8d0 [ 364.154610] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 364.159354] ? kasan_check_write+0x14/0x20 [ 364.163568] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 364.168489] ? __kernfs_new_node+0x697/0x8d0 [ 364.172896] ? wait_for_completion+0x8a0/0x8a0 [ 364.177472] ? graph_lock+0x270/0x270 [ 364.181279] ? kasan_check_write+0x14/0x20 [ 364.185500] ? __lock_is_held+0xb5/0x140 [ 364.189540] ? wait_for_completion+0x8a0/0x8a0 [ 364.194117] ? mutex_unlock+0xd/0x10 [ 364.197811] ? kernfs_activate+0x21a/0x2c0 [ 364.202053] kernfs_new_node+0x95/0x120 [ 364.206036] __kernfs_create_file+0x5a/0x340 [ 364.210445] sysfs_add_file_mode_ns+0x222/0x530 [ 364.215121] internal_create_group+0x3df/0xd80 [ 364.219686] ? remove_files.isra.1+0x190/0x190 [ 364.224247] ? up_write+0x7b/0x220 [ 364.227767] ? down_write_nested+0x130/0x130 [ 364.232161] ? down_read+0x120/0x120 [ 364.235875] sysfs_create_group+0x1f/0x30 [ 364.240013] lo_ioctl+0x166a/0x22a0 [ 364.243626] ? lo_rw_aio+0x1ef0/0x1ef0 [ 364.247496] ? find_held_lock+0x36/0x1c0 [ 364.251536] ? lo_rw_aio+0x1ef0/0x1ef0 [ 364.255403] blkdev_ioctl+0x98e/0x21b0 [ 364.259271] ? blkpg_ioctl+0xc10/0xc10 [ 364.263148] ? lock_downgrade+0x900/0x900 [ 364.267302] ? check_preemption_disabled+0x48/0x280 [ 364.272312] ? kasan_check_read+0x11/0x20 [ 364.276453] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 364.281710] ? rcu_read_unlock_special+0x370/0x370 [ 364.286625] ? __fget+0x4d1/0x740 [ 364.290063] ? ksys_dup3+0x680/0x680 [ 364.293883] block_ioctl+0xee/0x130 [ 364.297522] ? blkdev_fallocate+0x400/0x400 [ 364.301871] do_vfs_ioctl+0x1de/0x1790 [ 364.305740] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 364.311261] ? ioctl_preallocate+0x300/0x300 [ 364.315698] ? __fget_light+0x2e9/0x430 [ 364.319681] ? fget_raw+0x20/0x20 [ 364.323126] ? rcu_read_lock_sched_held+0x14f/0x180 [ 364.328160] ? kmem_cache_free+0x24f/0x290 [ 364.332403] ? putname+0xf7/0x130 [ 364.335841] ? do_syscall_64+0x9a/0x820 [ 364.339794] ? do_syscall_64+0x9a/0x820 [ 364.343745] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 364.348309] ? security_file_ioctl+0x94/0xc0 [ 364.352715] ksys_ioctl+0xa9/0xd0 [ 364.356178] __x64_sys_ioctl+0x73/0xb0 [ 364.360062] do_syscall_64+0x1b9/0x820 [ 364.363938] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 364.369280] ? syscall_return_slowpath+0x5e0/0x5e0 [ 364.374199] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.379065] ? trace_hardirqs_on_caller+0x310/0x310 [ 364.384068] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 364.389068] ? prepare_exit_to_usermode+0x291/0x3b0 [ 364.394090] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.398922] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.404146] RIP: 0033:0x4573d7 [ 364.407339] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 364.426241] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 364.433941] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 364.441196] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 364.448465] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 364.455714] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 364.462999] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 [ 364.515924] minix_free_inode: bit 1 already cleared 10:03:09 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x300}]) 10:03:09 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x81000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 364.564095] FAT-fs (loop5): bogus number of reserved sectors [ 364.571339] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:10 executing program 3: syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x400, &(0x7f00000007c0)={[{@resize='resize'}, {@grpquota='grpquota'}, {@uid={'uid'}}, {@nodiscard='nodiscard'}, {@nointegrity='nointegrity'}], [{@dont_measure='dont_measure'}, {@seclabel='seclabel'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@defcontext={'defcontext', 0x3d, 'staff_u'}}, {@appraise='appraise'}, {@uid_gt={'uid>'}}]}) 10:03:10 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='mcdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:10 executing program 5 (fault-call:0 fault-nth:12): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 364.745759] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:10 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x400000000000}]) 10:03:10 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x28000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 364.859490] FAULT_INJECTION: forcing a failure. [ 364.859490] name failslab, interval 1, probability 0, space 0, times 0 [ 364.888179] CPU: 0 PID: 18386 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 364.896785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.906159] Call Trace: [ 364.908756] dump_stack+0x244/0x39d [ 364.912394] ? dump_stack_print_info.cold.1+0x20/0x20 [ 364.917571] should_fail.cold.4+0xa/0x17 [ 364.921616] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 364.926746] ? lock_release+0xa10/0xa10 [ 364.930809] ? perf_trace_sched_process_exec+0x860/0x860 [ 364.936290] ? graph_lock+0x270/0x270 [ 364.940107] ? find_held_lock+0x36/0x1c0 [ 364.944164] ? __lock_is_held+0xb5/0x140 [ 364.948236] ? perf_trace_sched_process_exec+0x860/0x860 [ 364.953700] ? kernfs_activate+0x21a/0x2c0 [ 364.957949] __should_failslab+0x124/0x180 [ 364.962184] should_failslab+0x9/0x14 [ 364.965964] kmem_cache_alloc+0x2be/0x730 [ 364.970112] ? lock_downgrade+0x900/0x900 [ 364.974255] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 364.979259] __kernfs_new_node+0x127/0x8d0 [ 364.983491] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 364.988237] ? graph_lock+0x270/0x270 [ 364.992020] ? __lock_is_held+0xb5/0x140 [ 364.996062] ? wait_for_completion+0x8a0/0x8a0 [ 365.000651] ? mutex_unlock+0xd/0x10 [ 365.004346] ? kernfs_activate+0x21a/0x2c0 [ 365.008575] ? kernfs_walk_and_get_ns+0x340/0x340 [ 365.013397] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 365.018912] ? kernfs_link_sibling+0x1d2/0x3b0 [ 365.023492] kernfs_new_node+0x95/0x120 [ 365.027465] __kernfs_create_file+0x5a/0x340 [ 365.031890] sysfs_add_file_mode_ns+0x222/0x530 [ 365.036542] internal_create_group+0x3df/0xd80 [ 365.041138] ? remove_files.isra.1+0x190/0x190 [ 365.045711] ? up_write+0x7b/0x220 [ 365.049249] ? down_write_nested+0x130/0x130 [ 365.053632] ? down_read+0x120/0x120 [ 365.057386] sysfs_create_group+0x1f/0x30 [ 365.061531] lo_ioctl+0x166a/0x22a0 [ 365.065143] ? lo_rw_aio+0x1ef0/0x1ef0 [ 365.069023] ? find_held_lock+0x36/0x1c0 [ 365.073083] ? lo_rw_aio+0x1ef0/0x1ef0 [ 365.076961] blkdev_ioctl+0x98e/0x21b0 [ 365.080828] ? blkpg_ioctl+0xc10/0xc10 [ 365.084695] ? lock_downgrade+0x900/0x900 [ 365.088846] ? check_preemption_disabled+0x48/0x280 [ 365.093868] ? kasan_check_read+0x11/0x20 [ 365.098024] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 365.103324] ? rcu_read_unlock_special+0x370/0x370 [ 365.108241] ? __fget+0x4d1/0x740 [ 365.111673] ? ksys_dup3+0x680/0x680 [ 365.115376] block_ioctl+0xee/0x130 [ 365.119022] ? blkdev_fallocate+0x400/0x400 [ 365.123368] do_vfs_ioctl+0x1de/0x1790 [ 365.127254] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 365.132781] ? ioctl_preallocate+0x300/0x300 [ 365.137186] ? __fget_light+0x2e9/0x430 [ 365.141155] ? fget_raw+0x20/0x20 [ 365.144588] ? rcu_read_lock_sched_held+0x14f/0x180 [ 365.149588] ? kmem_cache_free+0x24f/0x290 [ 365.153849] ? putname+0xf7/0x130 [ 365.157299] ? do_syscall_64+0x9a/0x820 [ 365.161261] ? do_syscall_64+0x9a/0x820 [ 365.165216] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 365.169825] ? security_file_ioctl+0x94/0xc0 [ 365.174237] ksys_ioctl+0xa9/0xd0 [ 365.177684] __x64_sys_ioctl+0x73/0xb0 [ 365.181553] do_syscall_64+0x1b9/0x820 [ 365.185445] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 365.190799] ? syscall_return_slowpath+0x5e0/0x5e0 [ 365.195705] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 365.200528] ? trace_hardirqs_on_caller+0x310/0x310 [ 365.205538] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 365.210550] ? prepare_exit_to_usermode+0x291/0x3b0 [ 365.215562] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 365.220437] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 365.225603] RIP: 0033:0x4573d7 [ 365.228778] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 365.247654] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 10:03:10 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x800e], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 365.255336] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 365.262601] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 365.269848] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 365.277118] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 365.284407] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 [ 365.300091] JFS: Cannot determine volume size [ 365.304624] jfs: Unrecognized mount option "dont_measure" or missing value 10:03:10 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="607a84e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:10 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8848], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:10 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x2000000000}]) [ 365.335045] FAT-fs (loop5): bogus number of reserved sectors [ 365.359912] FAT-fs (loop5): Can't find a valid FAT filesystem [ 365.406008] minix_free_inode: bit 1 already cleared 10:03:10 executing program 3: r0 = memfd_create(&(0x7f00000000c0)="c0873a2a18c16ba7875ba06f38aa4ba5d30b86ca3c7ffd368d7dd8f247b8ea936147d4fd1e42dc6062cebb4865299086e39608e0fab1d84eb257cb8d7d336c6d38a537c900484f41c86d4352fccb247533ecde25d05dd8eb448253173fd64173e3b19a46e6ba5bc7258820ee51529f818bdcc7dcde6dbe7f321129fbe0096d17d8da4034bd6a2a541e5ef76feedf0db8771de75fde87ddc1f0911a219cd30bc99564e32aa9fa999db8893ec9f216137b1a526f3a16002b24ed58b74b56715518e26bbd0e561614671bb0cf93", 0x0) r1 = perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r0, 0x0) 10:03:10 executing program 5 (fault-call:0 fault-nth:13): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:10 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x2], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:10 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0xa00000000000000}]) [ 365.621393] FAULT_INJECTION: forcing a failure. [ 365.621393] name failslab, interval 1, probability 0, space 0, times 0 [ 365.646208] CPU: 1 PID: 18429 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 365.654791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 365.664135] Call Trace: [ 365.666730] dump_stack+0x244/0x39d [ 365.670428] ? dump_stack_print_info.cold.1+0x20/0x20 [ 365.675645] should_fail.cold.4+0xa/0x17 [ 365.679698] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 365.684795] ? lock_release+0xa10/0xa10 [ 365.688745] ? perf_trace_sched_process_exec+0x860/0x860 [ 365.694182] ? graph_lock+0x270/0x270 [ 365.697969] ? find_held_lock+0x36/0x1c0 [ 365.702011] ? __lock_is_held+0xb5/0x140 [ 365.706049] ? page_evictable+0xc8/0x540 [ 365.710129] ? perf_trace_sched_process_exec+0x860/0x860 [ 365.715560] ? kernfs_activate+0x21a/0x2c0 [ 365.719790] __should_failslab+0x124/0x180 [ 365.724008] should_failslab+0x9/0x14 [ 365.727789] kmem_cache_alloc+0x2be/0x730 [ 365.731954] ? lock_downgrade+0x900/0x900 [ 365.736091] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 365.741098] __kernfs_new_node+0x127/0x8d0 [ 365.745343] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 365.750098] ? graph_lock+0x270/0x270 [ 365.753884] ? __lock_is_held+0xb5/0x140 [ 365.757922] ? wait_for_completion+0x8a0/0x8a0 [ 365.762487] ? mutex_unlock+0xd/0x10 [ 365.766177] ? kernfs_activate+0x21a/0x2c0 [ 365.770408] ? kernfs_walk_and_get_ns+0x340/0x340 [ 365.775231] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 365.780769] ? kernfs_link_sibling+0x1d2/0x3b0 [ 365.785336] kernfs_new_node+0x95/0x120 [ 365.789294] __kernfs_create_file+0x5a/0x340 [ 365.793703] sysfs_add_file_mode_ns+0x222/0x530 [ 365.798356] internal_create_group+0x3df/0xd80 [ 365.802957] ? remove_files.isra.1+0x190/0x190 [ 365.807517] ? up_write+0x7b/0x220 [ 365.811041] ? down_write_nested+0x130/0x130 [ 365.815453] ? down_read+0x120/0x120 [ 365.819170] sysfs_create_group+0x1f/0x30 [ 365.823363] lo_ioctl+0x166a/0x22a0 [ 365.826983] ? lo_rw_aio+0x1ef0/0x1ef0 [ 365.830857] ? find_held_lock+0x36/0x1c0 [ 365.834897] ? lo_rw_aio+0x1ef0/0x1ef0 [ 365.838766] blkdev_ioctl+0x98e/0x21b0 [ 365.842633] ? blkpg_ioctl+0xc10/0xc10 [ 365.846498] ? lock_downgrade+0x900/0x900 [ 365.850630] ? check_preemption_disabled+0x48/0x280 [ 365.855637] ? kasan_check_read+0x11/0x20 [ 365.859764] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 365.865061] ? rcu_read_unlock_special+0x370/0x370 [ 365.869984] ? __fget+0x4d1/0x740 [ 365.873418] ? ksys_dup3+0x680/0x680 [ 365.877125] block_ioctl+0xee/0x130 [ 365.880735] ? blkdev_fallocate+0x400/0x400 [ 365.885036] do_vfs_ioctl+0x1de/0x1790 [ 365.888921] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 365.894438] ? ioctl_preallocate+0x300/0x300 [ 365.898824] ? __fget_light+0x2e9/0x430 [ 365.902792] ? fget_raw+0x20/0x20 [ 365.906244] ? rcu_read_lock_sched_held+0x14f/0x180 [ 365.911246] ? kmem_cache_free+0x24f/0x290 [ 365.915467] ? putname+0xf7/0x130 [ 365.918908] ? do_syscall_64+0x9a/0x820 [ 365.922871] ? do_syscall_64+0x9a/0x820 [ 365.926823] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 365.931408] ? security_file_ioctl+0x94/0xc0 [ 365.935804] ksys_ioctl+0xa9/0xd0 [ 365.939250] __x64_sys_ioctl+0x73/0xb0 [ 365.943117] do_syscall_64+0x1b9/0x820 [ 365.946983] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 365.952332] ? syscall_return_slowpath+0x5e0/0x5e0 [ 365.957244] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 365.962067] ? trace_hardirqs_on_caller+0x310/0x310 [ 365.967076] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 365.972085] ? prepare_exit_to_usermode+0x291/0x3b0 [ 365.977090] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 365.981928] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 365.987142] RIP: 0033:0x4573d7 [ 365.990314] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 366.009192] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 366.016900] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 366.024152] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 366.031419] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 366.038673] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 366.045935] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 [ 366.061389] FAT-fs (loop5): bogus number of reserved sectors [ 366.067736] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:11 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='mxdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:11 executing program 3: socketpair$unix(0x1, 0x80000000005, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000180)=[{0x6}]}, 0x10) r2 = socket(0xa, 0x1, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000040)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) getsockopt$sock_buf(r1, 0x1, 0x1a, 0x0, &(0x7f0000000100)) 10:03:11 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x6], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:11 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x5000000}]) [ 366.118435] MINIX-fs: file system does not have enough imap blocks allocated. Refusing to mount. [ 366.127694] MINIX-fs: bad superblock or unable to read bitmaps 10:03:11 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x6488], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:11 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="606084e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:11 executing program 5 (fault-call:0 fault-nth:14): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:11 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x700}]) 10:03:11 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x806000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 366.406288] FAULT_INJECTION: forcing a failure. [ 366.406288] name failslab, interval 1, probability 0, space 0, times 0 [ 366.435446] CPU: 0 PID: 18466 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 366.444043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 366.453437] Call Trace: [ 366.456066] dump_stack+0x244/0x39d [ 366.459707] ? dump_stack_print_info.cold.1+0x20/0x20 [ 366.464887] should_fail.cold.4+0xa/0x17 [ 366.468952] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 366.474062] ? lock_release+0xa10/0xa10 [ 366.478036] ? perf_trace_sched_process_exec+0x860/0x860 [ 366.483475] ? graph_lock+0x270/0x270 [ 366.487281] ? find_held_lock+0x36/0x1c0 [ 366.491330] ? __lock_is_held+0xb5/0x140 [ 366.495394] ? perf_trace_sched_process_exec+0x860/0x860 [ 366.500853] ? kernfs_activate+0x21a/0x2c0 [ 366.505124] __should_failslab+0x124/0x180 [ 366.509366] should_failslab+0x9/0x14 [ 366.513157] kmem_cache_alloc+0x2be/0x730 [ 366.517313] ? lock_downgrade+0x900/0x900 [ 366.521477] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 366.526504] __kernfs_new_node+0x127/0x8d0 [ 366.530737] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 366.535483] ? graph_lock+0x270/0x270 [ 366.539291] ? __lock_is_held+0xb5/0x140 [ 366.543362] ? wait_for_completion+0x8a0/0x8a0 [ 366.547991] ? mutex_unlock+0xd/0x10 [ 366.551713] ? kernfs_activate+0x21a/0x2c0 [ 366.555957] ? kernfs_walk_and_get_ns+0x340/0x340 [ 366.560823] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 366.566363] ? kernfs_link_sibling+0x1d2/0x3b0 [ 366.570948] kernfs_new_node+0x95/0x120 [ 366.574908] __kernfs_create_file+0x5a/0x340 [ 366.579320] sysfs_add_file_mode_ns+0x222/0x530 [ 366.584014] internal_create_group+0x3df/0xd80 [ 366.588606] ? remove_files.isra.1+0x190/0x190 [ 366.593194] ? up_write+0x7b/0x220 [ 366.596732] ? down_write_nested+0x130/0x130 [ 366.601133] ? down_read+0x120/0x120 [ 366.604877] sysfs_create_group+0x1f/0x30 [ 366.609029] lo_ioctl+0x166a/0x22a0 [ 366.612665] ? lo_rw_aio+0x1ef0/0x1ef0 [ 366.616553] ? find_held_lock+0x36/0x1c0 [ 366.620612] ? lo_rw_aio+0x1ef0/0x1ef0 [ 366.624501] blkdev_ioctl+0x98e/0x21b0 [ 366.628368] ? blkpg_ioctl+0xc10/0xc10 [ 366.632264] ? lock_downgrade+0x900/0x900 [ 366.636421] ? check_preemption_disabled+0x48/0x280 [ 366.641445] ? kasan_check_read+0x11/0x20 [ 366.645592] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 366.650862] ? rcu_read_unlock_special+0x370/0x370 [ 366.655984] ? __fget+0x4d1/0x740 [ 366.659437] ? ksys_dup3+0x680/0x680 [ 366.663184] block_ioctl+0xee/0x130 [ 366.666810] ? blkdev_fallocate+0x400/0x400 [ 366.671155] do_vfs_ioctl+0x1de/0x1790 [ 366.675062] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 366.680588] ? ioctl_preallocate+0x300/0x300 [ 366.684988] ? __fget_light+0x2e9/0x430 [ 366.689033] ? fget_raw+0x20/0x20 [ 366.692503] ? rcu_read_lock_sched_held+0x14f/0x180 [ 366.697532] ? kmem_cache_free+0x24f/0x290 [ 366.701767] ? putname+0xf7/0x130 [ 366.705200] ? do_syscall_64+0x9a/0x820 [ 366.709174] ? do_syscall_64+0x9a/0x820 [ 366.713142] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 366.717706] ? security_file_ioctl+0x94/0xc0 [ 366.722099] ksys_ioctl+0xa9/0xd0 [ 366.725565] __x64_sys_ioctl+0x73/0xb0 [ 366.729445] do_syscall_64+0x1b9/0x820 [ 366.733311] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 366.738672] ? syscall_return_slowpath+0x5e0/0x5e0 [ 366.743600] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 366.748430] ? trace_hardirqs_on_caller+0x310/0x310 [ 366.753458] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 366.758462] ? prepare_exit_to_usermode+0x291/0x3b0 [ 366.763479] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 366.768330] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 366.773524] RIP: 0033:0x4573d7 [ 366.776734] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 366.795630] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 10:03:12 executing program 3: r0 = gettid() unshare(0x28020400) exit(0x0) syz_open_procfs$namespace(r0, &(0x7f0000000080)='ns/net\x00') [ 366.803328] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 366.810596] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 366.817858] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 366.825119] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 366.832379] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 [ 366.861642] MINIX-fs: file system does not have enough imap blocks allocated. Refusing to mount. [ 366.862335] FAT-fs (loop5): bogus number of reserved sectors 10:03:12 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x2}]) 10:03:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x88a8ffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 366.911847] MINIX-fs: bad superblock or unable to read bitmaps [ 366.924539] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:12 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='m\ndos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:12 executing program 5 (fault-call:0 fault-nth:15): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:12 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x707000}]) 10:03:12 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600784e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x700], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 367.145559] FAULT_INJECTION: forcing a failure. [ 367.145559] name failslab, interval 1, probability 0, space 0, times 0 [ 367.166177] CPU: 1 PID: 18510 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 367.174756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 367.184097] Call Trace: [ 367.186678] dump_stack+0x244/0x39d [ 367.190300] ? dump_stack_print_info.cold.1+0x20/0x20 [ 367.195595] should_fail.cold.4+0xa/0x17 [ 367.199650] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 367.204748] ? lock_release+0xa10/0xa10 [ 367.208722] ? perf_trace_sched_process_exec+0x860/0x860 [ 367.214167] ? graph_lock+0x270/0x270 [ 367.217960] ? find_held_lock+0x36/0x1c0 [ 367.222008] ? __lock_is_held+0xb5/0x140 [ 367.226061] ? perf_trace_sched_process_exec+0x860/0x860 [ 367.231509] ? kernfs_activate+0x21a/0x2c0 [ 367.235726] __should_failslab+0x124/0x180 [ 367.239941] should_failslab+0x9/0x14 [ 367.243744] kmem_cache_alloc+0x2be/0x730 [ 367.247880] ? lock_downgrade+0x900/0x900 [ 367.252017] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 367.257060] __kernfs_new_node+0x127/0x8d0 [ 367.261303] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 367.266038] ? graph_lock+0x270/0x270 [ 367.269820] ? __lock_is_held+0xb5/0x140 [ 367.273871] ? wait_for_completion+0x8a0/0x8a0 [ 367.278458] ? mutex_unlock+0xd/0x10 [ 367.282164] ? kernfs_activate+0x21a/0x2c0 [ 367.286393] ? kernfs_walk_and_get_ns+0x340/0x340 [ 367.291231] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 367.296758] ? kernfs_link_sibling+0x1d2/0x3b0 [ 367.301319] kernfs_new_node+0x95/0x120 [ 367.305283] __kernfs_create_file+0x5a/0x340 [ 367.309683] sysfs_add_file_mode_ns+0x222/0x530 [ 367.314333] internal_create_group+0x3df/0xd80 [ 367.318898] ? remove_files.isra.1+0x190/0x190 [ 367.323484] ? up_write+0x7b/0x220 [ 367.327008] ? down_write_nested+0x130/0x130 [ 367.331395] ? down_read+0x120/0x120 [ 367.335118] sysfs_create_group+0x1f/0x30 [ 367.339244] lo_ioctl+0x166a/0x22a0 [ 367.342855] ? lo_rw_aio+0x1ef0/0x1ef0 [ 367.346724] ? find_held_lock+0x36/0x1c0 [ 367.350884] ? lo_rw_aio+0x1ef0/0x1ef0 [ 367.354767] blkdev_ioctl+0x98e/0x21b0 [ 367.358648] ? blkpg_ioctl+0xc10/0xc10 [ 367.362547] ? lock_downgrade+0x900/0x900 [ 367.366692] ? check_preemption_disabled+0x48/0x280 [ 367.371688] ? kasan_check_read+0x11/0x20 [ 367.375812] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 367.381089] ? rcu_read_unlock_special+0x370/0x370 [ 367.386003] ? __fget+0x4d1/0x740 [ 367.389481] ? ksys_dup3+0x680/0x680 [ 367.393180] block_ioctl+0xee/0x130 [ 367.396814] ? blkdev_fallocate+0x400/0x400 [ 367.401116] do_vfs_ioctl+0x1de/0x1790 [ 367.404994] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 367.410511] ? ioctl_preallocate+0x300/0x300 [ 367.414905] ? __fget_light+0x2e9/0x430 [ 367.418864] ? fget_raw+0x20/0x20 [ 367.422311] ? rcu_read_lock_sched_held+0x14f/0x180 [ 367.427334] ? kmem_cache_free+0x24f/0x290 [ 367.431552] ? putname+0xf7/0x130 [ 367.434996] ? do_syscall_64+0x9a/0x820 [ 367.438957] ? do_syscall_64+0x9a/0x820 [ 367.442909] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 367.447471] ? security_file_ioctl+0x94/0xc0 [ 367.451859] ksys_ioctl+0xa9/0xd0 [ 367.455302] __x64_sys_ioctl+0x73/0xb0 [ 367.459174] do_syscall_64+0x1b9/0x820 [ 367.463041] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 367.468386] ? syscall_return_slowpath+0x5e0/0x5e0 [ 367.473297] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.478120] ? trace_hardirqs_on_caller+0x310/0x310 [ 367.483127] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 367.488123] ? prepare_exit_to_usermode+0x291/0x3b0 [ 367.493122] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.497949] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 367.503115] RIP: 0033:0x4573d7 [ 367.506291] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 367.525310] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 367.533043] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 367.540291] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 367.547556] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 367.554811] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 367.562065] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:13 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x700000000000000}]) [ 367.625006] FAT-fs (loop5): bogus number of reserved sectors [ 367.649574] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:13 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xffffdd86], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 367.674180] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:13 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c1f023c126285719070") r1 = socket$packet(0x11, 0x8000000003, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000180)=0x100008000, 0x4) sendto$inet6(r1, &(0x7f0000000280)="020300000700000000000000fff55b4202938207d9018080398d5b75000000007929301ee616d5c01843e065", 0x2c, 0x0, 0x0, 0x0) 10:03:13 executing program 5 (fault-call:0 fault-nth:16): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:13 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='mldos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:13 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x70700000000000}]) 10:03:13 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="604884e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:13 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x7], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 367.915510] minix_free_inode: bit 1 already cleared [ 367.915822] FAULT_INJECTION: forcing a failure. [ 367.915822] name failslab, interval 1, probability 0, space 0, times 0 [ 367.934671] CPU: 0 PID: 18552 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 367.943243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 367.952569] Call Trace: [ 367.955145] dump_stack+0x244/0x39d [ 367.958777] ? dump_stack_print_info.cold.1+0x20/0x20 [ 367.963963] should_fail.cold.4+0xa/0x17 [ 367.968014] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 367.973126] ? lock_release+0xa10/0xa10 [ 367.977094] ? perf_trace_sched_process_exec+0x860/0x860 [ 367.982554] ? graph_lock+0x270/0x270 [ 367.986365] ? find_held_lock+0x36/0x1c0 [ 367.990424] ? __lock_is_held+0xb5/0x140 [ 367.994467] ? perf_trace_sched_process_exec+0x860/0x860 [ 367.999902] ? kernfs_activate+0x21a/0x2c0 [ 368.004142] __should_failslab+0x124/0x180 [ 368.008407] should_failslab+0x9/0x14 [ 368.012187] kmem_cache_alloc+0x2be/0x730 [ 368.016314] ? lock_downgrade+0x900/0x900 [ 368.020444] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 368.025456] __kernfs_new_node+0x127/0x8d0 [ 368.029683] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 368.034437] ? graph_lock+0x270/0x270 [ 368.038228] ? __lock_is_held+0xb5/0x140 [ 368.042277] ? wait_for_completion+0x8a0/0x8a0 [ 368.046861] ? mutex_unlock+0xd/0x10 [ 368.050553] ? kernfs_activate+0x21a/0x2c0 [ 368.054780] ? kernfs_walk_and_get_ns+0x340/0x340 [ 368.059617] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 368.065138] ? kernfs_link_sibling+0x1d2/0x3b0 [ 368.069718] kernfs_new_node+0x95/0x120 [ 368.073689] __kernfs_create_file+0x5a/0x340 [ 368.078103] sysfs_add_file_mode_ns+0x222/0x530 [ 368.082773] internal_create_group+0x3df/0xd80 [ 368.087338] ? remove_files.isra.1+0x190/0x190 [ 368.091901] ? up_write+0x7b/0x220 [ 368.095420] ? down_write_nested+0x130/0x130 [ 368.099803] ? down_read+0x120/0x120 [ 368.103497] sysfs_create_group+0x1f/0x30 [ 368.107649] lo_ioctl+0x166a/0x22a0 [ 368.111268] ? lo_rw_aio+0x1ef0/0x1ef0 [ 368.115135] ? find_held_lock+0x36/0x1c0 [ 368.119175] ? lo_rw_aio+0x1ef0/0x1ef0 [ 368.123043] blkdev_ioctl+0x98e/0x21b0 [ 368.126925] ? blkpg_ioctl+0xc10/0xc10 [ 368.130797] ? lock_downgrade+0x900/0x900 [ 368.134933] ? check_preemption_disabled+0x48/0x280 [ 368.139930] ? kasan_check_read+0x11/0x20 [ 368.144063] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 368.149353] ? rcu_read_unlock_special+0x370/0x370 [ 368.154292] ? __fget+0x4d1/0x740 [ 368.157755] ? ksys_dup3+0x680/0x680 [ 368.161466] block_ioctl+0xee/0x130 [ 368.165104] ? blkdev_fallocate+0x400/0x400 [ 368.169422] do_vfs_ioctl+0x1de/0x1790 [ 368.173323] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 368.178850] ? ioctl_preallocate+0x300/0x300 [ 368.183241] ? __fget_light+0x2e9/0x430 [ 368.187192] ? fget_raw+0x20/0x20 [ 368.190646] ? rcu_read_lock_sched_held+0x14f/0x180 [ 368.195664] ? kmem_cache_free+0x24f/0x290 [ 368.199890] ? putname+0xf7/0x130 [ 368.203322] ? do_syscall_64+0x9a/0x820 [ 368.207283] ? do_syscall_64+0x9a/0x820 [ 368.211258] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 368.215821] ? security_file_ioctl+0x94/0xc0 [ 368.220208] ksys_ioctl+0xa9/0xd0 [ 368.223639] __x64_sys_ioctl+0x73/0xb0 [ 368.227514] do_syscall_64+0x1b9/0x820 [ 368.231405] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 368.236745] ? syscall_return_slowpath+0x5e0/0x5e0 [ 368.241649] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 368.246492] ? trace_hardirqs_on_caller+0x310/0x310 [ 368.251497] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 368.256509] ? prepare_exit_to_usermode+0x291/0x3b0 [ 368.261551] ? trace_hardirqs_off_thunk+0x1a/0x1c 10:03:13 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x700000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 368.266399] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.271585] RIP: 0033:0x4573d7 [ 368.274756] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 368.293652] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 368.301338] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 368.308650] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 10:03:13 executing program 3: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000000)=ANY=[@ANYBLOB="b702000013000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000045040400010000000404000001000000b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000"], 0x0}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0xe, 0x0, &(0x7f0000000280)="43037f632e7592319135dad4e437", 0x0, 0x100}, 0x28) [ 368.315909] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 368.323159] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 368.330433] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 [ 368.341959] FAT-fs (loop5): bogus number of reserved sectors [ 368.350383] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:13 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x930000}]) 10:03:13 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='m-dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 368.530027] MINIX-fs: file system does not have enough imap blocks allocated. Refusing to mount. 10:03:13 executing program 5 (fault-call:0 fault-nth:17): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 368.584909] MINIX-fs: bad superblock or unable to read bitmaps 10:03:14 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x710000000000}]) 10:03:14 executing program 3: clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) creat(&(0x7f0000000180)='./file0\x00', 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000780)={{{@in6=@mcast2, @in6=@ipv4={[], [], @multicast2}}}, {{@in=@loopback}, 0x0, @in6=@loopback}}, &(0x7f0000000440)=0xe8) getegid() mount$fuse(0x0, 0x0, &(0x7f0000000240)='fuse\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/dev_mcast\x00') read(r1, &(0x7f0000000040)=""/230, 0x20000126) mount(&(0x7f00000006c0)=ANY=[@ANYBLOB="0a9585abdb3efc1d095259ce02bcd784fd5ac769c06a6fa60af6aa0d7039e8475792132db485db0b6487be7f72c4152fd0dbbc2fd12463e380396e44aca25c8d140d8494b763e5e8d1d270dc7e812f3d"], 0x0, &(0x7f0000000280)='tmpfs\x00', 0x0, &(0x7f00000002c0)=',') sendto$unix(0xffffffffffffffff, &(0x7f00000004c0), 0x0, 0x0, 0x0, 0x0) getsockopt$inet6_buf(r1, 0x29, 0x2f, &(0x7f0000000340)=""/53, &(0x7f0000000380)=0x35) timer_create(0x0, &(0x7f0000000580)={0x0, 0x2d, 0x2}, &(0x7f0000000640)) 10:03:14 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x86ddffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 368.730769] FAULT_INJECTION: forcing a failure. [ 368.730769] name failslab, interval 1, probability 0, space 0, times 0 10:03:14 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x2800], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:14 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='m.dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 368.772337] CPU: 0 PID: 18590 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 368.780948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 368.790299] Call Trace: [ 368.792918] dump_stack+0x244/0x39d [ 368.796553] ? dump_stack_print_info.cold.1+0x20/0x20 [ 368.801749] should_fail.cold.4+0xa/0x17 [ 368.805826] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 368.810987] ? lock_release+0xa10/0xa10 [ 368.814976] ? perf_trace_sched_process_exec+0x860/0x860 [ 368.820450] ? graph_lock+0x270/0x270 [ 368.824294] ? find_held_lock+0x36/0x1c0 [ 368.828362] ? __lock_is_held+0xb5/0x140 [ 368.832448] ? perf_trace_sched_process_exec+0x860/0x860 [ 368.837892] ? kernfs_activate+0x21a/0x2c0 [ 368.842122] __should_failslab+0x124/0x180 [ 368.846337] should_failslab+0x9/0x14 [ 368.850138] kmem_cache_alloc+0x2be/0x730 [ 368.854267] ? lock_downgrade+0x900/0x900 [ 368.858408] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 368.863418] __kernfs_new_node+0x127/0x8d0 [ 368.867647] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 368.872382] ? graph_lock+0x270/0x270 [ 368.876179] ? __lock_is_held+0xb5/0x140 [ 368.880235] ? wait_for_completion+0x8a0/0x8a0 [ 368.884802] ? mutex_unlock+0xd/0x10 [ 368.888503] ? kernfs_activate+0x21a/0x2c0 [ 368.892735] ? kernfs_walk_and_get_ns+0x340/0x340 [ 368.897599] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 368.903123] ? kernfs_link_sibling+0x1d2/0x3b0 [ 368.907700] kernfs_new_node+0x95/0x120 [ 368.911656] __kernfs_create_file+0x5a/0x340 [ 368.916067] sysfs_add_file_mode_ns+0x222/0x530 [ 368.920729] internal_create_group+0x3df/0xd80 [ 368.925310] ? remove_files.isra.1+0x190/0x190 [ 368.929889] ? up_write+0x7b/0x220 [ 368.933431] ? down_write_nested+0x130/0x130 [ 368.937818] ? down_read+0x120/0x120 [ 368.941545] sysfs_create_group+0x1f/0x30 [ 368.945679] lo_ioctl+0x166a/0x22a0 [ 368.949311] ? lo_rw_aio+0x1ef0/0x1ef0 [ 368.953196] ? find_held_lock+0x36/0x1c0 [ 368.957259] ? lo_rw_aio+0x1ef0/0x1ef0 [ 368.961141] blkdev_ioctl+0x98e/0x21b0 [ 368.965015] ? blkpg_ioctl+0xc10/0xc10 [ 368.968891] ? lock_downgrade+0x900/0x900 [ 368.973032] ? check_preemption_disabled+0x48/0x280 [ 368.978027] ? kasan_check_read+0x11/0x20 [ 368.982158] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 368.987410] ? rcu_read_unlock_special+0x370/0x370 [ 368.992322] ? __fget+0x4d1/0x740 [ 368.995757] ? ksys_dup3+0x680/0x680 [ 368.999452] block_ioctl+0xee/0x130 [ 369.003071] ? blkdev_fallocate+0x400/0x400 [ 369.007436] do_vfs_ioctl+0x1de/0x1790 [ 369.011318] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 369.016838] ? ioctl_preallocate+0x300/0x300 [ 369.021235] ? __fget_light+0x2e9/0x430 [ 369.025227] ? fget_raw+0x20/0x20 [ 369.028659] ? rcu_read_lock_sched_held+0x14f/0x180 [ 369.033660] ? kmem_cache_free+0x24f/0x290 [ 369.037876] ? putname+0xf7/0x130 [ 369.041307] ? do_syscall_64+0x9a/0x820 [ 369.045294] ? do_syscall_64+0x9a/0x820 [ 369.049261] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 369.053836] ? security_file_ioctl+0x94/0xc0 [ 369.058234] ksys_ioctl+0xa9/0xd0 [ 369.061691] __x64_sys_ioctl+0x73/0xb0 [ 369.065558] do_syscall_64+0x1b9/0x820 [ 369.069433] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 369.074790] ? syscall_return_slowpath+0x5e0/0x5e0 [ 369.079746] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.084608] ? trace_hardirqs_on_caller+0x310/0x310 [ 369.089617] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 369.094612] ? prepare_exit_to_usermode+0x291/0x3b0 [ 369.099609] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.104443] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 369.109636] RIP: 0033:0x4573d7 [ 369.112822] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 369.131724] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 369.139422] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 369.146684] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 369.153930] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 369.161184] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 10:03:14 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600284e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:14 executing program 3: ioctl$KVM_REINJECT_CONTROL(0xffffffffffffffff, 0xae71, 0x0) r0 = dup(0xffffffffffffffff) ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x8000, 0x160) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, 0x0, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000240)='/dev/null\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r1 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f0000000040)='9', 0x1}], 0x1, 0x881806) read(r1, &(0x7f0000000200)=""/30, 0x10000038b) [ 369.168431] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 [ 369.180273] FAT-fs (loop5): bogus number of reserved sectors [ 369.186328] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:14 executing program 5 (fault-call:0 fault-nth:18): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:14 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x507000}]) 10:03:14 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x88caffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:14 executing program 3: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x10, r0, 0x9) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000000)=ANY=[@ANYBLOB="b702000013000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000045040400010000000404000001000000b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000"], 0x0}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x0, 0xe, 0x0, &(0x7f0000000280)="43037f632e7592319135dad4e437", 0x0, 0x100}, 0x28) [ 369.368235] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 369.381909] FAULT_INJECTION: forcing a failure. [ 369.381909] name failslab, interval 1, probability 0, space 0, times 0 [ 369.405186] CPU: 0 PID: 18639 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 10:03:14 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x2800000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 369.413779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 369.423118] Call Trace: [ 369.425687] dump_stack+0x244/0x39d [ 369.429336] ? dump_stack_print_info.cold.1+0x20/0x20 [ 369.434520] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 369.440039] should_fail.cold.4+0xa/0x17 [ 369.444087] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 369.449170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 369.454702] ? wake_up_klogd+0x11a/0x180 [ 369.458761] ? preempt_schedule_common+0x1f/0xe0 [ 369.463513] ? console_device+0xc0/0xc0 [ 369.467502] ? ___preempt_schedule+0x16/0x18 [ 369.471931] ? graph_lock+0x270/0x270 [ 369.475722] ? vprintk_emit+0x293/0x990 [ 369.479688] ? find_held_lock+0x36/0x1c0 [ 369.483740] ? __lock_is_held+0xb5/0x140 [ 369.487783] ? perf_trace_sched_process_exec+0x860/0x860 [ 369.493228] ? vprintk_default+0x28/0x30 [ 369.497296] __should_failslab+0x124/0x180 [ 369.501520] should_failslab+0x9/0x14 [ 369.505307] kmem_cache_alloc_trace+0x2d7/0x750 [ 369.509960] kobject_uevent_env+0x2f3/0x101e [ 369.514366] kobject_uevent+0x1f/0x24 [ 369.518148] lo_ioctl+0x16f1/0x22a0 [ 369.521757] ? lo_rw_aio+0x1ef0/0x1ef0 [ 369.525641] ? find_held_lock+0x36/0x1c0 [ 369.529716] ? lo_rw_aio+0x1ef0/0x1ef0 [ 369.533592] blkdev_ioctl+0x98e/0x21b0 [ 369.537461] ? blkpg_ioctl+0xc10/0xc10 [ 369.541361] ? lock_downgrade+0x900/0x900 [ 369.545510] ? check_preemption_disabled+0x48/0x280 [ 369.550534] ? kasan_check_read+0x11/0x20 [ 369.554665] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 369.559965] ? rcu_read_unlock_special+0x370/0x370 [ 369.564880] ? __fget+0x4d1/0x740 [ 369.568325] ? ksys_dup3+0x680/0x680 [ 369.572040] block_ioctl+0xee/0x130 [ 369.575649] ? blkdev_fallocate+0x400/0x400 [ 369.579953] do_vfs_ioctl+0x1de/0x1790 [ 369.583848] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 369.589388] ? ioctl_preallocate+0x300/0x300 [ 369.593814] ? __fget_light+0x2e9/0x430 [ 369.597794] ? fget_raw+0x20/0x20 [ 369.601244] ? rcu_read_lock_sched_held+0x14f/0x180 [ 369.606243] ? kmem_cache_free+0x24f/0x290 [ 369.610461] ? putname+0xf7/0x130 [ 369.613903] ? do_syscall_64+0x9a/0x820 [ 369.617859] ? do_syscall_64+0x9a/0x820 [ 369.621827] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 369.626406] ? security_file_ioctl+0x94/0xc0 [ 369.630793] ksys_ioctl+0xa9/0xd0 [ 369.634226] __x64_sys_ioctl+0x73/0xb0 [ 369.638128] do_syscall_64+0x1b9/0x820 [ 369.641997] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 369.647339] ? syscall_return_slowpath+0x5e0/0x5e0 [ 369.652267] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.657138] ? trace_hardirqs_on_caller+0x310/0x310 [ 369.662135] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 369.667132] ? prepare_exit_to_usermode+0x291/0x3b0 [ 369.672162] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.677029] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 369.682229] RIP: 0033:0x4573d7 [ 369.685413] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 369.704305] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 369.712009] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 10:03:15 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='m0dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 369.719255] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 369.726514] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 369.733778] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 369.741023] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:15 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x500000000000000}]) 10:03:15 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600984e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:15 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x89060000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 369.856916] FAT-fs (loop5): bogus number of reserved sectors [ 369.889595] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:15 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f00000000c0)=0x8000000000004, 0x4) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x3}, 0x4) sendto$inet(r0, &(0x7f0000865000), 0x0, 0x0, 0x0, 0x0) recvfrom$packet(r1, &(0x7f0000001280)=""/4096, 0x1000, 0x0, 0x0, 0x0) 10:03:15 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x1000000}]) [ 369.965966] minix_free_inode: bit 1 already cleared 10:03:15 executing program 5 (fault-call:0 fault-nth:19): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:15 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x86ddffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:15 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='midos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:15 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x7fffffffefff}]) [ 370.315054] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 370.325659] FAULT_INJECTION: forcing a failure. [ 370.325659] name failslab, interval 1, probability 0, space 0, times 0 [ 370.337669] CPU: 0 PID: 18689 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 370.346271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.355618] Call Trace: [ 370.358201] dump_stack+0x244/0x39d [ 370.361834] ? dump_stack_print_info.cold.1+0x20/0x20 [ 370.367019] should_fail.cold.4+0xa/0x17 [ 370.371064] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 370.376159] ? lock_release+0xa10/0xa10 [ 370.380123] ? perf_trace_sched_process_exec+0x860/0x860 [ 370.385595] ? graph_lock+0x270/0x270 [ 370.389375] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 370.394393] ? find_held_lock+0x36/0x1c0 [ 370.398450] ? __lock_is_held+0xb5/0x140 [ 370.402493] ? put_dec+0x3b/0xf0 [ 370.405853] ? perf_trace_sched_process_exec+0x860/0x860 [ 370.411296] ? graph_lock+0x270/0x270 [ 370.415094] __should_failslab+0x124/0x180 [ 370.419311] should_failslab+0x9/0x14 [ 370.423093] kmem_cache_alloc_node+0x26e/0x730 [ 370.427673] ? find_held_lock+0x36/0x1c0 [ 370.431714] __alloc_skb+0x114/0x770 [ 370.435425] ? netdev_alloc_frag+0x1f0/0x1f0 [ 370.439823] ? kasan_check_read+0x11/0x20 [ 370.443979] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 370.449257] ? rcu_read_unlock_special+0x370/0x370 [ 370.454243] ? netlink_has_listeners+0x2cb/0x4a0 [ 370.458981] ? netlink_tap_init_net+0x3d0/0x3d0 [ 370.463627] alloc_uevent_skb+0x84/0x1da [ 370.467690] kobject_uevent_env+0xa52/0x101e [ 370.472080] kobject_uevent+0x1f/0x24 [ 370.475879] lo_ioctl+0x16f1/0x22a0 [ 370.479485] ? lo_rw_aio+0x1ef0/0x1ef0 [ 370.483352] ? find_held_lock+0x36/0x1c0 [ 370.487390] ? lo_rw_aio+0x1ef0/0x1ef0 [ 370.491254] blkdev_ioctl+0x98e/0x21b0 [ 370.495117] ? blkpg_ioctl+0xc10/0xc10 [ 370.498977] ? lock_downgrade+0x900/0x900 [ 370.503103] ? check_preemption_disabled+0x48/0x280 [ 370.508122] ? kasan_check_read+0x11/0x20 [ 370.512246] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 370.517498] ? rcu_read_unlock_special+0x370/0x370 [ 370.522420] ? __fget+0x4d1/0x740 [ 370.525852] ? ksys_dup3+0x680/0x680 [ 370.529546] block_ioctl+0xee/0x130 [ 370.533148] ? blkdev_fallocate+0x400/0x400 [ 370.537446] do_vfs_ioctl+0x1de/0x1790 [ 370.541309] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 370.546835] ? ioctl_preallocate+0x300/0x300 [ 370.551221] ? __fget_light+0x2e9/0x430 [ 370.555170] ? fget_raw+0x20/0x20 [ 370.558614] ? rcu_read_lock_sched_held+0x14f/0x180 [ 370.563619] ? kmem_cache_free+0x24f/0x290 [ 370.567859] ? putname+0xf7/0x130 [ 370.571306] ? do_syscall_64+0x9a/0x820 [ 370.575260] ? do_syscall_64+0x9a/0x820 [ 370.579251] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 370.583851] ? security_file_ioctl+0x94/0xc0 [ 370.588255] ksys_ioctl+0xa9/0xd0 [ 370.591700] __x64_sys_ioctl+0x73/0xb0 [ 370.595567] do_syscall_64+0x1b9/0x820 [ 370.599434] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 370.604771] ? syscall_return_slowpath+0x5e0/0x5e0 [ 370.609675] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.614494] ? trace_hardirqs_on_caller+0x310/0x310 [ 370.619502] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 370.624495] ? prepare_exit_to_usermode+0x291/0x3b0 [ 370.629489] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.634308] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 370.639474] RIP: 0033:0x4573d7 [ 370.642658] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:03:16 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8dffffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 370.661533] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 370.669231] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 370.676476] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 370.683721] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 370.690990] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 370.698234] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 [ 370.721093] FAT-fs (loop5): bogus number of reserved sectors [ 370.733605] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:16 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600684e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:16 executing program 5 (fault-call:0 fault-nth:20): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:16 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x5}]) [ 370.845554] minix_free_inode: bit 1 already cleared 10:03:16 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8847], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 370.923452] FAULT_INJECTION: forcing a failure. [ 370.923452] name failslab, interval 1, probability 0, space 0, times 0 [ 370.944031] CPU: 1 PID: 18714 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 370.952642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.961974] Call Trace: [ 370.964560] dump_stack+0x244/0x39d [ 370.968197] ? dump_stack_print_info.cold.1+0x20/0x20 [ 370.973422] should_fail.cold.4+0xa/0x17 [ 370.977480] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 370.982581] ? lock_release+0xa10/0xa10 [ 370.986543] ? perf_trace_sched_process_exec+0x860/0x860 [ 370.991983] ? graph_lock+0x270/0x270 [ 370.995777] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 371.000803] ? find_held_lock+0x36/0x1c0 [ 371.004860] ? __lock_is_held+0xb5/0x140 [ 371.008920] ? put_dec+0x3b/0xf0 [ 371.012282] ? perf_trace_sched_process_exec+0x860/0x860 [ 371.017755] ? graph_lock+0x270/0x270 [ 371.021601] __should_failslab+0x124/0x180 [ 371.025828] should_failslab+0x9/0x14 [ 371.029634] kmem_cache_alloc_node+0x26e/0x730 [ 371.034204] ? find_held_lock+0x36/0x1c0 [ 371.038273] __alloc_skb+0x114/0x770 [ 371.041992] ? netdev_alloc_frag+0x1f0/0x1f0 [ 371.046395] ? kasan_check_read+0x11/0x20 [ 371.050537] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 371.055804] ? rcu_read_unlock_special+0x370/0x370 [ 371.060732] ? netlink_has_listeners+0x2cb/0x4a0 [ 371.065503] ? netlink_tap_init_net+0x3d0/0x3d0 [ 371.070202] alloc_uevent_skb+0x84/0x1da [ 371.074259] kobject_uevent_env+0xa52/0x101e [ 371.078669] kobject_uevent+0x1f/0x24 [ 371.082464] lo_ioctl+0x16f1/0x22a0 [ 371.086094] ? lo_rw_aio+0x1ef0/0x1ef0 [ 371.089975] ? find_held_lock+0x36/0x1c0 [ 371.094040] ? lo_rw_aio+0x1ef0/0x1ef0 [ 371.097919] blkdev_ioctl+0x98e/0x21b0 [ 371.101799] ? blkpg_ioctl+0xc10/0xc10 [ 371.105674] ? lock_downgrade+0x900/0x900 [ 371.109827] ? check_preemption_disabled+0x48/0x280 [ 371.114864] ? kasan_check_read+0x11/0x20 [ 371.119002] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 371.124270] ? rcu_read_unlock_special+0x370/0x370 [ 371.129215] ? __fget+0x4d1/0x740 [ 371.132699] ? ksys_dup3+0x680/0x680 [ 371.136433] block_ioctl+0xee/0x130 [ 371.140049] ? blkdev_fallocate+0x400/0x400 [ 371.144358] do_vfs_ioctl+0x1de/0x1790 [ 371.148241] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 371.153771] ? ioctl_preallocate+0x300/0x300 [ 371.158178] ? __fget_light+0x2e9/0x430 [ 371.162148] ? fget_raw+0x20/0x20 [ 371.165592] ? rcu_read_lock_sched_held+0x14f/0x180 [ 371.170626] ? kmem_cache_free+0x24f/0x290 [ 371.174861] ? putname+0xf7/0x130 [ 371.178307] ? do_syscall_64+0x9a/0x820 [ 371.182273] ? do_syscall_64+0x9a/0x820 [ 371.186257] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 371.190850] ? security_file_ioctl+0x94/0xc0 [ 371.195257] ksys_ioctl+0xa9/0xd0 [ 371.198727] __x64_sys_ioctl+0x73/0xb0 [ 371.202623] do_syscall_64+0x1b9/0x820 [ 371.206506] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 371.211884] ? syscall_return_slowpath+0x5e0/0x5e0 [ 371.216849] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.221696] ? trace_hardirqs_on_caller+0x310/0x310 [ 371.226704] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 371.231712] ? prepare_exit_to_usermode+0x291/0x3b0 [ 371.236741] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.241578] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.246762] RIP: 0033:0x4573d7 [ 371.249942] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 371.268934] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 371.276633] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 371.283904] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 371.291161] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 371.298434] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 371.305715] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:16 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0xffffffffff600000}]) 10:03:16 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='m%dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:16 executing program 3: openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x2800000002000000, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x700}, 0x28) perf_event_open(&(0x7f0000000280)={0x7, 0x70, 0x100000000, 0x2, 0x0, 0x0, 0x0, 0xc1, 0x10, 0xb, 0x3a94, 0x0, 0x0, 0xb895, 0x0, 0x8e29, 0x8, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x4, 0x1ff, 0x0, 0x7fff, 0x9, 0x5a2b013e, 0x5e, 0x2, 0x2f, 0x1f, 0x7, 0x4, 0x51faed41, 0x0, 0x10001, 0x2, @perf_config_ext, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0xa) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x3, &(0x7f00000000c0)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2a, 0x27}}, &(0x7f00000002c0)='syzkaller\x00', 0x9, 0x4ae, &(0x7f0000000340)=""/207}, 0x29) [ 371.392531] FAT-fs (loop5): bogus number of reserved sectors [ 371.399763] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:16 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x3a], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 371.449672] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:16 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600584e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:16 executing program 5 (fault-call:0 fault-nth:21): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:16 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x8}]) 10:03:16 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xffffff8d], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 371.595835] minix_free_inode: bit 1 already cleared [ 371.660495] FAULT_INJECTION: forcing a failure. [ 371.660495] name failslab, interval 1, probability 0, space 0, times 0 [ 371.675381] CPU: 1 PID: 18757 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 371.683962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 371.693340] Call Trace: [ 371.695939] dump_stack+0x244/0x39d [ 371.699566] ? dump_stack_print_info.cold.1+0x20/0x20 [ 371.704778] should_fail.cold.4+0xa/0x17 [ 371.708850] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 371.713951] ? __save_stack_trace+0x8d/0xf0 [ 371.718285] ? graph_lock+0x270/0x270 [ 371.722092] ? save_stack+0xa9/0xd0 [ 371.725717] ? save_stack+0x43/0xd0 [ 371.729343] ? find_held_lock+0x36/0x1c0 [ 371.733403] ? __lock_is_held+0xb5/0x140 [ 371.737497] ? graph_lock+0x270/0x270 [ 371.741291] ? perf_trace_sched_process_exec+0x860/0x860 [ 371.746748] ? check_preemption_disabled+0x48/0x280 [ 371.751775] __should_failslab+0x124/0x180 [ 371.756006] should_failslab+0x9/0x14 [ 371.759802] kmem_cache_alloc_node_trace+0x270/0x740 [ 371.764908] __kmalloc_node_track_caller+0x3c/0x70 [ 371.769842] __kmalloc_reserve.isra.38+0x41/0xe0 [ 371.774618] __alloc_skb+0x150/0x770 [ 371.778345] ? netdev_alloc_frag+0x1f0/0x1f0 [ 371.782780] ? kasan_check_read+0x11/0x20 [ 371.786921] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 371.792199] ? rcu_read_unlock_special+0x370/0x370 [ 371.797149] ? netlink_has_listeners+0x2cb/0x4a0 [ 371.801911] ? netlink_tap_init_net+0x3d0/0x3d0 [ 371.806607] alloc_uevent_skb+0x84/0x1da [ 371.810669] kobject_uevent_env+0xa52/0x101e [ 371.815061] kobject_uevent+0x1f/0x24 [ 371.818840] lo_ioctl+0x16f1/0x22a0 [ 371.822451] ? lo_rw_aio+0x1ef0/0x1ef0 [ 371.826327] ? find_held_lock+0x36/0x1c0 [ 371.830374] ? lo_rw_aio+0x1ef0/0x1ef0 [ 371.834236] blkdev_ioctl+0x98e/0x21b0 [ 371.838133] ? blkpg_ioctl+0xc10/0xc10 [ 371.842009] ? lock_downgrade+0x900/0x900 [ 371.846132] ? check_preemption_disabled+0x48/0x280 [ 371.851135] ? kasan_check_read+0x11/0x20 [ 371.855262] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 371.860528] ? rcu_read_unlock_special+0x370/0x370 [ 371.865456] ? __fget+0x4d1/0x740 [ 371.868909] ? ksys_dup3+0x680/0x680 [ 371.872603] block_ioctl+0xee/0x130 [ 371.876206] ? blkdev_fallocate+0x400/0x400 [ 371.880503] do_vfs_ioctl+0x1de/0x1790 [ 371.884371] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 371.889902] ? ioctl_preallocate+0x300/0x300 [ 371.894285] ? __fget_light+0x2e9/0x430 [ 371.898236] ? fget_raw+0x20/0x20 [ 371.901672] ? rcu_read_lock_sched_held+0x14f/0x180 [ 371.906664] ? kmem_cache_free+0x24f/0x290 [ 371.910879] ? putname+0xf7/0x130 [ 371.914349] ? do_syscall_64+0x9a/0x820 [ 371.918317] ? do_syscall_64+0x9a/0x820 [ 371.922268] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 371.926862] ? security_file_ioctl+0x94/0xc0 [ 371.931287] ksys_ioctl+0xa9/0xd0 [ 371.934719] __x64_sys_ioctl+0x73/0xb0 [ 371.938585] do_syscall_64+0x1b9/0x820 [ 371.942451] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 371.947792] ? syscall_return_slowpath+0x5e0/0x5e0 [ 371.952698] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.957531] ? trace_hardirqs_on_caller+0x310/0x310 [ 371.962526] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 371.967520] ? prepare_exit_to_usermode+0x291/0x3b0 [ 371.972526] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.977365] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.982544] RIP: 0033:0x4573d7 [ 371.985711] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 372.004587] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 10:03:17 executing program 3: openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x2800000002000000, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x700}, 0x28) perf_event_open(&(0x7f0000000280)={0x7, 0x70, 0x100000000, 0x2, 0x0, 0x0, 0x0, 0xc1, 0x10, 0xb, 0x3a94, 0x0, 0x0, 0xb895, 0x0, 0x8e29, 0x8, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x4, 0x1ff, 0x0, 0x7fff, 0x9, 0x5a2b013e, 0x5e, 0x2, 0x2f, 0x1f, 0x7, 0x4, 0x51faed41, 0x0, 0x10001, 0x2, @perf_config_ext, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0xa) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x3, &(0x7f00000000c0)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2a, 0x27}}, &(0x7f00000002c0)='syzkaller\x00', 0x9, 0x4ae, &(0x7f0000000340)=""/207}, 0x29) [ 372.012271] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 372.019517] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 372.026773] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 372.034028] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 372.041280] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 [ 372.054916] FAT-fs (loop5): bogus number of reserved sectors 10:03:17 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x730000000000}]) 10:03:17 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xd00000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:17 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 372.117025] FAT-fs (loop5): Can't find a valid FAT filesystem [ 372.204712] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:17 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='m#dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:17 executing program 5 (fault-call:0 fault-nth:22): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:17 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="601184e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 372.325583] minix_free_inode: bit 1 already cleared 10:03:17 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x7000000}]) 10:03:17 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xf0ffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:17 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 372.389603] FAULT_INJECTION: forcing a failure. [ 372.389603] name failslab, interval 1, probability 0, space 0, times 0 [ 372.401212] CPU: 1 PID: 18801 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 372.409825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 372.419185] Call Trace: [ 372.421755] dump_stack+0x244/0x39d [ 372.425382] ? dump_stack_print_info.cold.1+0x20/0x20 [ 372.430563] ? lock_downgrade+0x900/0x900 [ 372.434706] should_fail.cold.4+0xa/0x17 [ 372.438754] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 372.443831] ? rcu_softirq_qs+0x20/0x20 [ 372.447784] ? unwind_dump+0x190/0x190 [ 372.451653] ? is_bpf_text_address+0xd3/0x170 [ 372.456127] ? graph_lock+0x270/0x270 [ 372.459908] ? __kernel_text_address+0xd/0x40 [ 372.464410] ? unwind_get_return_address+0x61/0xa0 [ 372.469334] ? find_held_lock+0x36/0x1c0 [ 372.473493] ? __lock_is_held+0xb5/0x140 [ 372.477585] ? __i915_gem_free_objects+0x278/0xea0 [ 372.482502] ? kobject_uevent+0x1f/0x24 [ 372.486459] ? perf_trace_sched_process_exec+0x860/0x860 [ 372.491898] ? do_vfs_ioctl+0x1de/0x1790 [ 372.495951] ? ksys_ioctl+0xa9/0xd0 [ 372.499583] ? __x64_sys_ioctl+0x73/0xb0 [ 372.503637] ? do_syscall_64+0x1b9/0x820 [ 372.507679] __should_failslab+0x124/0x180 [ 372.511894] should_failslab+0x9/0x14 [ 372.515723] kmem_cache_alloc+0x2be/0x730 [ 372.519892] skb_clone+0x1bb/0x500 [ 372.523420] ? skb_split+0x11e0/0x11e0 [ 372.527287] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 372.532309] ? netlink_trim+0x1b4/0x380 [ 372.536283] ? netlink_skb_destructor+0x210/0x210 [ 372.541113] netlink_broadcast_filtered+0x110f/0x1680 [ 372.546283] ? __netlink_sendskb+0xd0/0xd0 [ 372.550499] ? kasan_check_read+0x11/0x20 [ 372.554623] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 372.559878] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 372.565415] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 372.570858] ? refcount_dec_checked+0x70/0x70 [ 372.575359] ? netlink_has_listeners+0x2cb/0x4a0 [ 372.580119] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 372.585134] netlink_broadcast+0x3a/0x50 [ 372.589189] kobject_uevent_env+0xa83/0x101e [ 372.593596] kobject_uevent+0x1f/0x24 [ 372.597378] lo_ioctl+0x16f1/0x22a0 [ 372.601001] ? lo_rw_aio+0x1ef0/0x1ef0 [ 372.604871] ? find_held_lock+0x36/0x1c0 [ 372.608950] ? lo_rw_aio+0x1ef0/0x1ef0 [ 372.612828] blkdev_ioctl+0x98e/0x21b0 [ 372.616697] ? blkpg_ioctl+0xc10/0xc10 [ 372.620562] ? lock_downgrade+0x900/0x900 [ 372.624693] ? check_preemption_disabled+0x48/0x280 [ 372.629697] ? kasan_check_read+0x11/0x20 [ 372.633835] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 372.639116] ? rcu_read_unlock_special+0x370/0x370 [ 372.644055] ? __fget+0x4d1/0x740 [ 372.647509] ? ksys_dup3+0x680/0x680 [ 372.651247] block_ioctl+0xee/0x130 [ 372.654860] ? blkdev_fallocate+0x400/0x400 [ 372.659163] do_vfs_ioctl+0x1de/0x1790 [ 372.663042] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 372.668583] ? ioctl_preallocate+0x300/0x300 [ 372.672987] ? __fget_light+0x2e9/0x430 [ 372.676941] ? fget_raw+0x20/0x20 [ 372.680373] ? rcu_read_lock_sched_held+0x14f/0x180 [ 372.685371] ? kmem_cache_free+0x24f/0x290 [ 372.689583] ? putname+0xf7/0x130 [ 372.693014] ? do_syscall_64+0x9a/0x820 [ 372.696981] ? do_syscall_64+0x9a/0x820 [ 372.700934] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 372.705503] ? security_file_ioctl+0x94/0xc0 [ 372.709889] ksys_ioctl+0xa9/0xd0 [ 372.713322] __x64_sys_ioctl+0x73/0xb0 [ 372.717197] do_syscall_64+0x1b9/0x820 [ 372.721073] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 372.726421] ? syscall_return_slowpath+0x5e0/0x5e0 [ 372.731341] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 372.736174] ? trace_hardirqs_on_caller+0x310/0x310 [ 372.741175] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 372.746170] ? prepare_exit_to_usermode+0x291/0x3b0 [ 372.751167] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 372.756001] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 372.761190] RIP: 0033:0x4573d7 [ 372.764376] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 372.783265] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 372.790946] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 00000000004573d7 [ 372.798222] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 372.805479] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 372.812780] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 372.820037] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 [ 372.840369] FAT-fs (loop5): bogus number of reserved sectors [ 372.852129] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:18 executing program 5 (fault-call:0 fault-nth:23): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:18 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xf0], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:18 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 372.978170] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 373.008515] FAULT_INJECTION: forcing a failure. [ 373.008515] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 373.020362] CPU: 1 PID: 18822 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 373.028934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 373.038284] Call Trace: [ 373.040874] dump_stack+0x244/0x39d [ 373.044536] ? dump_stack_print_info.cold.1+0x20/0x20 [ 373.044555] ? kasan_check_write+0x14/0x20 [ 373.044571] should_fail.cold.4+0xa/0x17 [ 373.058001] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 373.063104] ? __kasan_slab_free+0x119/0x150 [ 373.067515] ? kobject_uevent_env+0xf76/0x101e [ 373.072105] ? mark_held_locks+0x130/0x130 [ 373.076346] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 373.081878] ? lo_ioctl+0x1e9/0x22a0 [ 373.085592] ? lo_rw_aio+0x1ef0/0x1ef0 [ 373.089483] ? find_held_lock+0x36/0x1c0 [ 373.093542] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 373.099075] ? should_fail+0x22d/0xd01 [ 373.102973] ? blkdev_ioctl+0x1f5/0x21b0 [ 373.107031] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 373.112125] ? blkpg_ioctl+0xc10/0xc10 [ 373.116005] ? lock_downgrade+0x900/0x900 [ 373.120150] __alloc_pages_nodemask+0x34b/0xdd0 [ 373.124809] ? kasan_check_read+0x11/0x20 [ 373.128948] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 373.134217] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 373.139235] ? find_held_lock+0x36/0x1c0 [ 373.143370] ? reiserfs_commit_page+0x918/0x9e0 [ 373.148047] ? trace_hardirqs_off+0xb8/0x310 [ 373.152477] cache_grow_begin+0xa5/0x8c0 [ 373.156529] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 373.162055] ? check_preemption_disabled+0x48/0x280 [ 373.167093] kmem_cache_alloc+0x66b/0x730 [ 373.171248] ? fget_raw+0x20/0x20 [ 373.174696] getname_flags+0xd0/0x590 [ 373.178515] do_mkdirat+0xc5/0x310 [ 373.182108] ? __ia32_sys_mknod+0xb0/0xb0 [ 373.186251] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.191617] ? trace_hardirqs_off_caller+0x300/0x300 [ 373.196707] ? ksys_ioctl+0x81/0xd0 [ 373.200327] __x64_sys_mkdir+0x5c/0x80 [ 373.204223] do_syscall_64+0x1b9/0x820 [ 373.208121] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 373.213475] ? syscall_return_slowpath+0x5e0/0x5e0 [ 373.218407] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.223243] ? trace_hardirqs_on_caller+0x310/0x310 [ 373.228250] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 373.233256] ? prepare_exit_to_usermode+0x291/0x3b0 [ 373.238263] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.243109] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.248285] RIP: 0033:0x456987 [ 373.251468] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 373.270373] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 10:03:18 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x3}]) 10:03:18 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x600], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:18 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="604c84e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 373.278091] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456987 [ 373.285365] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000240 [ 373.292655] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 373.299911] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 373.307167] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:18 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='mpdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:18 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8864000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 373.375558] minix_free_inode: bit 1 already cleared [ 373.380686] FAT-fs (loop5): bogus number of reserved sectors [ 373.400664] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:18 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:18 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x730000}]) 10:03:18 executing program 5 (fault-call:0 fault-nth:24): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 373.521164] MINIX-fs: file system does not have enough imap blocks allocated. Refusing to mount. [ 373.560744] MINIX-fs: bad superblock or unable to read bitmaps 10:03:18 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8100000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 373.593146] FAULT_INJECTION: forcing a failure. [ 373.593146] name failslab, interval 1, probability 0, space 0, times 0 [ 373.607673] CPU: 1 PID: 18854 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 373.616260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 373.625625] Call Trace: [ 373.628231] dump_stack+0x244/0x39d [ 373.631882] ? dump_stack_print_info.cold.1+0x20/0x20 [ 373.637079] ? print_usage_bug+0xc0/0xc0 [ 373.641163] should_fail.cold.4+0xa/0x17 [ 373.645251] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 373.650870] ? walk_component+0x3fe/0x2590 [ 373.655101] ? graph_lock+0x270/0x270 [ 373.658917] ? graph_lock+0x270/0x270 [ 373.662713] ? mark_held_locks+0x130/0x130 [ 373.666953] ? path_parentat.isra.41+0x20/0x160 [ 373.671643] ? find_held_lock+0x36/0x1c0 [ 373.675698] ? __lock_is_held+0xb5/0x140 [ 373.679760] ? perf_trace_sched_process_exec+0x860/0x860 [ 373.685208] __should_failslab+0x124/0x180 [ 373.689437] should_failslab+0x9/0x14 [ 373.693270] kmem_cache_alloc+0x2be/0x730 [ 373.697410] ? rcu_read_unlock_special+0x370/0x370 [ 373.702339] __d_alloc+0xc8/0xb90 [ 373.705790] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 373.710799] ? d_alloc_parallel+0x1f40/0x1f40 [ 373.715306] ? d_lookup+0x255/0x300 [ 373.718929] ? d_lookup+0x255/0x300 [ 373.722577] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 373.727201] ? lookup_dcache+0x22/0x140 [ 373.731171] ? trace_hardirqs_off_caller+0x300/0x300 [ 373.736287] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 373.741298] d_alloc+0x96/0x380 [ 373.744574] ? __d_lookup+0x9e0/0x9e0 [ 373.748379] ? __d_alloc+0xb90/0xb90 [ 373.752104] __lookup_hash+0xd9/0x190 [ 373.755917] filename_create+0x1e5/0x5b0 [ 373.760018] ? kern_path_mountpoint+0x40/0x40 [ 373.764514] ? fget_raw+0x20/0x20 [ 373.767985] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 373.773524] ? getname_flags+0x26e/0x590 [ 373.777592] do_mkdirat+0xda/0x310 [ 373.781127] ? __ia32_sys_mknod+0xb0/0xb0 [ 373.785266] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.790624] ? trace_hardirqs_off_caller+0x300/0x300 [ 373.795717] ? ksys_ioctl+0x81/0xd0 [ 373.799335] __x64_sys_mkdir+0x5c/0x80 [ 373.803212] do_syscall_64+0x1b9/0x820 [ 373.807096] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 373.812455] ? syscall_return_slowpath+0x5e0/0x5e0 [ 373.817420] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.822259] ? trace_hardirqs_on_caller+0x310/0x310 [ 373.827267] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 373.832279] ? prepare_exit_to_usermode+0x291/0x3b0 [ 373.837301] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.842150] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.847327] RIP: 0033:0x456987 [ 373.850509] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 373.869397] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 373.877112] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456987 [ 373.884373] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000240 10:03:19 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 373.891629] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 373.898903] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 373.906171] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:19 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x200000000000000}]) 10:03:19 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x5800000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:19 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='mudos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:19 executing program 5 (fault-call:0 fault-nth:25): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:19 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="607484e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:19 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xf5ffffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:19 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0xff600000}]) 10:03:19 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x88470000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:19 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 374.225898] FAULT_INJECTION: forcing a failure. [ 374.225898] name failslab, interval 1, probability 0, space 0, times 0 [ 374.248820] CPU: 0 PID: 18878 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 374.257399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.257445] Call Trace: [ 374.269381] dump_stack+0x244/0x39d [ 374.273014] ? dump_stack_print_info.cold.1+0x20/0x20 [ 374.278212] should_fail.cold.4+0xa/0x17 [ 374.282290] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 374.287390] ? add_to_page_cache_lru+0xdb0/0xdb0 [ 374.292174] ? mark_held_locks+0x130/0x130 [ 374.292205] ? graph_lock+0x270/0x270 [ 374.292221] ? print_usage_bug+0xc0/0xc0 [ 374.304263] ? __lock_acquire+0x62f/0x4c20 [ 374.308527] ? lock_unpin_lock+0x4a0/0x4a0 [ 374.312785] ? __lock_is_held+0xb5/0x140 [ 374.316853] ? lock_downgrade+0x900/0x900 [ 374.321017] ? __find_get_block+0xba3/0xf10 [ 374.325340] ? perf_trace_sched_process_exec+0x860/0x860 [ 374.330814] ? kasan_check_write+0x14/0x20 [ 374.335045] ? __brelse+0x104/0x180 [ 374.338672] __should_failslab+0x124/0x180 [ 374.342910] should_failslab+0x9/0x14 [ 374.346710] kmem_cache_alloc+0x2be/0x730 [ 374.350857] ? __find_get_block+0x3b9/0xf10 [ 374.355232] ? ratelimit_state_init+0xb0/0xb0 [ 374.359754] ext4_alloc_inode+0xc7/0x880 [ 374.363821] ? ratelimit_state_init+0xb0/0xb0 [ 374.368341] ? __lock_acquire+0x62f/0x4c20 [ 374.372603] ? mark_held_locks+0x130/0x130 [ 374.376838] ? graph_lock+0x270/0x270 [ 374.380705] ? ext4_es_lookup_extent+0x48f/0xdd0 [ 374.385469] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 374.391003] ? ratelimit_state_init+0xb0/0xb0 [ 374.395498] alloc_inode+0x63/0x190 [ 374.399169] new_inode_pseudo+0x71/0x1a0 [ 374.403227] ? prune_icache_sb+0x1c0/0x1c0 [ 374.407464] new_inode+0x1c/0x40 [ 374.410846] __ext4_new_inode+0x4c8/0x65a0 [ 374.415118] ? ext4_free_inode+0x1a10/0x1a10 [ 374.419559] ? find_held_lock+0x36/0x1c0 [ 374.423645] ? is_bpf_text_address+0xac/0x170 [ 374.428154] ? lock_downgrade+0x900/0x900 [ 374.432297] ? check_preemption_disabled+0x48/0x280 [ 374.437312] ? kasan_check_read+0x11/0x20 [ 374.441455] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 374.446725] ? rcu_read_unlock_special+0x370/0x370 [ 374.451648] ? rcu_softirq_qs+0x20/0x20 [ 374.455613] ? unwind_dump+0x190/0x190 [ 374.459505] ? is_bpf_text_address+0xd3/0x170 [ 374.464041] ? kernel_text_address+0x79/0xf0 [ 374.468477] ? __kernel_text_address+0xd/0x40 [ 374.473001] ? unwind_get_return_address+0x61/0xa0 [ 374.477984] ? __save_stack_trace+0x8d/0xf0 [ 374.482318] ? save_stack+0xa9/0xd0 [ 374.485961] ? save_stack+0x43/0xd0 [ 374.489612] ? __kasan_slab_free+0x102/0x150 [ 374.494014] ? kasan_slab_free+0xe/0x10 [ 374.497984] ? kmem_cache_free+0x83/0x290 [ 374.502161] ? print_usage_bug+0xc0/0xc0 [ 374.506214] ? __x64_sys_mkdir+0x5c/0x80 [ 374.510271] ? do_syscall_64+0x1b9/0x820 [ 374.514606] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 374.519975] ? trace_hardirqs_off+0xb8/0x310 [ 374.524394] ? kasan_check_read+0x11/0x20 [ 374.528540] ? do_raw_spin_unlock+0xa7/0x330 [ 374.532959] ? trace_hardirqs_on+0x310/0x310 [ 374.537391] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 374.542995] ? __dquot_initialize+0x629/0xdd0 [ 374.547541] ? dquot_get_next_dqblk+0x180/0x180 [ 374.552223] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 374.557181] ? common_perm+0x1f6/0x7b0 [ 374.561113] ext4_mkdir+0x2e1/0xe60 [ 374.564772] ? ext4_init_dot_dotdot+0x510/0x510 [ 374.569446] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 374.574988] ? security_inode_permission+0xd2/0x100 [ 374.580010] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 374.585548] ? security_inode_mkdir+0xe8/0x120 [ 374.590156] vfs_mkdir+0x42e/0x6b0 [ 374.593722] do_mkdirat+0x27a/0x310 [ 374.597361] ? __ia32_sys_mknod+0xb0/0xb0 [ 374.601512] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 374.606876] ? trace_hardirqs_off_caller+0x300/0x300 [ 374.612038] ? ksys_ioctl+0x81/0xd0 [ 374.615671] __x64_sys_mkdir+0x5c/0x80 [ 374.619563] do_syscall_64+0x1b9/0x820 [ 374.623482] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 374.628868] ? syscall_return_slowpath+0x5e0/0x5e0 [ 374.633798] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 374.638646] ? trace_hardirqs_on_caller+0x310/0x310 [ 374.643669] ? prepare_exit_to_usermode+0x291/0x3b0 [ 374.648692] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 374.653561] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 374.658770] RIP: 0033:0x456987 [ 374.661984] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 374.680885] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 374.688597] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456987 [ 374.695868] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000240 [ 374.703155] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 374.710430] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 374.717701] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:20 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x43050000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:20 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='ms\nos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 374.730779] MINIX-fs: file system does not have enough imap blocks allocated. Refusing to mount. [ 374.755432] MINIX-fs: bad superblock or unable to read bitmaps 10:03:20 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x7100}]) 10:03:20 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:20 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x608], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:20 executing program 5 (fault-call:0 fault-nth:26): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:20 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600a84e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 375.026514] FAULT_INJECTION: forcing a failure. [ 375.026514] name failslab, interval 1, probability 0, space 0, times 0 [ 375.044195] CPU: 0 PID: 18908 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 375.052778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 375.062129] Call Trace: [ 375.062152] dump_stack+0x244/0x39d [ 375.062171] ? dump_stack_print_info.cold.1+0x20/0x20 [ 375.062199] should_fail.cold.4+0xa/0x17 [ 375.073591] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 375.073607] ? add_to_page_cache_lru+0xdb0/0xdb0 [ 375.073647] ? mark_held_locks+0x130/0x130 [ 375.091759] ? graph_lock+0x270/0x270 [ 375.095557] ? print_usage_bug+0xc0/0xc0 [ 375.099621] ? __lock_acquire+0x62f/0x4c20 [ 375.103853] ? lock_unpin_lock+0x4a0/0x4a0 [ 375.108102] ? __lock_is_held+0xb5/0x140 [ 375.112209] ? lock_downgrade+0x900/0x900 [ 375.116360] ? __find_get_block+0xba3/0xf10 [ 375.120688] ? perf_trace_sched_process_exec+0x860/0x860 [ 375.126166] ? kasan_check_write+0x14/0x20 [ 375.130398] ? __brelse+0x104/0x180 [ 375.134062] __should_failslab+0x124/0x180 [ 375.138303] should_failslab+0x9/0x14 [ 375.142105] kmem_cache_alloc+0x2be/0x730 [ 375.146247] ? __find_get_block+0x3b9/0xf10 [ 375.150567] ? ratelimit_state_init+0xb0/0xb0 [ 375.155064] ext4_alloc_inode+0xc7/0x880 [ 375.159145] ? ratelimit_state_init+0xb0/0xb0 [ 375.163658] ? __lock_acquire+0x62f/0x4c20 [ 375.167938] ? mark_held_locks+0x130/0x130 [ 375.172172] ? graph_lock+0x270/0x270 [ 375.175971] ? ext4_es_lookup_extent+0x48f/0xdd0 [ 375.180726] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 375.186298] ? ratelimit_state_init+0xb0/0xb0 [ 375.190805] alloc_inode+0x63/0x190 [ 375.194429] new_inode_pseudo+0x71/0x1a0 [ 375.198484] ? prune_icache_sb+0x1c0/0x1c0 [ 375.202719] new_inode+0x1c/0x40 [ 375.206107] __ext4_new_inode+0x4c8/0x65a0 [ 375.210362] ? ext4_free_inode+0x1a10/0x1a10 [ 375.214785] ? find_held_lock+0x36/0x1c0 [ 375.218852] ? is_bpf_text_address+0xac/0x170 [ 375.223352] ? lock_downgrade+0x900/0x900 [ 375.227496] ? check_preemption_disabled+0x48/0x280 [ 375.232511] ? kasan_check_read+0x11/0x20 [ 375.236656] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 375.241929] ? rcu_read_unlock_special+0x370/0x370 [ 375.246851] ? rcu_softirq_qs+0x20/0x20 [ 375.250835] ? unwind_dump+0x190/0x190 [ 375.254744] ? is_bpf_text_address+0xd3/0x170 [ 375.259245] ? kernel_text_address+0x79/0xf0 [ 375.263660] ? __kernel_text_address+0xd/0x40 [ 375.268150] ? unwind_get_return_address+0x61/0xa0 [ 375.273114] ? __save_stack_trace+0x8d/0xf0 [ 375.277478] ? save_stack+0xa9/0xd0 [ 375.281143] ? save_stack+0x43/0xd0 [ 375.284765] ? __kasan_slab_free+0x102/0x150 [ 375.289182] ? kasan_slab_free+0xe/0x10 [ 375.293151] ? kmem_cache_free+0x83/0x290 [ 375.297297] ? print_usage_bug+0xc0/0xc0 [ 375.301354] ? __x64_sys_mkdir+0x5c/0x80 [ 375.305411] ? do_syscall_64+0x1b9/0x820 [ 375.309469] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 375.314835] ? trace_hardirqs_off+0xb8/0x310 [ 375.319245] ? kasan_check_read+0x11/0x20 [ 375.323390] ? do_raw_spin_unlock+0xa7/0x330 [ 375.327794] ? trace_hardirqs_on+0x310/0x310 [ 375.332209] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 375.337739] ? __dquot_initialize+0x629/0xdd0 [ 375.342236] ? dquot_get_next_dqblk+0x180/0x180 [ 375.346900] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 375.351828] ? common_perm+0x1f6/0x7b0 [ 375.355720] ext4_mkdir+0x2e1/0xe60 [ 375.359364] ? ext4_init_dot_dotdot+0x510/0x510 [ 375.364111] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 375.369662] ? security_inode_permission+0xd2/0x100 [ 375.374681] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 375.380216] ? security_inode_mkdir+0xe8/0x120 [ 375.384814] vfs_mkdir+0x42e/0x6b0 [ 375.388371] do_mkdirat+0x27a/0x310 [ 375.392002] ? __ia32_sys_mknod+0xb0/0xb0 [ 375.396146] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 375.401505] ? trace_hardirqs_off_caller+0x300/0x300 [ 375.406619] ? ksys_ioctl+0x81/0xd0 [ 375.410372] __x64_sys_mkdir+0x5c/0x80 [ 375.414269] do_syscall_64+0x1b9/0x820 [ 375.418166] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 375.423525] ? syscall_return_slowpath+0x5e0/0x5e0 [ 375.428452] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.433304] ? trace_hardirqs_on_caller+0x310/0x310 [ 375.438359] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 375.443377] ? prepare_exit_to_usermode+0x291/0x3b0 [ 375.448393] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.453270] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 375.458466] RIP: 0033:0x456987 10:03:20 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x3580], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:20 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x4000}]) 10:03:20 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 375.461653] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 375.480547] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 375.488245] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456987 [ 375.495522] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000240 [ 375.502783] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 375.510045] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 375.517523] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:20 executing program 5 (fault-call:0 fault-nth:27): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:20 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x4788], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 375.668780] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 375.687490] FAULT_INJECTION: forcing a failure. [ 375.687490] name failslab, interval 1, probability 0, space 0, times 0 [ 375.699155] CPU: 0 PID: 18926 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 375.707725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 375.717083] Call Trace: [ 375.719715] dump_stack+0x244/0x39d [ 375.723346] ? dump_stack_print_info.cold.1+0x20/0x20 [ 375.728548] should_fail.cold.4+0xa/0x17 [ 375.732620] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 375.737758] ? mark_held_locks+0x130/0x130 [ 375.742011] ? find_held_lock+0x36/0x1c0 [ 375.746094] ? is_bpf_text_address+0xac/0x170 [ 375.750586] ? lock_downgrade+0x900/0x900 [ 375.754730] ? check_preemption_disabled+0x48/0x280 [ 375.759744] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 375.765020] ? rcu_read_unlock_special+0x370/0x370 [ 375.769941] ? rcu_softirq_qs+0x20/0x20 [ 375.773908] ? unwind_dump+0x190/0x190 [ 375.777794] ? graph_lock+0x270/0x270 [ 375.781645] __should_failslab+0x124/0x180 [ 375.785898] should_failslab+0x9/0x14 [ 375.789694] kmem_cache_alloc+0x47/0x730 [ 375.793755] ? __es_tree_search.isra.12+0x1ba/0x220 [ 375.798775] ? find_held_lock+0x36/0x1c0 [ 375.802849] __es_insert_extent+0x30c/0x1120 [ 375.807259] ? ext4_es_free_extent+0x790/0x790 [ 375.811907] ? kasan_check_write+0x14/0x20 [ 375.816155] ? do_raw_write_lock+0x14f/0x310 [ 375.820561] ? do_raw_read_unlock+0x70/0x70 [ 375.824875] ? __lock_is_held+0xb5/0x140 [ 375.828944] ext4_es_insert_extent+0x352/0xbd0 [ 375.833525] ? ext4_es_scan_clu+0x50/0x50 [ 375.837672] ? __lock_is_held+0xb5/0x140 [ 375.841738] ? rcu_read_lock_sched_held+0x14f/0x180 [ 375.846769] ext4_ext_put_gap_in_cache+0x15f/0x1f0 [ 375.851726] ? ext4_rereserve_cluster+0x240/0x240 [ 375.856594] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 375.862138] ext4_ext_map_blocks+0x1d92/0x48e0 [ 375.866718] ? kasan_check_write+0x14/0x20 [ 375.870973] ? ext4_ext_release+0x10/0x10 [ 375.875196] ? graph_lock+0x270/0x270 [ 375.878997] ? graph_lock+0x270/0x270 [ 375.882794] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 375.888327] ? check_preemption_disabled+0x48/0x280 [ 375.893364] ? lock_acquire+0x1ed/0x520 [ 375.897365] ? ext4_map_blocks+0x487/0x1b50 [ 375.901703] ? lock_release+0xa10/0xa10 [ 375.905686] ? perf_trace_sched_process_exec+0x860/0x860 [ 375.911227] ? ext4_es_cache_extent+0x6a0/0x6a0 [ 375.915912] ? kasan_check_read+0x11/0x20 [ 375.920076] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 375.925367] ? down_read+0x8d/0x120 [ 375.929014] ? ext4_map_blocks+0x487/0x1b50 [ 375.933356] ? __down_interruptible+0x700/0x700 [ 375.938042] ? kernel_text_address+0x79/0xf0 [ 375.942470] ext4_map_blocks+0xe2d/0x1b50 [ 375.946629] ? __save_stack_trace+0x8d/0xf0 [ 375.950954] ? ext4_issue_zeroout+0x190/0x190 [ 375.955459] ? save_stack+0x43/0xd0 [ 375.959082] ? __kasan_slab_free+0x102/0x150 [ 375.963494] ? kasan_slab_free+0xe/0x10 [ 375.967476] ? kmem_cache_free+0x83/0x290 [ 375.971622] ext4_getblk+0x10e/0x630 [ 375.975338] ? ext4_iomap_begin+0x1390/0x1390 [ 375.979840] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 375.985377] ? __dquot_initialize+0x629/0xdd0 [ 375.989873] ext4_bread+0x95/0x2b0 [ 375.993410] ? ext4_getblk+0x630/0x630 [ 375.997291] ? dquot_get_next_dqblk+0x180/0x180 [ 376.001986] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 376.006916] ? common_perm+0x1f6/0x7b0 [ 376.010802] ext4_append+0x14e/0x370 [ 376.014517] ext4_mkdir+0x532/0xe60 [ 376.018164] ? ext4_init_dot_dotdot+0x510/0x510 [ 376.022831] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 376.028370] ? security_inode_permission+0xd2/0x100 [ 376.033385] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 376.038915] ? security_inode_mkdir+0xe8/0x120 [ 376.043497] vfs_mkdir+0x42e/0x6b0 [ 376.047055] do_mkdirat+0x27a/0x310 [ 376.050678] ? __ia32_sys_mknod+0xb0/0xb0 [ 376.054820] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 376.060189] ? trace_hardirqs_off_caller+0x300/0x300 [ 376.065287] ? ksys_ioctl+0x81/0xd0 [ 376.068921] __x64_sys_mkdir+0x5c/0x80 [ 376.072826] do_syscall_64+0x1b9/0x820 [ 376.076714] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 376.082077] ? syscall_return_slowpath+0x5e0/0x5e0 [ 376.087008] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.091845] ? trace_hardirqs_on_caller+0x310/0x310 [ 376.096865] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 376.101881] ? prepare_exit_to_usermode+0x291/0x3b0 [ 376.106897] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.111743] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 376.116924] RIP: 0033:0x456987 [ 376.120151] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 376.139062] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 376.146767] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456987 [ 376.154026] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000240 [ 376.161290] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a 10:03:21 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) connect$l2tp(0xffffffffffffffff, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(0xffffffffffffffff, &(0x7f0000005fc0), 0xa9, 0x0) [ 376.168576] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 376.175862] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:21 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='ms%os\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:21 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x88640000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:21 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x710000}]) [ 376.245490] FAT-fs (loop5): bogus number of reserved sectors [ 376.251318] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:21 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="602384e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:21 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:21 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xf000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:21 executing program 5 (fault-call:0 fault-nth:28): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 376.355713] minix_free_inode: bit 1 already cleared 10:03:21 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0xa774977f0000}]) [ 376.437774] FAULT_INJECTION: forcing a failure. [ 376.437774] name failslab, interval 1, probability 0, space 0, times 0 [ 376.449165] CPU: 1 PID: 18947 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 376.457757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 376.467108] Call Trace: [ 376.469697] dump_stack+0x244/0x39d [ 376.473343] ? dump_stack_print_info.cold.1+0x20/0x20 [ 376.478562] should_fail.cold.4+0xa/0x17 [ 376.482624] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 376.487731] ? mark_held_locks+0x130/0x130 [ 376.491966] ? find_held_lock+0x36/0x1c0 [ 376.496039] ? is_bpf_text_address+0xac/0x170 [ 376.500537] ? lock_downgrade+0x900/0x900 [ 376.504683] ? check_preemption_disabled+0x48/0x280 [ 376.509704] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 376.514986] ? rcu_read_unlock_special+0x370/0x370 [ 376.519917] ? rcu_softirq_qs+0x20/0x20 [ 376.523915] ? unwind_dump+0x190/0x190 [ 376.527830] ? graph_lock+0x270/0x270 [ 376.531648] __should_failslab+0x124/0x180 [ 376.535899] should_failslab+0x9/0x14 [ 376.539696] kmem_cache_alloc+0x47/0x730 [ 376.543765] ? __es_tree_search.isra.12+0x1ba/0x220 [ 376.548783] ? find_held_lock+0x36/0x1c0 [ 376.552887] __es_insert_extent+0x30c/0x1120 [ 376.557332] ? ext4_es_free_extent+0x790/0x790 [ 376.561932] ? kasan_check_write+0x14/0x20 [ 376.566161] ? do_raw_write_lock+0x14f/0x310 [ 376.570566] ? do_raw_read_unlock+0x70/0x70 [ 376.574898] ? __lock_is_held+0xb5/0x140 [ 376.578978] ext4_es_insert_extent+0x352/0xbd0 [ 376.583574] ? ext4_es_scan_clu+0x50/0x50 [ 376.587731] ? __lock_is_held+0xb5/0x140 [ 376.591803] ? rcu_read_lock_sched_held+0x14f/0x180 [ 376.596824] ext4_ext_put_gap_in_cache+0x15f/0x1f0 [ 376.601754] ? ext4_rereserve_cluster+0x240/0x240 [ 376.606601] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 376.612174] ext4_ext_map_blocks+0x1d92/0x48e0 [ 376.616800] ? kasan_check_write+0x14/0x20 [ 376.621047] ? ext4_ext_release+0x10/0x10 [ 376.625229] ? graph_lock+0x270/0x270 [ 376.629028] ? graph_lock+0x270/0x270 [ 376.632826] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 376.638381] ? check_preemption_disabled+0x48/0x280 [ 376.643431] ? lock_acquire+0x1ed/0x520 [ 376.647412] ? ext4_map_blocks+0x487/0x1b50 [ 376.651741] ? lock_release+0xa10/0xa10 [ 376.655855] ? perf_trace_sched_process_exec+0x860/0x860 [ 376.661324] ? ext4_es_cache_extent+0x6a0/0x6a0 [ 376.666010] ? kasan_check_read+0x11/0x20 [ 376.670158] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 376.675444] ? down_read+0x8d/0x120 [ 376.679106] ? ext4_map_blocks+0x487/0x1b50 [ 376.683429] ? __down_interruptible+0x700/0x700 [ 376.688106] ? kernel_text_address+0x79/0xf0 [ 376.692535] ext4_map_blocks+0xe2d/0x1b50 [ 376.696680] ? __save_stack_trace+0x8d/0xf0 [ 376.701097] ? ext4_issue_zeroout+0x190/0x190 [ 376.705597] ? save_stack+0x43/0xd0 [ 376.709222] ? __kasan_slab_free+0x102/0x150 [ 376.713620] ? kasan_slab_free+0xe/0x10 [ 376.717603] ? kmem_cache_free+0x83/0x290 [ 376.721778] ext4_getblk+0x10e/0x630 [ 376.725493] ? ext4_iomap_begin+0x1390/0x1390 [ 376.730018] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 376.735547] ? __dquot_initialize+0x629/0xdd0 [ 376.740037] ext4_bread+0x95/0x2b0 [ 376.743583] ? ext4_getblk+0x630/0x630 [ 376.747461] ? dquot_get_next_dqblk+0x180/0x180 [ 376.752136] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 376.757061] ? common_perm+0x1f6/0x7b0 [ 376.760990] ext4_append+0x14e/0x370 [ 376.764724] ext4_mkdir+0x532/0xe60 [ 376.768353] ? ext4_init_dot_dotdot+0x510/0x510 [ 376.773031] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 376.778601] ? security_inode_permission+0xd2/0x100 [ 376.783631] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 376.789163] ? security_inode_mkdir+0xe8/0x120 [ 376.793784] vfs_mkdir+0x42e/0x6b0 [ 376.797321] do_mkdirat+0x27a/0x310 [ 376.800946] ? __ia32_sys_mknod+0xb0/0xb0 [ 376.805133] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 376.810507] ? trace_hardirqs_off_caller+0x300/0x300 [ 376.815600] ? ksys_ioctl+0x81/0xd0 [ 376.819233] __x64_sys_mkdir+0x5c/0x80 [ 376.823121] do_syscall_64+0x1b9/0x820 [ 376.827034] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 376.832391] ? syscall_return_slowpath+0x5e0/0x5e0 [ 376.837310] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.842173] ? trace_hardirqs_on_caller+0x310/0x310 [ 376.847253] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 376.852265] ? prepare_exit_to_usermode+0x291/0x3b0 [ 376.857276] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.862121] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 376.867338] RIP: 0033:0x456987 [ 376.870522] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 376.889412] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 376.897113] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456987 [ 376.904411] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000240 [ 376.911683] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 376.918956] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 376.926231] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:22 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x806], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:22 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 376.960554] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:22 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x7300}]) [ 377.021145] FAT-fs (loop5): bogus number of reserved sectors [ 377.032372] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:22 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="606c84e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 377.115678] minix_free_inode: bit 1 already cleared 10:03:22 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='ms.os\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:22 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x2000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:22 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:22 executing program 5 (fault-call:0 fault-nth:29): syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:22 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xf5ffffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:22 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x4}]) 10:03:22 executing program 3: connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r0 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r0, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r0, &(0x7f0000005fc0), 0xa9, 0x0) [ 377.252450] MINIX-fs: file system does not have enough imap blocks allocated. Refusing to mount. [ 377.265345] MINIX-fs: bad superblock or unable to read bitmaps 10:03:22 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x1000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:22 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="606884e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:22 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0xa000000}]) [ 377.385951] FAULT_INJECTION: forcing a failure. [ 377.385951] name failslab, interval 1, probability 0, space 0, times 0 [ 377.430988] CPU: 0 PID: 18983 Comm: syz-executor5 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 377.439588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.448947] Call Trace: [ 377.451529] dump_stack+0x244/0x39d [ 377.455157] ? dump_stack_print_info.cold.1+0x20/0x20 [ 377.460362] ? graph_lock+0x270/0x270 [ 377.464237] ? __mark_inode_dirty+0xfb5/0x1500 [ 377.468835] should_fail.cold.4+0xa/0x17 [ 377.472906] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 377.478004] ? __lock_is_held+0xb5/0x140 [ 377.482068] ? graph_lock+0x270/0x270 [ 377.485870] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 377.491419] ? __mark_inode_dirty+0x4ad/0x1500 [ 377.496015] ? __inode_attach_wb+0x13f0/0x13f0 [ 377.500598] ? __lock_is_held+0xb5/0x140 [ 377.504666] ? inode_add_bytes+0xd3/0xf0 [ 377.508727] ? perf_trace_sched_process_exec+0x860/0x860 [ 377.514404] ? __dquot_alloc_space+0x4b9/0x8c0 [ 377.519097] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 377.524117] __should_failslab+0x124/0x180 [ 377.528365] should_failslab+0x9/0x14 [ 377.532163] kmem_cache_alloc+0x2be/0x730 [ 377.536325] ext4_mb_new_blocks+0x782/0x4820 [ 377.540735] ? find_held_lock+0x36/0x1c0 [ 377.544801] ? ext4_discard_preallocations+0x1900/0x1900 [ 377.550251] ? kasan_check_read+0x11/0x20 [ 377.554391] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 377.559660] ? rcu_read_unlock_special+0x370/0x370 [ 377.564580] ? rcu_softirq_qs+0x20/0x20 [ 377.568584] ? unwind_dump+0x190/0x190 [ 377.572481] ? is_bpf_text_address+0xd3/0x170 [ 377.576975] ? kernel_text_address+0x79/0xf0 [ 377.581384] ? __kernel_text_address+0xd/0x40 [ 377.585874] ? unwind_get_return_address+0x61/0xa0 [ 377.590831] ? __save_stack_trace+0x8d/0xf0 [ 377.595174] ? save_stack+0xa9/0xd0 [ 377.598797] ? save_stack+0x43/0xd0 [ 377.602416] ? kasan_kmalloc+0xc7/0xe0 [ 377.606295] ? __kmalloc+0x15b/0x760 [ 377.610002] ? ext4_find_extent+0x757/0x9b0 [ 377.614319] ? ext4_ext_map_blocks+0x28c/0x48e0 [ 377.618983] ? ext4_map_blocks+0x8f7/0x1b50 [ 377.623301] ? ext4_getblk+0x10e/0x630 [ 377.627182] ? ext4_bread+0x95/0x2b0 [ 377.630887] ? ext4_append+0x14e/0x370 [ 377.634770] ? ext4_mkdir+0x532/0xe60 [ 377.638593] ? vfs_mkdir+0x42e/0x6b0 [ 377.642297] ? do_mkdirat+0x27a/0x310 [ 377.646282] ? __x64_sys_mkdir+0x5c/0x80 [ 377.650342] ? do_syscall_64+0x1b9/0x820 [ 377.654404] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.659769] ? save_stack+0xa9/0xd0 [ 377.663401] ? graph_lock+0x270/0x270 [ 377.667202] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.672737] ? check_preemption_disabled+0x48/0x280 [ 377.677758] ? __lock_is_held+0xb5/0x140 [ 377.681837] ? rcu_read_lock_sched_held+0x14f/0x180 [ 377.686846] ? __kmalloc+0x5ee/0x760 [ 377.690556] ? ext4_find_extent+0x757/0x9b0 [ 377.694870] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.700413] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.705941] ? ext4_inode_to_goal_block+0x2e3/0x3f0 [ 377.710956] ext4_ext_map_blocks+0x2715/0x48e0 [ 377.715543] ? ext4_ext_release+0x10/0x10 [ 377.719690] ? graph_lock+0x270/0x270 [ 377.723485] ? graph_lock+0x270/0x270 [ 377.727284] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.732865] ? check_preemption_disabled+0x48/0x280 [ 377.737892] ? lock_acquire+0x1ed/0x520 [ 377.741867] ? ext4_map_blocks+0x88f/0x1b50 [ 377.746188] ? lock_release+0xa10/0xa10 [ 377.750154] ? perf_trace_sched_process_exec+0x860/0x860 [ 377.755598] ? ext4_es_cache_extent+0x6a0/0x6a0 [ 377.760278] ? kasan_check_read+0x11/0x20 [ 377.764417] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 377.769725] ? down_write+0x8a/0x130 [ 377.773445] ? ext4_map_blocks+0x88f/0x1b50 [ 377.777785] ? down_read+0x120/0x120 [ 377.781496] ? kernel_text_address+0x79/0xf0 [ 377.785904] ext4_map_blocks+0x8f7/0x1b50 [ 377.790046] ? __save_stack_trace+0x8d/0xf0 [ 377.794377] ? ext4_issue_zeroout+0x190/0x190 [ 377.798931] ? save_stack+0x43/0xd0 [ 377.802571] ? __kasan_slab_free+0x102/0x150 [ 377.806975] ? kasan_slab_free+0xe/0x10 [ 377.810953] ? kmem_cache_free+0x83/0x290 [ 377.815152] ext4_getblk+0x10e/0x630 [ 377.818866] ? ext4_iomap_begin+0x1390/0x1390 [ 377.823361] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.828890] ? __dquot_initialize+0x629/0xdd0 [ 377.833382] ext4_bread+0x95/0x2b0 [ 377.836930] ? ext4_getblk+0x630/0x630 [ 377.840841] ? dquot_get_next_dqblk+0x180/0x180 [ 377.845501] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 377.850425] ? common_perm+0x1f6/0x7b0 [ 377.854312] ext4_append+0x14e/0x370 [ 377.858029] ext4_mkdir+0x532/0xe60 [ 377.861679] ? ext4_init_dot_dotdot+0x510/0x510 [ 377.866355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.871890] ? security_inode_permission+0xd2/0x100 [ 377.876921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.882450] ? security_inode_mkdir+0xe8/0x120 [ 377.887046] vfs_mkdir+0x42e/0x6b0 [ 377.890582] do_mkdirat+0x27a/0x310 [ 377.894220] ? __ia32_sys_mknod+0xb0/0xb0 [ 377.898367] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.903728] ? trace_hardirqs_off_caller+0x300/0x300 [ 377.908825] ? ksys_ioctl+0x81/0xd0 [ 377.912450] __x64_sys_mkdir+0x5c/0x80 [ 377.916343] do_syscall_64+0x1b9/0x820 [ 377.920249] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 377.925625] ? syscall_return_slowpath+0x5e0/0x5e0 [ 377.930550] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.935387] ? trace_hardirqs_on_caller+0x310/0x310 [ 377.940410] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 377.945422] ? prepare_exit_to_usermode+0x291/0x3b0 [ 377.950436] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.955280] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.960464] RIP: 0033:0x456987 [ 377.963650] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:03:23 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x8906000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 377.982540] RSP: 002b:00007f1130c7da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 377.990240] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000456987 [ 377.997500] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000240 [ 378.004756] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 378.012016] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 378.019277] R13: 0000000000000000 R14: 00000000004d9010 R15: 0000000000000003 10:03:23 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:23 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='ms/os\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:23 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x800e000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:23 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 378.158047] MINIX-fs: file system does not have enough imap blocks allocated. Refusing to mount. [ 378.182912] MINIX-fs: bad superblock or unable to read bitmaps 10:03:23 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0xffefffffff7f0000}]) 10:03:23 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:23 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x58000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:23 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="60b484e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:23 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:23 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0xd00], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 378.336086] FAT-fs (loop5): bogus number of reserved sectors [ 378.355916] FAT-fs (loop5): Can't find a valid FAT filesystem 10:03:23 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='\nsdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:23 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x400000}]) 10:03:23 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msd%s\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:23 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, 0x0, 0x0) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 378.455802] MINIX-fs: file system does not have enough imap blocks allocated. Refusing to mount. [ 378.485375] MINIX-fs: bad superblock or unable to read bitmaps 10:03:23 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x4305], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:24 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0xa}]) 10:03:24 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084f102000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:24 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, 0x0, 0x0) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x88a8ffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:24 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='%sdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x7000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 378.793457] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:24 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, 0x0, 0x0) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:24 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msd\ns\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:24 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e02e040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:24 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x300000000000000}]) 10:03:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x5800], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:24 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 378.925516] minix_free_inode: bit 1 already cleared 10:03:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8dffffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:24 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x3a00], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:24 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x60ff}]) 10:03:24 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='m.dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:24 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdoo\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:24 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x3580], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:24 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e063000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:24 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x500}]) 10:03:24 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(0xffffffffffffffff, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xffffff8d], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:24 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdo0\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:24 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='m0dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 379.583178] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:25 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x28], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 379.655407] minix_free_inode: bit 1 already cleared 10:03:25 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, 0x0, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:25 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x70500000000000}]) 10:03:25 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x86ddffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:25 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:25 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x89060000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 379.958651] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:25 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e033040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:25 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdoi\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:25 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:25 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='m-dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:25 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x4000000}]) 10:03:25 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xfffffff5], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:25 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 380.098745] minix_free_inode: bit 1 already cleared 10:03:25 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x800e000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:25 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x60ffffffffff}]) 10:03:25 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:25 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='mddos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:25 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xfffff000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:26 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e0ff250a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:26 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x705000}]) 10:03:26 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdo+\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:26 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x88640000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:26 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='mudos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:26 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 380.625756] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:26 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xe80], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:26 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 380.745446] minix_free_inode: bit 1 already cleared 10:03:26 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x7f9774a70000}]) 10:03:26 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='mldos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:26 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdo*\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:26 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:28 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e030040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:28 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121, 0x0, 0x0, 0x7}]) 10:03:28 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8906], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:28 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='mpdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:28 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:28 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdo\n\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 382.930602] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:28 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x800e0000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 383.025516] minix_free_inode: bit 1 already cleared 10:03:28 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) madvise(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:28 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:28 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8847000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:28 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdo%\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:28 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='m\ndos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:29 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e00a000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:29 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) r3 = fcntl$dupfd(r1, 0x0, r0) ioctl$TCSETAF(r3, 0x5408, &(0x7f0000000040)={0x6, 0x9, 0x9, 0x25, 0x2, 0x8001, 0x16, 0x10000, 0x100, 0x29a}) io_submit(0x0, 0x0, 0x0) io_submit(0x0, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) 10:03:29 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x200000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:29 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdo-\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:29 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='mtdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 383.668144] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x88caffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:29 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) rmdir(&(0x7f0000000040)='./file0\x00') ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 383.795435] minix_free_inode: bit 1 already cleared 10:03:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x81000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:29 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:29 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='modos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:29 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f0000000040)={0x1, 'yam0\x00'}, 0x18) [ 384.041110] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:29 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e004000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8100], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:29 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:29 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdo.\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:29 executing program 1: ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = socket(0x18, 0x0, 0x1) socket$nl_xfrm(0x10, 0x3, 0x6) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r1, 0x0, 0x0) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x400000, 0x0) io_submit(r1, 0x2, &(0x7f00000002c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x6, 0x4, r0, &(0x7f0000000100)="39b7594e9b5b6d324f42192aa3bf97271a97cb591a3118bf56891dc0b2b85a909dcb189f606b06eb29e1aeb90269ee39c715ded8451719d1c08a7aa253ba97b4ac7604e6830223962ca812b725d8c7a52518d5c99df4b1dc58935d88103724927bf5b7db7e43c85ae970dd440e2411e40f90df88b5a40240553327edb6b9517a6c128e95d72a49c1", 0x88, 0x9}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x6, 0x40, r0, &(0x7f00000001c0)="5588f7764da7c967b1d16bec9d3a8726e5016f559f5bd2946fd2d244f23dc6bbe28d5305d62cf454e17d06d24401c16941e0bc6936f9fe7925732558cab4b10fc8b841dc3f7f3a29de960e0fc9faaec7435ff6", 0x53, 0x7fff, 0x0, 0x2, r2}]) io_submit(r1, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000080), 0x121}]) 10:03:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x3], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 384.156460] minix_free_inode: bit 1 already cleared 10:03:29 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='m*dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:29 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x689], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:29 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000040)='eql\x00') r1 = socket(0x18, 0x0, 0x1) r2 = socket$inet6(0xa, 0x1, 0xffc6) r3 = dup(r2) ioctl$SNDRV_CTL_IOCTL_PVERSION(r3, 0x80045500, &(0x7f0000000100)) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r4, 0x0, 0x0) io_submit(r4, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x88470000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 384.365508] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:29 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdoc\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:29 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e000580a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:29 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xd00], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:29 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r0 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x51, 0x100) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x4001fc) r1 = socket(0x18, 0x0, 0x1) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 384.495630] minix_free_inode: bit 1 already cleared 10:03:29 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}}, {{@in6=@ipv4, 0x0, 0x2b}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:30 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='m+dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:30 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x88a8ffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:30 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14) io_setup(0x1, &(0x7f0000000100)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:30 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:30 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdol\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:30 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x4305000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:30 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:34 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e00c000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:34 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x82000, 0x0) ioctl$LOOP_GET_STATUS64(r3, 0x4c05, &(0x7f00000004c0)) 10:03:34 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='m%dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:34 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x3000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:34 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4}, 0x2, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:34 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdox\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 389.174081] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 389.255515] minix_free_inode: bit 1 already cleared 10:03:34 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x7000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:34 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) pwrite64(r1, &(0x7f0000000100)="5cb78170adc5e4b71e1ee274888501eb81a6239b728211e60349b1209f5ac60591497c0adc7828e49717991f86e1bfdde6a91bfa6ae5a05603034cf8346d2b8e17ae6fdb08b825cf7e511048d3ffc626c7cf37e40aea52", 0x57, 0x0) 10:03:34 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:34 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x58], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:34 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='mcdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:34 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdou\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:35 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e006000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:35 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xffffa888], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:35 executing program 1: r0 = syz_open_dev$sndtimer(&(0x7f0000000140)='/dev/snd/timer\x00', 0x0, 0x40) readahead(r0, 0xde9, 0x401) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket(0x18, 0x0, 0x1) accept4$llc(r1, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000100)=0x10, 0x80800) r4 = syz_open_dev$sndpcmc(&(0x7f00000001c0)='/dev/snd/pcmC#D#c\x00', 0x9, 0x400) r5 = syz_open_dev$midi(&(0x7f0000000200)='/dev/midi#\x00', 0xfffffffffffffbff, 0x10001) syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000240)="b805000000b9151d00000f01d966ba430066ed66b842008ee8439967410f01cbad66bad004b000eef4c443f55f2002400fc71f", 0x33}], 0x1, 0x54, &(0x7f00000002c0), 0x0) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r6, 0x0, 0x0) io_submit(r6, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000080), 0x121}]) 10:03:35 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:35 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='midos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:35 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdo#\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 389.959338] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:35 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x2], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:35 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000040)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 390.065402] minix_free_inode: bit 1 already cleared 10:03:35 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:35 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8035000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:35 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xd000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 390.232625] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:35 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:35 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e039040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:35 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='m#dos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:35 executing program 1: lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)=@known='trusted.overlay.upper\x00', &(0x7f00000001c0)=""/190, 0xbe) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:35 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdop\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:35 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8060000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:35 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(0xffffffffffffffff, &(0x7f0000005fc0), 0xa9, 0x0) [ 390.426271] minix_free_inode: bit 1 already cleared 10:03:35 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xf0ffffffffffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:35 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:35 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, 0x0, 0x0, 0x0) 10:03:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x4305], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:36 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, 0x0, 0x0, 0x0) 10:03:36 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) ioctl$EVIOCGBITSND(r1, 0x80404532, &(0x7f0000000040)=""/14) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:36 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e0d2010a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='mxdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x4888], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:36 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, 0x0, 0x0, 0x0) 10:03:36 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdod\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:36 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) getsockopt$inet6_udp_int(r1, 0x11, 0x66, &(0x7f0000000040), &(0x7f0000000100)=0x4) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 391.039312] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8848000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:36 executing program 3: seccomp(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f0000000580)=[{0x6, 0x0, 0x0, 0xfffffffffffffffc}]}) chmod(0x0, 0x0) [ 391.155513] minix_free_inode: bit 1 already cleared 10:03:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='mXdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:36 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x801, 0x8) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000040)={0x7f, 0x2, 0x3, 0x68f6, 0x0}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000140)={r3, 0x6}, 0x8) 10:03:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x700000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:36 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdoX\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 391.392435] audit: type=1326 audit(1543140216.752:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19589 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0xffff0000 [ 391.503922] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:36 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e02d040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8906000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:36 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x0, &(0x7f0000000040)=0x0) io_submit(r2, 0x1, &(0x7f00000001c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3, 0x5, r0, &(0x7f0000000100)="a61ed6", 0x3, 0x6, 0x0, 0x2}]) io_setup(0xffffe, &(0x7f0000000200)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='ms\nos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:37 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xffffca88], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:37 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x5, 0x101000) ioctl$KVM_GET_MP_STATE(r2, 0x8004ae98, &(0x7f0000000100)) getsockopt(r2, 0xe054, 0x3, &(0x7f00000001c0)=""/124, &(0x7f0000000140)=0x7c) io_setup(0x1, &(0x7f0000000240)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 391.645622] minix_free_inode: bit 1 already cleared 10:03:37 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdosd', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 392.063075] audit: type=1326 audit(1543140217.422:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=19589 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45a3ca code=0xffff0000 10:03:37 executing program 3: readv(0xffffffffffffffff, &(0x7f0000002340), 0x0) io_setup(0x8, &(0x7f0000000100)=0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000017c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000001c0)={"0000000000000000d600", 0x1001}) r2 = dup2(0xffffffffffffffff, r1) r3 = creat(&(0x7f0000000340)='./file0\x00', 0x4) io_submit(r0, 0x0, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000000c0)) fcntl$notify(0xffffffffffffffff, 0x402, 0x20) clone(0x2302001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r4 = socket$inet6(0xa, 0x0, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000140)='system_u:object_r:restorecond_exec_t:s0\x00', 0x28) r5 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ftruncate(r5, 0x2007fff) fcntl$getown(0xffffffffffffffff, 0x9) fcntl$lock(r1, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r4, 0x6, 0x1, &(0x7f0000000040), 0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) write$P9_RATTACH(r3, &(0x7f0000000280)={0x14, 0x69, 0x0, {0x1, 0x3, 0x3}}, 0x14) sendfile(r4, r5, 0x0, 0x8000fffffffe) fsetxattr$trusted_overlay_nlink(r5, 0x0, &(0x7f0000000300)={'U-', 0x1}, 0x28, 0x2) creat(&(0x7f0000000000)='./bus\x00', 0x100) socket$inet6(0xa, 0x3, 0x4) r6 = add_key$user(&(0x7f0000000240)='user\x00', &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000380)="6a47c804059aff52582a54c61352f96a794f82802e28c72559bb4306ae4477a02b88c2e563a1558165c5172397f96092fd8e822eba351dc8de7c19e9f9f10e3d216d155114593360c65202b8", 0x4c, 0xfffffffffffffffc) keyctl$instantiate_iov(0x14, r6, &(0x7f0000000700)=[{&(0x7f0000000640)="19a12b8a177f0d385fbcd33bcedbb2af3c7db7828c29d0a19f4c6a07937aafc1bb27dc959c5d7f629d500b45895bb31571311693615fe0532d1601e56c9df8cd285748ae65228f49685a14e611cc71904100849e1f48325081931d2c1e9f7ef99d845a474408e4271ba1fe9c5fa4e29bfcb619871c3734761d181bf936a3c94b2fa005d163d0fe951f1988a0dd5855a0c99df8a79558996d6eed7402ee2ede1c", 0xa0}], 0x1, 0x0) readv(0xffffffffffffffff, 0x0, 0x0) tee(r2, r5, 0x401, 0xa) fcntl$getownex(r5, 0x10, &(0x7f0000000200)) 10:03:37 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x7], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:37 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000040)) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:37 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='ms%os\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:37 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 392.181768] FAT-fs (loop4): bogus number of reserved sectors [ 392.207775] FAT-fs (loop4): Can't find a valid FAT filesystem [ 392.221484] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:37 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e00d000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:37 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x543], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:37 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) r3 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x8, 0x0) ioctl$SCSI_IOCTL_START_UNIT(r3, 0x5) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:37 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xfffffffffffff000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:37 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='ms.os\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:37 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8dffffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 392.350346] FAT-fs (loop4): bogus number of reserved sectors [ 392.355462] minix_free_inode: bit 1 already cleared [ 392.375702] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:37 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x3, 0x0, 0xfffffffffffffffd) io_setup(0x1, &(0x7f0000000080)=0x0) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x1, 0x0) ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f0000000180)) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x1, 0x0) [ 392.608673] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 392.715747] minix_free_inode: bit 1 already cleared 10:03:38 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = add_key$keyring(&(0x7f0000000240)='keyring\x00', &(0x7f00000003c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000080)='big_key\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)='\x00', r1) r2 = dup(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400202) ioctl$sock_inet_tcp_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000140)) setsockopt$inet6_group_source_req(r2, 0x29, 0x2f, 0x0, 0x0) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20}, 0x1c) sendto$inet6(r2, &(0x7f0000000340), 0x0, 0x100000020000008, 0x0, 0x0) getsockopt$bt_hci(r2, 0x0, 0x0, &(0x7f0000000440)=""/246, &(0x7f0000000540)=0xf6) r4 = open(&(0x7f0000000040)='./file0\x00', 0x20141042, 0x4) ioctl$sock_SIOCSIFBR(r3, 0x8941, &(0x7f0000000400)=@generic={0x3, 0xab, 0x80000001}) ftruncate(r4, 0x280080) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) sendfile(r2, r4, &(0x7f0000000000), 0x200800900000002) 10:03:38 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:38 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x28000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:38 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='ms/os\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:38 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e0000a0a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:38 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000100)=0xc) r5 = getpid() tgkill(r4, r5, 0x10) 10:03:38 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x88a8ffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 392.915416] FAT-fs (loop4): bogus number of reserved sectors [ 392.941406] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:38 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x600], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:38 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x8, 0x404800) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x4a0e, 0x290000) write$FUSE_LSEEK(r1, &(0x7f0000000140)={0x18, 0x0, 0x3, {0x8}}, 0x18) r2 = socket(0x18, 0x0, 0x1) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x2003, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000280)={0x0, 0x2, 0xfffffffffffff000, 0x6}) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f00000001c0)=[@in6={0xa, 0x4e22, 0x8305, @remote, 0x1}, @in6={0xa, 0x4e20, 0x8000, @empty, 0x1000}, @in6={0xa, 0x4e22, 0x7f, @remote, 0x3}, @in={0x2, 0x4e21, @loopback}, @in={0x2, 0x4e21}, @in6={0xa, 0x4e23, 0x49e, @empty, 0x7}], 0x90) io_submit(0x0, 0x0, 0x0) io_submit(0x0, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) 10:03:38 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x300], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:38 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x4000000000000, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) recvmsg$kcm(r1, &(0x7f0000002640)={&(0x7f0000000100)=@hci={0x1f, 0x0}, 0x80, &(0x7f0000002580)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/4096, 0x1000}, {&(0x7f00000021c0)=""/224, 0xe0}, {&(0x7f00000022c0)=""/214, 0xd6}, {&(0x7f00000023c0)=""/207, 0xcf}, {&(0x7f00000024c0)=""/96, 0x60}, {&(0x7f0000002540)=""/20, 0x14}], 0x7, &(0x7f0000002600)=""/35, 0x23, 0x8}, 0x10000) bind$can_raw(r1, &(0x7f0000002680)={0x1d, r3}, 0x10) 10:03:38 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msTos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:38 executing program 3: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000006000)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000400)={0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x7530}, {}, 0x3, @can={{}, 0x0, 0x0, 0x0, 0x0, "b581593a34e71e03"}}, 0x38}}, 0x0) [ 393.106526] FAT-fs (loop4): bogus number of reserved sectors [ 393.122183] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:38 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:38 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xffffdd86], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:38 executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000080)) 10:03:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x6], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:39 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vsock\x00', 0x200040, 0x0) r5 = eventfd2(0x1f, 0x80000) r6 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000700)='/dev/dlm-control\x00', 0x10801, 0x0) r7 = syz_open_dev$vbi(&(0x7f0000000800)='/dev/vbi#\x00', 0x3, 0x2) io_submit(r3, 0x7, &(0x7f0000000880)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x3ff, r1, &(0x7f0000000040)="3059b1558a350f357ecad44a77cce1abdf0e1ad24bba2f64f171ace56e9c6ef768f558b912958563", 0x28, 0xfffffffffffffffe, 0x0, 0x3, 0xffffffffffffff9c}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f00000001c0)="1ae23127af5b06840397c69fd2fcc9086c4246a6fe8f7edf32c4cf39539287a49bf213cf22b236dae8b8e06837e8a84e1f6dd0fb05066f854dc421468b3446654fe85e34d0766c4a9c9d4171706feeb180ecafb92ed4490514776f4b2d547584683a881f2aa4537b31b3e5f852a00ac74ebd92fe14da59b6d77ade9d5f1b7d9a594e3a6d871605ea10d35ea9b615cb83af6db7dc02e9c42ae74ea9d2dcc6027101344e161e2311591e3b8b814c4bb371e5213bcaf1039875a3e17355c88a2de7bb5a07a3712d65f15aab1e8993a6a5d3213927a997025cd98896", 0xda, 0x5, 0x0, 0x1, 0xffffffffffffff9c}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x2, 0x1, r0, &(0x7f00000002c0)="d9f86a1643af71503bd79d57a82c233c11638c735902c98e62629a6bf7381270b587048ebd23a447879cf8a13de355bc23408832c44af0342629bcc47c4a3f056ec4142145420a854466bf83ba10f16776cfee222b53bc7824fda8b50f26d0af790ca7ec6ef808f3419fc386b75e2a6f9cd3764f46cdc22c62d45fd2c053bcfd0987ac92b38526f811c816abda2577fad7988c1bef0d19135d9fe78cc12e9b57e57b8365dbd094f089d9a822cc3095cbe57ebd", 0xb3, 0xff, 0x0, 0x1, r4}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x6, 0x4, r0, &(0x7f0000000400)="392fae98ea7532cea49e3a45d97a812b64638b6033857a3ce0fcb880129b19c8e145113555436f077615484f5de0de6df925a006d266f838b8def21846daa08f82bf563493287f77fab554c147e7f1bfbc14f0f62d4748ef7f5b4e0589054f2796b6cbedf812baad95ec6da060b9e89c1b8275d611cfa3072a085a740bc81cab1cf08644b0b7b4462fb1f2c6307b43f0560f83d0f157f85ed4132bf005bfa7c63d68cbf2f9a4d16d2c5256820a9dfc80f55b036eb3668b1fbbbd867a6b658f2ff97064ca47f673ffde071269b42f5f9e91e64cdbaa8ccf285be8cd0279110661", 0xe0, 0x9ca, 0x0, 0x3, r5}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0xfa1, r1, &(0x7f0000000540)="ca07e625e3b9e4a9884b193724384130e63bceeb617d25a427a0cfbb6df68ee3b61369a35a8e2a886e668be9612bb9ac9785280d31e93c505495fab9306919afa6128f9accf1a560a7ae6c6571846562e7113054f1e0f2dc35d79b751a4d0630f5fd506eae059010b6254cdd147428c7ec2a32c5a89b72404c09e65c04f4497399b368edc917d3a30bf48fbedda68ac207bbe3620c7f6262d04f954d4744bfdfa6af48b6c811f55e16a0723fc3263cb9d84eaeb8d55034", 0xb7, 0x0, 0x0, 0x2}, &(0x7f0000000740)={0x0, 0x0, 0x0, 0xf, 0x10000, r1, &(0x7f0000000640)="24807fb8cd287c2170090d902cc62d47a4a03e3cf900572bc48349c6cf58c14e73043339918c0721573be45aac3bebd9358779f9a33e0a5f3d4a8559e00ac1fde063fd16d09ad0df3b7ac783c7e734765a63ac7b9756ef9c54a23539f495a2b0778481340fdd54cc7ff7fe0431e89a6a99c8489187c169708fe0a68029ed91d6e8f1c31b96aa91d1dcab5d4772b53dfb9217654a40c076241ad86014062b4a0d99c8cdbf91", 0xa5, 0x5, 0x0, 0x0, r6}, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x2, 0x80000000, r1, &(0x7f0000000780)="e474ddfa8bcc9fc102635efe62fe77595adbdea8b28fe91e51c0ff588e520f90a29cc5e774c1db2c70f69cf4e0c763e0691da96cca18e6caa5b8d9effb385b86b2338f0ef072795d9e95a874c68b182d284622a3", 0x54, 0xfffffffffffffff8, 0x0, 0x2, r7}]) ioctl$SCSI_IOCTL_GET_IDLUN(r6, 0x5382, &(0x7f00000008c0)) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) 10:03:39 executing program 3: clone(0x2102001ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mknod(&(0x7f0000000180)='./file0\x00', 0x103f, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000066000), 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ptrace(0x10, r0) tkill(r0, 0x1000000000016) 10:03:39 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msd\ns\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:39 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e034040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:39 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f738c", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 393.652747] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 393.715559] minix_free_inode: bit 1 already cleared 10:03:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x806000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:39 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x200, 0x0) r0 = syz_open_dev$adsp(&(0x7f00000011c0)='/dev/adsp#\x00', 0x7, 0x40) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0xc) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) r3 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x20c, 0x4201) mq_timedsend(r3, &(0x7f00000001c0)="3c6ee032954c96e97bf1fa098b9d136399a874c1cc8a26926b36952263d02eb66b7b4d1a182bbfb74d25d307ce2d9107f827b675044b2c03e0abccdf492bcfee9a4ea1ad893febfd685604b9304df5ccc21439b1cefa534c15ef06365ab237c8a8d90b2473d5d0b84e05e4fda28ce888f30b4468108803cf6e327b0df0881c0e7008f36eb5884b546ece03a695ddc2aec6ed3340a598386c9496e63980272ac9f587c93fffd55722be0fa86b7385fb48d7241a3cbf4acda8cdf7f36fb59fbb2f25b08a068a67fd58f14e83dc7bf6bcaa78d554f0ec1384a6d4557637e94d8b2b9c487be75ccfcbc6dc6821c5b4f30f7e8b4f36ae9dd1576bbd8c903a46f3d3de73410493b58e10277b82d1a2337f99b0206732637b5c1befabca64ff3dc42fa06bbaffb0a62636627e456b1d9b5d736dc1cab8979f710bca794b063704e5fd2bd8d862303d8713133857062f8bc4c226de37a244e2c23480a018cd883b645dd3218f9430afd22c3be68089ce7eeb3af9311869ebcaf4ffbe4a24edd5c0bd23931ac5e8efc558fab80d69c593723ac8dc849423cccec98f769f7b68cc73546fedac28679799387cbf581b4986e2ae03122eb954f0a352b2d8a059ca2224a787269a6300cba31a9fb21daaf27e3b5461be9283aeed0501c15833cff7366c65140e6a782ee342fca426439a3cebf9c57afc21383c5bafc0b034e485d5ecdd9abeb536653f31e7f9570a9e4d9a80adbf5072741bb5cb1ecebc386d9e267ab024221ed033507d6230877a7766893cceb9f4342c52e369563faf423cfb04ec80bfe3e6d42712c3e39ddbf2353311413dbbdc1cbf628061149ed54d413a4b49d03b8dff94be6a389079abaf719a2259264ec8f67c965161bbd66598727ca2ec9eada2a5757e3281168aac4ce41e2cbc0351c51bbad03bed3af25bdb64d9490ebe4229632b2541ac0bb9c7f7cca335981a69213201e5d93692ed8492af5e52a3391a76abec39ddc8c6740b00de84566caf0c307b32decc1154a6e90de599b7e2065762d1c686f2647651562f2637768d132e13dbfb9db9d37b7b6839bc29d4bd13238e7083eb773c3106e26f448cf14971d8e395da50a1ff7cb5a2250192bc502068ef7622ff223f331c26ae87f17aa1706dcf9bf325243d90e6d75cd0ee9d72895ae4907da739403921068baa5ec1b9e0903d6f360bd6af953b09997ec66e583411994f5ec4f635ef24c551d013dc7fc969ebad66c722e694ac685779d69a601e55ef34b17b47f787f138e4ddde993d4a111b63702d16d2f322542598ea5530a2007c9df41d0178754e0694326b09d4d28168079bce69246f403a67109a2b70fd773c42c196168908be296b12382dd18f7313a7c45525a7bcc5325625cc5a162ad29f4a401acd926a4f5ff777aa2c2a1ccf34e666ea53c12e05c7f5aa8e03e9e1821bbf036335520bf83ac15406b0b66b1735bd29d8db1b8fe4df82c80eaf15f1f9ff7df9da1c45191b67c0cff310f7a4822782f9d1ec2841f4745a7e7f27e606857c39142209673a340d1af60cd99738045605c8b903e800ea55ea11804a9e549e4573d4763cbea9ed45a8e619471c1784830e6b13901503ac5d33eff68d8da3ec88bce1b74584161c27e0bd0212681912891b8695e59d37373375dfe2ca19fd2df8f08b82f1fa70cf158a59aa2b93eb7e1d3cff747e15164b9c47ce7eb4d9105f80fdc60506f99e1aefab0233f451bfc66eb8d813f7d15f6e569be7b425cb7f31198826f7d73c326812167451885d67efee5a1b7b080885c52ac4d1c0b8ea6c46325f0ca8965e7bf5fc9499df271d5303b41da5dd99c73f908aea20a7aae9d0e1c222f707a0a2909be5be071e7b5e222174315bc6ec70eb03284c5987d5174f0653ed08ec35637998249b91f40c3a151a6078d7cdf584e2a26dca43cbc9edbac774daf040f635efe2599a7603c9bc7737341fc47675b8734c12463aa269678506faa60d8e52c3312a5ae4246998fdfa72877ce105f5d56bee78f7ce5a759cc3fea206c3bfd51fbe3ec3ded3a09babaa3b9c2ffb6232863579689350c80260a585ce7b01f6a96e3adb9c6c5aaafd7d43fb0de6c4e8eb9ba6077269829c9312a6aefb20341f0b7fc39852337981f26fdd9a9589b63cc9ca5e868eaa01ca822b5ee48ce2781cf37d568b5a5d2fda958b6cd44dce2e76cd059eb55d0d2fc45025958f4676b4bc66a28568fc9c224d783a5ce48987771caf5d68c2f20b8a6134a530c26cb54c285856bf4bfaa0f785b1f2e683edbad75bad6368418dcf2a95deeebd31da64db0c20017d1d64c2d1f3813404f0849db2cc5c8619cf6521a92518bab576b42dfae1bb8ed3db0ce23a4b990de9ac88f478fab794b8a684d9634c4f9f8377ac9c9eea6c2f0a78086f03a8f1aea019036bc0c7a8d5091328d45e1e3fef4aefaf71a53720dc747a214ead97e419e529943a8e910bad1b970e8b62e737a169cbb7ee9e096d02b7cde72f6c9505ad2530ca81b51abc42b6f60d3215449af09dd68a200ca8373a997310e7542c5e6eaa7c218c56f7320ac8f2d228dce3b4a5ebecd213d334706b208e61604023160fec04481e89ac8ec610dc04e4514719f76c756cb07e4f58e1c67ad9665c12be9c951e1d88305531dd1cea0fcb60b0701e3819e3f9626eba285964d626af52b231f1724f804175d45f92070784697bdc5216c7127ca5536fec22ff8d6c4024843adc2aa810f3e652a791fc2865691062e8143d9a91e1ad5d312cdd4115cd6f8765b9e4ef8369946f4fd177434c3acd95ac7514f4f4acb7fd98b863ae9fd727dab6267e0f74e81bf0942886c15bf017fe6a20e0cfa1c9e1553dd8767c33f5fae53214f14899f493dfd9f02fc4b58ae231c8abc8378d418a3a7b8079d4e1d3b1ef452c3a0685833e2e6cb3010760af578d03f378f7228200656ce5655e2dd2d961f8a0f9d396fcbed0167292f7e3fdd436bdbde7247d3e942b515f63107e6543b7f79201ff23ec4819b7675424da31df3e1c81210195a424d2876976473fa5f53bddf386e7116f2f7459ddb77105ebff7748c137e8033da81759c88fa429d1e2b63936a04e8a9954b0d7ae140a17cd75cab5fd49dff5394c3c11f38b9c1feb1b02496c01f772ed8e11c572baac6baaab5e44969448cb908996ec6c363a143fbc01999cfab2a6c1083e17671d8457c5f0e18f2cdbac0955a3a9c46f3469fca78924e816a9d4489c80760de45c4fe080459969a9c08de68360c2e952f99fc85d7c90d2e2af34f855ea60448ea94e32ff12a03934dbacabbda31aa3e7d550b5f89370722c87b386b38eae8104f4f0c1150a7bcbc458e771a06ac187e359c2647802815cee8868da98fbd7e1486c9525c2003354cd1c220bcb2383b32b783b79078f4de899a3ae588cd72e9b7a3c9e24235a9b27c9c59abb46df9b95e83e17b229010f634c0a5672afcb6f2836cd73f571ebda22afa350cdd9f1367651877b662a8c125fd31ad1104a6a2a58fc0256fcd05c3a3b6250fa5ae1a8b76b2a48e15bbd5ddc4fb7e5158a4164e928f473baa3901c0e1860af7658f930f46016f489c47b492bbeb9d5eb9ff0a74b3bc0979ad20c09723926b13bb5f6fab2a3ea26721c5007aa534d9944f77bf3af94609545d995f22805e7d6a4e0b0528218a73d49255ad9c9c6b8445094c7ad374229a93140ccf7fd9152fc297d6808cc86f78028e6bbfb3c8fbd0cf1dc057f43b1b7a80f4c46aacb2d242516aa64d276585b1c4e69d6b2455f8ed3a2a54afa9037b433d9ead09492406190c53158f2441400d96971fe85523c209d5c967916f60d28e02214865fbecd4a71879507da1dce8c464bd93928e26c23aec63d16f3a99eca7662ac4668a99381d5af76341cf293cf4442fcf20b392dc24a616a89550194229c4ecc5b35a59e86a0e8523259beb2b7989d8c86465644b9ae3a0facaa08a275200c573946fe280799ca25ec2cb93ec65cb785ee0f53de3a1d23284407bf245d97921dc8ae4c40e79665d58011df1cca9ba98495978bc5009a7d65e8ee69e9362b940e163c69f6a2644da5377071a77793a5d8caf1df143a2744c6fedf16b1e34660a82b5564e5504bf3753dc86895aa56706cc8d67caedd581e6b94c5160502a94f4e7b77eb7a3b3b7f5f49649d770c04e8d17e4106bfc8141779c007734809f19a7e7b79501694080ffc013b9ed967ea449a1708bbad55b34b2091debc653b226b0dda6d7daf8945ba926199a6d51606f0693b935042372f2d3c4d63b86ccf6d6865578e3303f35c05a84a24ebead3394f77ce6a99f2a8dd12971ea282f47f2b8e0e77606805e7097c1301e220592af08737e44ca5d242d8a9148f1685b5411d5987e1284ab52e357705d0fb72ea6d3ef3507ba5fd0325fc20a6396a39d48f853e39a1a4afec7576f27696dc4f7fdec0f0105841fa23cb8e043d4d82ab313e1165b1e23c2a05c675dc3ac0b08201d75563b0b0d5a8b17f95426e69ed5cc92bf030055ff1dc64848138cfbe17ddbe434bcfaa27453ea4be8bcf460d81a7c7203e45b4c87cd258bcf29280828d8d6bc931d7567ab7090e2386e4147c44ec558176368a45e335e0d26b5eb0f308371782898b42bf20cd0c832beb048cf1d05b08f0f1c1fdcdd4b2d3fc60862e9177b84538de66eaa9ca53a04ff37fbf403213caf54ed5d68d37e363307219723b700e3acb05c73759cd8cb3ae479207ab80ebd08d9ccd9f8ddf26a8f24fde3181a955f9831a4c931b550d0090a0015bd2909587bb0b4e85204384a30d4f53fff81cf16c2d11c57ff7e8699baf869e219e7fc4a0ea182a56576a01bc96b3f06a06c1728ef59654c0351b6523e99e21427fd5df9869732b5efc159047e46ac37f48092764d474c69cebb6dcfe01e721be270014ead75ae5e6913be0080c3107b77e281e5ac6160fa5a8910d7f00b8905f993e70b22ada03abde9d5a5916fc21dce5da97acf2e3fe61c2911239f1d7f3750a0e39c0d2d707baab9a0847038a34682969dd5ff1c27002048d9cc6eb76218da2da80aadfb759df3bc05e5caf4bf4ba5d1999fd0e9065dd923a8d97af5003f82ea1ab30a6d9df34b40956d26d40a82bad8097f2c1f6d760f0d01756d52f9c41eaed78c262e871dac61e48690539ea2646bd63ced632d9b91e13eb61b6a56df581ec9c1dfa3c8825e8fcd07217c3878142f8aab52722fc76fc29adda65ab4206f0bc0290e87c787c0beb4a9a9bef6f1db56a421e8bb9eed05c003a8d688ba42db91c99aca30e166a4cd72b53f0787efd0da7dfd4dae8b227e0b4066e0c4a7e8a63b0662fc077f94cd0ae57835c3b7840e19a16c615da8ad854901cef9b84650e39ae0587dcf843ef3e26159472c0950a53c851848f7cff4cf84f5994164a97b510f18a1ba5a68becd55c498f596bf8ae1a0da3b282353211e949e3e540c4c839a7b39b103399d54913730df9f55f430c2f462434bce999ff02c08d81bd72cc99fc088987e382f4a535a2a414b65b5d2eb9a333b1a1c8d31ba41abe985c85f82a595987591dac0967f102771cd4cf18a96590276722c273e2f274b07eb9a9ca32022dc93751f5c28a5622d1a02944dcc4b045b685ab341093d218ebdb3b9d4a42ad4af2fe2ada3f0f14e0a448dcbc8a9d49ab89c6be688d0d52b573dbd98f991d7cd247caec053f0991e2709d21fdb5854bd63f5cc514382e6835d241227e7ef815c1337f39413987eee4d8015a5e04ae186113dafca2952ea61b25177b937ebd0b67b229de75629087d85866c51d02", 0x1000, 0x8, &(0x7f0000000100)={0x0, 0x989680}) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x300000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:39 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msd%s\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x3a000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:39 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x1f0, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000100)="fba80edc03766ee4503f56499ca17e9a266cd8c8474a10c1cd400000000000000000000000000000", 0x97}]) 10:03:39 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8848], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 394.195517] FAT-fs (loop4): bogus number of reserved sectors [ 394.223062] FAT-fs (loop4): Can't find a valid FAT filesystem [ 394.331714] FAT-fs (loop4): bogus number of reserved sectors [ 394.338073] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 394.345317] FAT-fs (loop4): Can't find a valid FAT filesystem [ 394.415767] minix_free_inode: bit 1 already cleared 10:03:42 executing program 3: setxattr$trusted_overlay_redirect(0x0, &(0x7f0000000140)='trusted.overlay.redirect\x00', 0x0, 0x0, 0x2) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x40, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000040)='tmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000001ac0)='./file0\x00') r0 = open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) ftruncate(r0, 0x28007d) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x2) sendfile(r0, r0, 0x0, 0x2008000fffffffe) 10:03:42 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0x0, &(0x7f0000000140)=0x0) io_submit(r3, 0x0, 0x0) r4 = syz_genetlink_get_family_id$team(&(0x7f0000003940)='team\x00') getpeername$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000001c0)=0x14) getsockopt$inet_mreqn(r2, 0x0, 0x27, &(0x7f0000000200)={@dev, @remote, 0x0}, &(0x7f0000000240)=0xc) recvmmsg(r0, &(0x7f0000003780)=[{{&(0x7f0000000280)=@hci={0x1f, 0x0}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000300)}], 0x1, 0x0, 0x0, 0xffff}, 0x8}, {{&(0x7f0000000380)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000400)=""/134, 0x86}, {&(0x7f00000004c0)=""/57, 0x39}, {&(0x7f0000000500)=""/187, 0xbb}, {&(0x7f00000005c0)=""/101, 0x65}, {&(0x7f0000000640)=""/22, 0x16}, {&(0x7f0000000680)=""/150, 0x96}, {&(0x7f0000000740)=""/16, 0x10}], 0x7, &(0x7f0000000800)=""/159, 0x9f, 0x7f}, 0x350d}, {{&(0x7f00000008c0)=@in={0x2, 0x0, @multicast2}, 0x80, &(0x7f0000000c40)=[{&(0x7f0000000940)=""/236, 0xec}, {&(0x7f0000000a40)=""/156, 0x9c}, {&(0x7f0000000b00)=""/88, 0x58}, {&(0x7f0000000b80)=""/183, 0xb7}], 0x4, &(0x7f0000000c80)=""/230, 0xe6, 0xffffffffffff8000}, 0x8001}, {{&(0x7f0000000d80)=@in={0x2, 0x0, @remote}, 0x80, &(0x7f0000002000)=[{&(0x7f0000000e00)=""/1, 0x1}, {&(0x7f0000000e40)=""/121, 0x79}, {&(0x7f0000000ec0)=""/144, 0x90}, {&(0x7f0000000f80)=""/4096, 0x1000}, {&(0x7f0000001f80)=""/33, 0x21}, {&(0x7f0000001fc0)=""/33, 0x21}], 0x6, &(0x7f0000002080)=""/255, 0xff, 0x2e5}, 0x1}, {{0x0, 0x0, &(0x7f0000002240)=[{&(0x7f0000002180)=""/179, 0xb3}], 0x1, &(0x7f0000002280)=""/80, 0x50, 0x1}, 0xac}, {{&(0x7f0000002300), 0x80, &(0x7f0000003680)=[{&(0x7f0000002380)=""/177, 0xb1}, {&(0x7f0000002440)=""/4096, 0x1000}, {&(0x7f0000003440)=""/129, 0x81}, {&(0x7f0000003500)=""/161, 0xa1}, {&(0x7f00000035c0)=""/105, 0x69}, {&(0x7f0000003640)=""/9, 0x9}], 0x6, &(0x7f0000003700)=""/100, 0x64}, 0x1}], 0x6, 0x40000000, &(0x7f0000003900)={0x77359400}) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000003b40)={'team0\x00', 0x0}) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000003b80)={0x0}, &(0x7f0000003bc0)=0xc) accept$packet(r2, &(0x7f0000003c40)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000003c80)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000003f40)={{{@in, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@rand_addr}}, &(0x7f0000003dc0)=0xe8) getpeername$packet(r2, &(0x7f0000003e00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000003e40)=0x14) accept4$packet(r2, &(0x7f0000003e80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000003ec0)=0x14, 0x80800) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000003f00)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_NOOP(r2, &(0x7f00000042c0)={&(0x7f0000000040), 0xc, &(0x7f0000004280)={&(0x7f0000004300)=ANY=[@ANYBLOB="14030000", @ANYRES16=r4, @ANYBLOB="00022bbd7000fddbdf250000000008000100", @ANYRES32=r5, @ANYBLOB="000202004c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r6, @ANYBLOB="0800070000000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004008100000008000600", @ANYRES32=r7, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r8, @ANYBLOB="40000100240001007072696f726974790000000000000000000000080003000e00000008000400800000000800060000000000000000000000000000", @ANYRES32=r9, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004001c1a74723c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r10, @ANYBLOB="40000100240003006c625f74785f856173685f746f5f706f72745f6d617070696e6700000000000008000300037b9d566a8ca1f7d94196ed6e7cbe828900000008000400", @ANYRES32=r11, @ANYBLOB="080007000000000008000100", @ANYRES32=r12, @ANYBLOB="700002006c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b0000003c000400ffff0449ff7f000001000019c0090000040007cdffffff7f00000292040000001a3701071a060000001000098f000000010000068100000008000100", @ANYRES32=r13, @ANYBLOB="780002003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r14, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e74000000000000000000000000000008000300030000000800040001feffff"], 0x314}, 0x1, 0x0, 0x0, 0x40800}, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) 10:03:42 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e00b000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x800e], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:42 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdns\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:42 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x800000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 396.787958] FAT-fs (loop4): bogus number of reserved sectors [ 396.794285] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 396.798826] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:42 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e008000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 396.935580] minix_free_inode: bit 1 already cleared 10:03:42 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:42 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdps\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:42 executing program 3: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600884e002000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x5800000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 397.131890] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 397.163326] FAT-fs (loop4): bogus number of reserved sectors 10:03:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xf5ffffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 397.178810] FAT-fs (loop4): Can't find a valid FAT filesystem [ 397.245541] minix_free_inode: bit 1 already cleared [ 397.336658] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 397.347171] FAT-fs (loop4): bogus number of reserved sectors [ 397.352990] FAT-fs (loop4): Can't find a valid FAT filesystem [ 397.447046] minix_free_inode: bit 1 already cleared 10:03:42 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:42 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e031040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x2000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:42 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdo-\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:42 executing program 3 (fault-call:5 fault-nth:0): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:42 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 397.667834] FAULT_INJECTION: forcing a failure. [ 397.667834] name failslab, interval 1, probability 0, space 0, times 0 [ 397.687844] FAT-fs (loop4): bogus number of reserved sectors [ 397.698788] FAT-fs (loop4): Can't find a valid FAT filesystem [ 397.704890] CPU: 0 PID: 19870 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 397.713486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.722830] Call Trace: [ 397.725423] dump_stack+0x244/0x39d [ 397.729060] ? dump_stack_print_info.cold.1+0x20/0x20 [ 397.734270] should_fail.cold.4+0xa/0x17 [ 397.738337] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 397.743441] ? __lock_acquire+0x62f/0x4c20 [ 397.747690] ? mark_held_locks+0x130/0x130 [ 397.751941] ? print_usage_bug+0xc0/0xc0 [ 397.756040] ? mark_held_locks+0x130/0x130 [ 397.760279] ? find_held_lock+0x36/0x1c0 [ 397.764360] ? perf_trace_sched_process_exec+0x860/0x860 [ 397.769830] __should_failslab+0x124/0x180 [ 397.774089] should_failslab+0x9/0x14 [ 397.777917] kmem_cache_alloc_node+0x26e/0x730 [ 397.782512] __alloc_skb+0x114/0x770 [ 397.786233] ? netdev_alloc_frag+0x1f0/0x1f0 [ 397.790648] ? perf_trace_sched_process_exec+0x860/0x860 [ 397.796154] ? lock_downgrade+0x900/0x900 [ 397.800314] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.805875] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 397.811356] sock_wmalloc+0x16d/0x1f0 [ 397.815230] ? skb_set_owner_w+0x360/0x360 [ 397.819479] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.825019] ? _copy_from_user+0xdf/0x150 [ 397.829234] pppol2tp_sendmsg+0x23d/0x6c0 [ 397.833429] ? apparmor_socket_sendmsg+0x29/0x30 [ 397.838193] ? pppol2tp_getsockopt+0x940/0x940 [ 397.842810] sock_sendmsg+0xd5/0x120 [ 397.846531] ___sys_sendmsg+0x51d/0x930 [ 397.850582] ? copy_msghdr_from_user+0x580/0x580 [ 397.855418] ? get_pid_task+0xd6/0x1a0 [ 397.859347] ? lock_downgrade+0x900/0x900 [ 397.863546] ? check_preemption_disabled+0x48/0x280 [ 397.868595] ? __fget_light+0x2e9/0x430 [ 397.872584] ? fget_raw+0x20/0x20 [ 397.876051] ? __f_unlock_pos+0x19/0x20 [ 397.880026] ? lock_downgrade+0x900/0x900 [ 397.884181] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 397.889715] ? proc_fail_nth_write+0x9e/0x210 [ 397.894214] ? proc_cwd_link+0x1d0/0x1d0 [ 397.898329] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.903907] ? sockfd_lookup_light+0xc5/0x160 [ 397.908458] __sys_sendmmsg+0x246/0x6d0 [ 397.912444] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 397.916786] ? __lock_is_held+0xb5/0x140 [ 397.920874] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.926410] ? check_preemption_disabled+0x48/0x280 [ 397.931465] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 397.937000] ? fput+0x130/0x1a0 [ 397.940282] ? do_syscall_64+0x9a/0x820 [ 397.944254] ? do_syscall_64+0x9a/0x820 [ 397.948246] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 397.952849] ? trace_hardirqs_on+0xbd/0x310 [ 397.957174] ? __ia32_sys_read+0xb0/0xb0 [ 397.961238] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 397.966618] ? trace_hardirqs_off_caller+0x300/0x300 [ 397.971728] __x64_sys_sendmmsg+0x9d/0x100 [ 397.975981] do_syscall_64+0x1b9/0x820 [ 397.979898] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 397.985262] ? syscall_return_slowpath+0x5e0/0x5e0 [ 397.990194] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.995041] ? trace_hardirqs_on_caller+0x310/0x310 [ 398.000071] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 398.005135] ? prepare_exit_to_usermode+0x291/0x3b0 [ 398.010158] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.015007] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.020191] RIP: 0033:0x457569 [ 398.023388] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 398.042283] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 398.049986] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 398.057318] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:03:43 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x4788], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 398.064585] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 398.071886] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 398.079174] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:43 executing program 3 (fault-call:5 fault-nth:1): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 398.190545] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 398.204703] FAULT_INJECTION: forcing a failure. [ 398.204703] name failslab, interval 1, probability 0, space 0, times 0 [ 398.216325] CPU: 1 PID: 19888 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 398.224946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.224965] Call Trace: [ 398.224981] dump_stack+0x244/0x39d [ 398.225000] ? dump_stack_print_info.cold.1+0x20/0x20 [ 398.225026] should_fail.cold.4+0xa/0x17 [ 398.249797] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 398.254916] ? __save_stack_trace+0x8d/0xf0 [ 398.259260] ? save_stack+0xa9/0xd0 [ 398.262902] ? save_stack+0x43/0xd0 [ 398.266564] ? find_held_lock+0x36/0x1c0 [ 398.270704] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.276210] ? check_preemption_disabled+0x48/0x280 [ 398.281227] __should_failslab+0x124/0x180 [ 398.285477] should_failslab+0x9/0x14 [ 398.289275] kmem_cache_alloc_node_trace+0x270/0x740 [ 398.294384] __kmalloc_node_track_caller+0x3c/0x70 [ 398.299355] __kmalloc_reserve.isra.38+0x41/0xe0 [ 398.304152] __alloc_skb+0x150/0x770 [ 398.307873] ? netdev_alloc_frag+0x1f0/0x1f0 [ 398.312284] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.317778] ? lock_downgrade+0x900/0x900 [ 398.321937] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.327476] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 398.332930] sock_wmalloc+0x16d/0x1f0 [ 398.336785] ? skb_set_owner_w+0x360/0x360 [ 398.341014] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.346546] ? _copy_from_user+0xdf/0x150 [ 398.350713] pppol2tp_sendmsg+0x23d/0x6c0 [ 398.354866] ? apparmor_socket_sendmsg+0x29/0x30 [ 398.359628] ? pppol2tp_getsockopt+0x940/0x940 [ 398.364228] sock_sendmsg+0xd5/0x120 [ 398.367957] ___sys_sendmsg+0x51d/0x930 [ 398.371950] ? copy_msghdr_from_user+0x580/0x580 [ 398.376721] ? get_pid_task+0xd6/0x1a0 [ 398.380636] ? lock_downgrade+0x900/0x900 [ 398.384812] ? check_preemption_disabled+0x48/0x280 [ 398.389840] ? __fget_light+0x2e9/0x430 [ 398.393828] ? fget_raw+0x20/0x20 [ 398.397301] ? __f_unlock_pos+0x19/0x20 [ 398.401286] ? lock_downgrade+0x900/0x900 [ 398.405449] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 398.410993] ? proc_fail_nth_write+0x9e/0x210 [ 398.415501] ? proc_cwd_link+0x1d0/0x1d0 [ 398.419582] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.425134] ? sockfd_lookup_light+0xc5/0x160 [ 398.429644] __sys_sendmmsg+0x246/0x6d0 [ 398.433639] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 398.437974] ? __lock_is_held+0xb5/0x140 [ 398.442055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.447601] ? check_preemption_disabled+0x48/0x280 [ 398.452644] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 398.458194] ? fput+0x130/0x1a0 [ 398.461486] ? do_syscall_64+0x9a/0x820 [ 398.465473] ? do_syscall_64+0x9a/0x820 [ 398.469460] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 398.474075] ? trace_hardirqs_on+0xbd/0x310 [ 398.478421] ? __ia32_sys_read+0xb0/0xb0 [ 398.482496] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.487898] ? trace_hardirqs_off_caller+0x300/0x300 [ 398.493014] __x64_sys_sendmmsg+0x9d/0x100 [ 398.497259] do_syscall_64+0x1b9/0x820 [ 398.501152] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 398.506516] ? syscall_return_slowpath+0x5e0/0x5e0 [ 398.511441] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.516283] ? trace_hardirqs_on_caller+0x310/0x310 [ 398.521316] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 398.526335] ? prepare_exit_to_usermode+0x291/0x3b0 [ 398.531354] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.536208] entry_SYSCALL_64_after_hwframe+0x49/0xbe 10:03:43 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x600000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:43 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdod\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:43 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000980)=ANY=[@ANYBLOB], &(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='cgroup2\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x7, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000540)) rmdir(&(0x7f0000000240)='./file0//ile0\x00') syz_genetlink_get_family_id$team(&(0x7f0000000440)='team\x00') mkdir(&(0x7f0000000340)='./file0//ile0\x00', 0x0) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x2842, 0x0) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000200)={0x54e, 0x7fffffff}) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 398.541418] RIP: 0033:0x457569 [ 398.544604] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 398.563502] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 398.564166] FAT-fs (loop4): bogus number of reserved sectors [ 398.571225] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 398.571234] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:03:44 executing program 3 (fault-call:5 fault-nth:2): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:44 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e00e000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 398.571242] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 398.571250] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 398.571272] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 398.676332] minix_free_inode: bit 1 already cleared [ 398.678148] FAULT_INJECTION: forcing a failure. [ 398.678148] name failslab, interval 1, probability 0, space 0, times 0 [ 398.691669] FAT-fs (loop4): Can't find a valid FAT filesystem [ 398.692718] CPU: 1 PID: 19898 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 398.707158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.716510] Call Trace: [ 398.719104] dump_stack+0x244/0x39d [ 398.722741] ? dump_stack_print_info.cold.1+0x20/0x20 [ 398.727929] ? is_bpf_text_address+0xac/0x170 [ 398.732430] should_fail.cold.4+0xa/0x17 [ 398.736497] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 398.741627] ? rcu_read_unlock_special+0x370/0x370 [ 398.746579] ? rcu_softirq_qs+0x20/0x20 [ 398.750546] ? unwind_dump+0x190/0x190 [ 398.754440] ? kernel_text_address+0x79/0xf0 [ 398.758850] ? __lock_acquire+0x62f/0x4c20 [ 398.763091] ? __save_stack_trace+0x8d/0xf0 [ 398.767456] ? mark_held_locks+0x130/0x130 [ 398.771684] ? save_stack+0x43/0xd0 [ 398.775307] ? __kmalloc_node_track_caller+0x50/0x70 [ 398.780403] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 398.785325] ? __alloc_skb+0x150/0x770 [ 398.789225] ? sock_wmalloc+0x16d/0x1f0 [ 398.793213] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 398.797574] ? sock_sendmsg+0xd5/0x120 [ 398.801460] ? ___sys_sendmsg+0x51d/0x930 [ 398.805605] ? __sys_sendmmsg+0x246/0x6d0 [ 398.809762] ? __x64_sys_sendmmsg+0x9d/0x100 [ 398.814184] ? do_syscall_64+0x1b9/0x820 [ 398.818251] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.823622] __should_failslab+0x124/0x180 [ 398.827859] should_failslab+0x9/0x14 [ 398.831660] kmem_cache_alloc_node_trace+0x5a/0x740 [ 398.836695] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 398.842253] __kmalloc_node_track_caller+0x3c/0x70 [ 398.847185] __kmalloc_reserve.isra.38+0x41/0xe0 [ 398.851941] pskb_expand_head+0x230/0x10f0 [ 398.856193] ? kasan_kmalloc+0xc7/0xe0 [ 398.860092] ? skb_release_data+0x880/0x880 [ 398.864427] ? __might_fault+0x12b/0x1e0 [ 398.868492] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.874027] ? iov_iter_advance+0x306/0x13f0 [ 398.878456] ? lock_release+0xa10/0xa10 [ 398.882425] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.887879] ? once_deferred+0xa0/0xa0 [ 398.891768] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.897223] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 398.902076] l2tp_xmit_skb+0x106b/0x1670 [ 398.906196] ? l2tp_recv_common+0x1d40/0x1d40 [ 398.910699] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.916237] ? _copy_from_user+0xdf/0x150 [ 398.920384] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 398.924703] pppol2tp_sendmsg+0x4b1/0x6c0 [ 398.928856] ? apparmor_socket_sendmsg+0x29/0x30 [ 398.933616] ? pppol2tp_getsockopt+0x940/0x940 [ 398.938196] sock_sendmsg+0xd5/0x120 [ 398.941936] ___sys_sendmsg+0x51d/0x930 [ 398.945912] ? copy_msghdr_from_user+0x580/0x580 [ 398.950666] ? get_pid_task+0xd6/0x1a0 [ 398.954552] ? lock_downgrade+0x900/0x900 [ 398.958711] ? check_preemption_disabled+0x48/0x280 [ 398.963741] ? __fget_light+0x2e9/0x430 [ 398.967712] ? fget_raw+0x20/0x20 [ 398.971182] ? __f_unlock_pos+0x19/0x20 [ 398.975158] ? lock_downgrade+0x900/0x900 [ 398.979307] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 398.984843] ? proc_fail_nth_write+0x9e/0x210 [ 398.989337] ? proc_cwd_link+0x1d0/0x1d0 [ 398.993439] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.998991] ? sockfd_lookup_light+0xc5/0x160 [ 399.003500] __sys_sendmmsg+0x246/0x6d0 [ 399.007509] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 399.011866] ? __lock_is_held+0xb5/0x140 [ 399.015966] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.021499] ? check_preemption_disabled+0x48/0x280 [ 399.026524] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 399.032067] ? fput+0x130/0x1a0 [ 399.035344] ? do_syscall_64+0x9a/0x820 [ 399.039331] ? do_syscall_64+0x9a/0x820 [ 399.043304] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 399.047903] ? trace_hardirqs_on+0xbd/0x310 [ 399.052229] ? __ia32_sys_read+0xb0/0xb0 [ 399.056318] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.061677] ? trace_hardirqs_off_caller+0x300/0x300 [ 399.066781] __x64_sys_sendmmsg+0x9d/0x100 [ 399.071017] do_syscall_64+0x1b9/0x820 [ 399.074907] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 399.080269] ? syscall_return_slowpath+0x5e0/0x5e0 [ 399.085194] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.090033] ? trace_hardirqs_on_caller+0x310/0x310 [ 399.095060] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 399.100074] ? prepare_exit_to_usermode+0x291/0x3b0 [ 399.105089] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.109939] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.115160] RIP: 0033:0x457569 [ 399.118351] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 399.137285] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 399.145023] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 399.152288] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 399.159551] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 399.166811] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 399.174073] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:44 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8100000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:44 executing program 3 (fault-call:5 fault-nth:3): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:44 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x80350000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:44 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdol\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 399.429922] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 399.461771] FAULT_INJECTION: forcing a failure. [ 399.461771] name failslab, interval 1, probability 0, space 0, times 0 [ 399.473383] CPU: 1 PID: 19915 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 399.481971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.491326] Call Trace: [ 399.493936] dump_stack+0x244/0x39d [ 399.497572] ? dump_stack_print_info.cold.1+0x20/0x20 [ 399.502771] ? __x64_sys_sendmmsg+0x9d/0x100 [ 399.507224] ? do_syscall_64+0x1b9/0x820 [ 399.511291] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.516763] ? kasan_check_read+0x11/0x20 [ 399.520922] should_fail.cold.4+0xa/0x17 [ 399.524989] ? trace_hardirqs_on+0xbd/0x310 [ 399.529377] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 399.534486] ? __lock_acquire+0x62f/0x4c20 [ 399.538721] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.544288] ? mark_held_locks+0x130/0x130 [ 399.548525] ? find_held_lock+0x36/0x1c0 [ 399.552651] ? perf_trace_sched_process_exec+0x860/0x860 [ 399.558184] ? graph_lock+0x270/0x270 [ 399.561996] ? kfree_skb+0x1c3/0x580 [ 399.565716] ? __kfree_skb+0x20/0x20 [ 399.569442] __should_failslab+0x124/0x180 [ 399.573689] should_failslab+0x9/0x14 [ 399.577496] kmem_cache_alloc_node+0x26e/0x730 [ 399.582076] ? find_held_lock+0x36/0x1c0 [ 399.586166] __alloc_skb+0x114/0x770 [ 399.589887] ? netdev_alloc_frag+0x1f0/0x1f0 [ 399.594296] ? perf_trace_sched_process_exec+0x860/0x860 [ 399.599763] ? lock_downgrade+0x900/0x900 [ 399.603949] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.609489] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 399.614947] sock_wmalloc+0x16d/0x1f0 [ 399.618752] ? skb_set_owner_w+0x360/0x360 [ 399.623005] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 399.628605] ? _copy_from_user+0xdf/0x150 [ 399.632783] pppol2tp_sendmsg+0x23d/0x6c0 [ 399.636974] ? apparmor_socket_sendmsg+0x29/0x30 [ 399.641767] ? pppol2tp_getsockopt+0x940/0x940 [ 399.646895] sock_sendmsg+0xd5/0x120 [ 399.650695] ___sys_sendmsg+0x51d/0x930 [ 399.654680] ? graph_lock+0x270/0x270 [ 399.658484] ? copy_msghdr_from_user+0x580/0x580 [ 399.663240] ? get_pid_task+0xd6/0x1a0 [ 399.667183] ? find_held_lock+0x36/0x1c0 [ 399.671267] ? __might_fault+0x12b/0x1e0 [ 399.675352] ? lock_downgrade+0x900/0x900 [ 399.679511] ? perf_trace_sched_process_exec+0x860/0x860 [ 399.685008] __sys_sendmmsg+0x246/0x6d0 [ 399.688992] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 399.693335] ? __lock_is_held+0xb5/0x140 [ 399.697402] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.702934] ? check_preemption_disabled+0x48/0x280 [ 399.707962] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 399.713512] ? fput+0x130/0x1a0 [ 399.716861] ? do_syscall_64+0x9a/0x820 [ 399.720891] ? do_syscall_64+0x9a/0x820 [ 399.724869] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 399.729467] ? trace_hardirqs_on+0xbd/0x310 [ 399.733809] ? __ia32_sys_read+0xb0/0xb0 [ 399.737869] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.743235] ? trace_hardirqs_off_caller+0x300/0x300 [ 399.748380] __x64_sys_sendmmsg+0x9d/0x100 [ 399.752612] do_syscall_64+0x1b9/0x820 [ 399.756509] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 399.761910] ? syscall_return_slowpath+0x5e0/0x5e0 [ 399.766869] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.771740] ? trace_hardirqs_on_caller+0x310/0x310 [ 399.776751] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 399.781780] ? prepare_exit_to_usermode+0x291/0x3b0 [ 399.786814] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.791687] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.796877] RIP: 0033:0x457569 [ 399.800066] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 399.819311] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 399.827020] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 399.834284] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 399.841576] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 399.848857] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 399.856161] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x6488], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:45 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:45 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:45 executing program 3 (fault-call:5 fault-nth:4): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:45 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e038040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 399.960762] minix_free_inode: bit 1 already cleared 10:03:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x88480000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 399.997590] FAULT_INJECTION: forcing a failure. [ 399.997590] name failslab, interval 1, probability 0, space 0, times 0 [ 400.015422] CPU: 1 PID: 19927 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 400.024002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.033351] Call Trace: [ 400.035936] dump_stack+0x244/0x39d [ 400.039562] ? dump_stack_print_info.cold.1+0x20/0x20 [ 400.044760] should_fail.cold.4+0xa/0x17 [ 400.048838] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 400.053938] ? __save_stack_trace+0x8d/0xf0 [ 400.058270] ? save_stack+0xa9/0xd0 [ 400.061898] ? save_stack+0x43/0xd0 [ 400.065526] ? find_held_lock+0x36/0x1c0 [ 400.069609] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.075056] ? check_preemption_disabled+0x48/0x280 [ 400.080088] __should_failslab+0x124/0x180 [ 400.084327] should_failslab+0x9/0x14 [ 400.088147] kmem_cache_alloc_node_trace+0x270/0x740 [ 400.093290] __kmalloc_node_track_caller+0x3c/0x70 [ 400.098241] __kmalloc_reserve.isra.38+0x41/0xe0 [ 400.103001] __alloc_skb+0x150/0x770 [ 400.106714] ? netdev_alloc_frag+0x1f0/0x1f0 [ 400.111132] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.116580] ? lock_downgrade+0x900/0x900 [ 400.120735] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.126271] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 400.131761] sock_wmalloc+0x16d/0x1f0 [ 400.135560] ? skb_set_owner_w+0x360/0x360 [ 400.139792] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.145370] ? _copy_from_user+0xdf/0x150 [ 400.149523] pppol2tp_sendmsg+0x23d/0x6c0 [ 400.153676] ? apparmor_socket_sendmsg+0x29/0x30 [ 400.158452] ? pppol2tp_getsockopt+0x940/0x940 [ 400.163034] sock_sendmsg+0xd5/0x120 [ 400.166758] ___sys_sendmsg+0x51d/0x930 [ 400.170731] ? graph_lock+0x270/0x270 [ 400.174539] ? copy_msghdr_from_user+0x580/0x580 [ 400.179297] ? get_pid_task+0xd6/0x1a0 [ 400.183182] ? find_held_lock+0x36/0x1c0 [ 400.187246] ? __might_fault+0x12b/0x1e0 [ 400.191353] ? lock_downgrade+0x900/0x900 [ 400.195561] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.201030] __sys_sendmmsg+0x246/0x6d0 [ 400.205010] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 400.209339] ? __lock_is_held+0xb5/0x140 [ 400.213419] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.218997] ? check_preemption_disabled+0x48/0x280 [ 400.224047] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 400.229670] ? fput+0x130/0x1a0 [ 400.232963] ? do_syscall_64+0x9a/0x820 [ 400.236934] ? do_syscall_64+0x9a/0x820 [ 400.240915] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 400.245521] ? trace_hardirqs_on+0xbd/0x310 [ 400.249846] ? __ia32_sys_read+0xb0/0xb0 [ 400.253914] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 400.259307] ? trace_hardirqs_off_caller+0x300/0x300 [ 400.264413] __x64_sys_sendmmsg+0x9d/0x100 [ 400.268649] do_syscall_64+0x1b9/0x820 [ 400.272552] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 400.277915] ? syscall_return_slowpath+0x5e0/0x5e0 [ 400.282897] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.287761] ? trace_hardirqs_on_caller+0x310/0x310 [ 400.292885] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 400.297911] ? prepare_exit_to_usermode+0x291/0x3b0 [ 400.302941] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.307811] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 400.313028] RIP: 0033:0x457569 [ 400.316238] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 400.335144] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 10:03:45 executing program 3 (fault-call:5 fault-nth:5): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 400.342869] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 400.350169] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 400.357442] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 400.364715] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 400.371986] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:45 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000040), &(0x7f0000000140)=0x1a4) io_submit(r2, 0x200001f7, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x8000000000000, 0x7ffffffffffffd, r1, &(0x7f0000000100)}]) [ 400.507686] FAT-fs (loop4): bogus number of reserved sectors [ 400.520667] FAT-fs (loop4): Can't find a valid FAT filesystem [ 400.528576] FAULT_INJECTION: forcing a failure. [ 400.528576] name failslab, interval 1, probability 0, space 0, times 0 [ 400.539814] CPU: 0 PID: 19935 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 400.548388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.557721] Call Trace: [ 400.557738] dump_stack+0x244/0x39d [ 400.557754] ? dump_stack_print_info.cold.1+0x20/0x20 [ 400.557771] ? is_bpf_text_address+0xac/0x170 [ 400.557790] should_fail.cold.4+0xa/0x17 [ 400.557805] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 400.557819] ? rcu_read_unlock_special+0x370/0x370 [ 400.564003] ? rcu_softirq_qs+0x20/0x20 [ 400.564014] ? unwind_dump+0x190/0x190 [ 400.564037] ? kernel_text_address+0x79/0xf0 [ 400.564055] ? __lock_acquire+0x62f/0x4c20 [ 400.564069] ? __save_stack_trace+0x8d/0xf0 [ 400.564092] ? mark_held_locks+0x130/0x130 [ 400.612735] ? save_stack+0x43/0xd0 [ 400.616386] ? __kmalloc_node_track_caller+0x50/0x70 [ 400.621485] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 400.626408] ? __alloc_skb+0x150/0x770 [ 400.630291] ? sock_wmalloc+0x16d/0x1f0 [ 400.634297] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 400.638615] ? sock_sendmsg+0xd5/0x120 [ 400.642502] ? ___sys_sendmsg+0x51d/0x930 [ 400.646798] ? __sys_sendmmsg+0x246/0x6d0 [ 400.651006] ? __x64_sys_sendmmsg+0x9d/0x100 [ 400.655431] ? do_syscall_64+0x1b9/0x820 [ 400.659500] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 400.664884] __should_failslab+0x124/0x180 [ 400.669140] should_failslab+0x9/0x14 [ 400.672949] kmem_cache_alloc_node_trace+0x5a/0x740 [ 400.677974] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 400.683524] __kmalloc_node_track_caller+0x3c/0x70 [ 400.688464] __kmalloc_reserve.isra.38+0x41/0xe0 [ 400.693231] pskb_expand_head+0x230/0x10f0 [ 400.697478] ? kasan_kmalloc+0xc7/0xe0 [ 400.701407] ? skb_release_data+0x880/0x880 [ 400.705745] ? __might_fault+0x12b/0x1e0 [ 400.709820] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.715368] ? iov_iter_advance+0x306/0x13f0 [ 400.719836] ? lock_release+0xa10/0xa10 [ 400.723836] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.729298] ? once_deferred+0xa0/0xa0 [ 400.733200] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.738666] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 400.743527] l2tp_xmit_skb+0x106b/0x1670 [ 400.747612] ? l2tp_recv_common+0x1d40/0x1d40 [ 400.752126] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.757674] ? _copy_from_user+0xdf/0x150 [ 400.761834] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 400.766180] pppol2tp_sendmsg+0x4b1/0x6c0 [ 400.770343] ? apparmor_socket_sendmsg+0x29/0x30 [ 400.775124] ? pppol2tp_getsockopt+0x940/0x940 [ 400.779710] sock_sendmsg+0xd5/0x120 [ 400.783450] ___sys_sendmsg+0x51d/0x930 [ 400.787432] ? graph_lock+0x270/0x270 [ 400.791257] ? copy_msghdr_from_user+0x580/0x580 [ 400.796022] ? get_pid_task+0xd6/0x1a0 [ 400.799919] ? find_held_lock+0x36/0x1c0 [ 400.804018] ? __might_fault+0x12b/0x1e0 [ 400.808098] ? lock_downgrade+0x900/0x900 [ 400.812285] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.817753] __sys_sendmmsg+0x246/0x6d0 [ 400.821744] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 400.826180] ? __lock_is_held+0xb5/0x140 [ 400.830257] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.835824] ? check_preemption_disabled+0x48/0x280 [ 400.840863] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 400.846418] ? fput+0x130/0x1a0 [ 400.849740] ? do_syscall_64+0x9a/0x820 [ 400.853726] ? do_syscall_64+0x9a/0x820 [ 400.857719] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 400.862328] ? trace_hardirqs_on+0xbd/0x310 [ 400.866657] ? __ia32_sys_read+0xb0/0xb0 [ 400.870727] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 400.876099] ? trace_hardirqs_off_caller+0x300/0x300 [ 400.881238] __x64_sys_sendmmsg+0x9d/0x100 [ 400.885501] do_syscall_64+0x1b9/0x820 [ 400.889415] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 400.894808] ? syscall_return_slowpath+0x5e0/0x5e0 [ 400.899752] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.904604] ? trace_hardirqs_on_caller+0x310/0x310 [ 400.909625] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 400.914651] ? prepare_exit_to_usermode+0x291/0x3b0 [ 400.919685] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.924550] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 400.929743] RIP: 0033:0x457569 [ 400.932946] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 400.951852] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 400.959653] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 400.966927] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 400.974204] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 400.981475] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 400.988743] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:46 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8035], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:46 executing program 3 (fault-call:5 fault-nth:6): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:46 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_dev$radio(&(0x7f0000000200)='/dev/radio#\x00', 0x1, 0x2) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000240)={0x14000, 0x0, 0x0, 0x10000}) ioctl$DRM_IOCTL_AGP_BIND(r2, 0x40106436, &(0x7f0000000280)={r3, 0x7}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000300)='fou\x00') sendmsg$FOU_CMD_ADD(r2, &(0x7f00000003c0)={&(0x7f00000002c0), 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14000000c860e73476842cd8404830288c9bfa2ceeb6370e3faca08c7de906316da75ce1391f5101a5da024e93dc7ec0a3ea8e8592f82f24a38df2d01a9e73b90470664ba5682609874058823fb8c7afaed594002bdeef1ea68a6dc96149a0d907ffd3411d9242a34992b58381d78278bb5f08eccf14917e60f2fc5cc66e23d690c72836039b09496ea075656d618520e4e26dc8abfe857b711990389d368d24aff1c8983d66d900881e161e848ad18c77fe6b02e169a9444680e6f8956525dd7cb3d6cde0bd7e", @ANYRES16=r4, @ANYBLOB="100025bd700080b509961dc63583"], 0x14}, 0x1, 0x0, 0x0, 0x4014}, 0x1) r5 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r6, 0xffffff77, 0x0) io_submit(r6, 0x1, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0xfffffffffffffffc, 0x0, r5, &(0x7f0000000440)="6771ec96b454c7758613513605f684c8462222c7f11a7e7f1923b6e5fc13eb204dfec1f34973893bb032c3b41de17d55750581ae2601fbc54f374c8986740e03277af436e7d2785854dd32a479e1c5da0f26f1f6b2f807b7ede7de111b7fd135e9d1098ecf06c3e7755ea8457192c9dcf4faddc87bc295530faf80da3a", 0x7d}]) fsetxattr$security_smack_entry(r0, &(0x7f0000000180)='security.SMACK64IPOUT\x00', &(0x7f00000001c0)='\'\x00', 0x2, 0x1) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565b, &(0x7f0000000140)={0x8001007, 0x0, 0x2}) stat(&(0x7f0000000340)='./file0\x00', &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000380), &(0x7f0000000640)=0x0, &(0x7f0000000680)) stat(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r10 = getgid() getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000780)={0x0, 0x0, 0x0}, &(0x7f00000007c0)=0xc) setgroups(0x5, &(0x7f0000000800)=[r7, r8, r9, r10, r11]) ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x8) rt_sigreturn() times(&(0x7f0000000040)) 10:03:46 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdo#\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 401.107550] FAT-fs (loop4): bogus number of reserved sectors [ 401.116085] FAT-fs (loop4): Can't find a valid FAT filesystem [ 401.162866] FAULT_INJECTION: forcing a failure. [ 401.162866] name failslab, interval 1, probability 0, space 0, times 0 [ 401.212817] CPU: 1 PID: 19952 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 401.221436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.230792] Call Trace: [ 401.233389] dump_stack+0x244/0x39d [ 401.237039] ? dump_stack_print_info.cold.1+0x20/0x20 [ 401.242233] ? __x64_sys_sendmmsg+0x9d/0x100 [ 401.246663] ? do_syscall_64+0x1b9/0x820 [ 401.250738] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.256125] ? kasan_check_read+0x11/0x20 [ 401.260309] should_fail.cold.4+0xa/0x17 [ 401.264386] ? trace_hardirqs_on+0xbd/0x310 [ 401.268727] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 401.273847] ? __lock_acquire+0x62f/0x4c20 [ 401.278124] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.283700] ? mark_held_locks+0x130/0x130 [ 401.287957] ? find_held_lock+0x36/0x1c0 [ 401.292052] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.297518] ? graph_lock+0x270/0x270 [ 401.301332] ? kfree_skb+0x1c3/0x580 [ 401.305059] ? __kfree_skb+0x20/0x20 [ 401.308818] __should_failslab+0x124/0x180 [ 401.313102] should_failslab+0x9/0x14 [ 401.316931] kmem_cache_alloc_node+0x26e/0x730 [ 401.321522] ? find_held_lock+0x36/0x1c0 [ 401.325641] __alloc_skb+0x114/0x770 [ 401.329374] ? netdev_alloc_frag+0x1f0/0x1f0 [ 401.333799] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.339287] ? lock_downgrade+0x900/0x900 [ 401.343457] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.349001] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 401.354499] sock_wmalloc+0x16d/0x1f0 [ 401.358316] ? skb_set_owner_w+0x360/0x360 [ 401.362554] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.368098] ? _copy_from_user+0xdf/0x150 [ 401.372308] pppol2tp_sendmsg+0x23d/0x6c0 [ 401.376465] ? apparmor_socket_sendmsg+0x29/0x30 [ 401.381224] ? pppol2tp_getsockopt+0x940/0x940 [ 401.385824] sock_sendmsg+0xd5/0x120 [ 401.389551] ___sys_sendmsg+0x51d/0x930 [ 401.393524] ? graph_lock+0x270/0x270 [ 401.397331] ? copy_msghdr_from_user+0x580/0x580 [ 401.402163] ? get_pid_task+0xd6/0x1a0 [ 401.406104] ? find_held_lock+0x36/0x1c0 [ 401.410228] ? __might_fault+0x12b/0x1e0 [ 401.414305] ? lock_downgrade+0x900/0x900 [ 401.418514] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.423986] __sys_sendmmsg+0x246/0x6d0 [ 401.427995] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 401.432354] ? __lock_is_held+0xb5/0x140 [ 401.436456] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.442008] ? check_preemption_disabled+0x48/0x280 [ 401.447057] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 401.452604] ? fput+0x130/0x1a0 [ 401.455909] ? do_syscall_64+0x9a/0x820 [ 401.459903] ? do_syscall_64+0x9a/0x820 [ 401.463906] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 401.468503] ? trace_hardirqs_on+0xbd/0x310 [ 401.472834] ? __ia32_sys_read+0xb0/0xb0 [ 401.476919] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.482302] ? trace_hardirqs_off_caller+0x300/0x300 [ 401.487429] __x64_sys_sendmmsg+0x9d/0x100 [ 401.491682] do_syscall_64+0x1b9/0x820 [ 401.495588] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 401.500969] ? syscall_return_slowpath+0x5e0/0x5e0 [ 401.505921] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.510781] ? trace_hardirqs_on_caller+0x310/0x310 [ 401.515976] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 401.521013] ? prepare_exit_to_usermode+0x291/0x3b0 [ 401.526050] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.530919] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.530933] RIP: 0033:0x457569 [ 401.530952] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:03:46 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:46 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xd00000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:47 executing program 3 (fault-call:5 fault-nth:7): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 401.545364] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 401.558254] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 401.558268] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 401.558277] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 401.558286] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 401.558294] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 401.558303] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:47 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x22000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:47 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e028040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 401.779365] FAULT_INJECTION: forcing a failure. [ 401.779365] name failslab, interval 1, probability 0, space 0, times 0 [ 401.795897] CPU: 1 PID: 19964 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 401.804498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.804505] Call Trace: [ 401.804529] dump_stack+0x244/0x39d [ 401.804554] ? dump_stack_print_info.cold.1+0x20/0x20 [ 401.825291] should_fail.cold.4+0xa/0x17 [ 401.829374] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 401.834489] ? __save_stack_trace+0x8d/0xf0 [ 401.838845] ? save_stack+0xa9/0xd0 [ 401.842494] ? save_stack+0x43/0xd0 [ 401.846148] ? find_held_lock+0x36/0x1c0 [ 401.850335] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.855799] ? check_preemption_disabled+0x48/0x280 [ 401.855822] __should_failslab+0x124/0x180 [ 401.855842] should_failslab+0x9/0x14 [ 401.855860] kmem_cache_alloc_node_trace+0x270/0x740 [ 401.855896] __kmalloc_node_track_caller+0x3c/0x70 [ 401.855915] __kmalloc_reserve.isra.38+0x41/0xe0 [ 401.883749] __alloc_skb+0x150/0x770 [ 401.887492] ? netdev_alloc_frag+0x1f0/0x1f0 [ 401.891956] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.896887] QAT: Invalid ioctl [ 401.897421] ? lock_downgrade+0x900/0x900 [ 401.897452] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.897472] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 401.897496] sock_wmalloc+0x16d/0x1f0 [ 401.907601] QAT: Invalid ioctl [ 401.910379] ? skb_set_owner_w+0x360/0x360 [ 401.910396] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.910414] ? _copy_from_user+0xdf/0x150 [ 401.910440] pppol2tp_sendmsg+0x23d/0x6c0 [ 401.910463] ? apparmor_socket_sendmsg+0x29/0x30 [ 401.917387] FAT-fs (loop4): bogus number of reserved sectors [ 401.919699] ? pppol2tp_getsockopt+0x940/0x940 [ 401.919718] sock_sendmsg+0xd5/0x120 [ 401.919736] ___sys_sendmsg+0x51d/0x930 [ 401.919756] ? graph_lock+0x270/0x270 [ 401.925402] FAT-fs (loop4): Can't find a valid FAT filesystem [ 401.927183] ? copy_msghdr_from_user+0x580/0x580 [ 401.927204] ? get_pid_task+0xd6/0x1a0 [ 401.927225] ? find_held_lock+0x36/0x1c0 [ 401.927257] ? __might_fault+0x12b/0x1e0 [ 401.990212] ? lock_downgrade+0x900/0x900 [ 401.994412] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.999883] __sys_sendmmsg+0x246/0x6d0 [ 402.003881] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 402.008232] ? __lock_is_held+0xb5/0x140 [ 402.012343] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.017904] ? check_preemption_disabled+0x48/0x280 [ 402.022955] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 402.028545] ? fput+0x130/0x1a0 [ 402.031836] ? do_syscall_64+0x9a/0x820 [ 402.035818] ? do_syscall_64+0x9a/0x820 [ 402.039799] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 402.044405] ? trace_hardirqs_on+0xbd/0x310 [ 402.048729] ? __ia32_sys_read+0xb0/0xb0 [ 402.052796] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.058219] ? trace_hardirqs_off_caller+0x300/0x300 [ 402.063339] __x64_sys_sendmmsg+0x9d/0x100 [ 402.067613] do_syscall_64+0x1b9/0x820 [ 402.071548] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 402.076920] ? syscall_return_slowpath+0x5e0/0x5e0 [ 402.081853] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.086704] ? trace_hardirqs_on_caller+0x310/0x310 [ 402.091722] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 402.096764] ? prepare_exit_to_usermode+0x291/0x3b0 [ 402.101818] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.106711] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.111905] RIP: 0033:0x457569 10:03:47 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xf000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:47 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdo.\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 402.115130] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 402.134066] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 402.141815] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 402.149081] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 402.156358] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 402.163640] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 402.170912] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 402.195645] minix_free_inode: bit 1 already cleared 10:03:47 executing program 3 (fault-call:5 fault-nth:8): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:47 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) prctl$PR_GET_DUMPABLE(0x3) getsockopt$sock_timeval(r2, 0x1, 0x15, &(0x7f0000000200), &(0x7f0000000240)=0x10) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) ptrace$getsig(0x4202, r4, 0x3f, &(0x7f0000000100)) sendto(r0, &(0x7f0000000280)="0d7c2efc57f5e01f972ffaeb1068f1b311072e495580feac5e305efe0e35dc4c53fb1221f86ca488623bba8aa3739b713b83a5bea7b113f6e6342fba36d3875cfcffefccb486d66212", 0x49, 0x0, &(0x7f0000000300)=@ax25={0x3, {"16272164215d9e"}, 0x80000001}, 0x80) bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)={&(0x7f0000000140)='./file0\x00'}, 0x10) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) [ 402.226962] FAT-fs (loop4): bogus number of reserved sectors [ 402.232795] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:47 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xd], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:47 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 402.387505] FAULT_INJECTION: forcing a failure. [ 402.387505] name failslab, interval 1, probability 0, space 0, times 0 [ 402.398830] CPU: 0 PID: 19982 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 402.407444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.416797] Call Trace: [ 402.419403] dump_stack+0x244/0x39d [ 402.423078] ? dump_stack_print_info.cold.1+0x20/0x20 [ 402.428321] ? is_bpf_text_address+0xac/0x170 [ 402.432830] should_fail.cold.4+0xa/0x17 [ 402.436904] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 402.442013] ? rcu_read_unlock_special+0x370/0x370 [ 402.446945] ? rcu_softirq_qs+0x20/0x20 [ 402.450922] ? unwind_dump+0x190/0x190 [ 402.454855] ? kernel_text_address+0x79/0xf0 [ 402.459287] ? __lock_acquire+0x62f/0x4c20 [ 402.463540] ? __save_stack_trace+0x8d/0xf0 [ 402.467913] ? mark_held_locks+0x130/0x130 [ 402.472157] ? save_stack+0x43/0xd0 [ 402.475787] ? __kmalloc_node_track_caller+0x50/0x70 [ 402.480890] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 402.485837] ? __alloc_skb+0x150/0x770 [ 402.489744] ? sock_wmalloc+0x16d/0x1f0 [ 402.493724] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 402.498053] ? sock_sendmsg+0xd5/0x120 [ 402.501956] ? ___sys_sendmsg+0x51d/0x930 [ 402.506118] ? __sys_sendmmsg+0x246/0x6d0 [ 402.510293] ? __x64_sys_sendmmsg+0x9d/0x100 [ 402.514955] ? do_syscall_64+0x1b9/0x820 [ 402.519037] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.524449] __should_failslab+0x124/0x180 [ 402.528709] should_failslab+0x9/0x14 [ 402.532512] kmem_cache_alloc_node_trace+0x5a/0x740 [ 402.537554] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 402.543105] __kmalloc_node_track_caller+0x3c/0x70 [ 402.548068] __kmalloc_reserve.isra.38+0x41/0xe0 [ 402.552829] pskb_expand_head+0x230/0x10f0 [ 402.557065] ? kasan_kmalloc+0xc7/0xe0 [ 402.560967] ? skb_release_data+0x880/0x880 [ 402.565299] ? __might_fault+0x12b/0x1e0 [ 402.569368] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.574913] ? iov_iter_advance+0x306/0x13f0 [ 402.579355] ? lock_release+0xa10/0xa10 [ 402.583336] ? perf_trace_sched_process_exec+0x860/0x860 [ 402.588788] ? once_deferred+0xa0/0xa0 [ 402.592676] ? perf_trace_sched_process_exec+0x860/0x860 [ 402.598143] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 402.603008] l2tp_xmit_skb+0x106b/0x1670 [ 402.607092] ? l2tp_recv_common+0x1d40/0x1d40 [ 402.611595] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.617138] ? _copy_from_user+0xdf/0x150 [ 402.621296] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 402.625625] pppol2tp_sendmsg+0x4b1/0x6c0 [ 402.629810] ? apparmor_socket_sendmsg+0x29/0x30 [ 402.634583] ? pppol2tp_getsockopt+0x940/0x940 [ 402.639178] sock_sendmsg+0xd5/0x120 [ 402.642892] ___sys_sendmsg+0x51d/0x930 [ 402.647004] ? graph_lock+0x270/0x270 [ 402.650810] ? copy_msghdr_from_user+0x580/0x580 [ 402.655568] ? get_pid_task+0xd6/0x1a0 [ 402.659473] ? find_held_lock+0x36/0x1c0 [ 402.663553] ? __might_fault+0x12b/0x1e0 [ 402.667617] ? lock_downgrade+0x900/0x900 [ 402.671785] ? perf_trace_sched_process_exec+0x860/0x860 [ 402.677244] __sys_sendmmsg+0x246/0x6d0 [ 402.681256] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 402.685600] ? __lock_is_held+0xb5/0x140 [ 402.689698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.695237] ? check_preemption_disabled+0x48/0x280 [ 402.700292] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 402.705839] ? fput+0x130/0x1a0 [ 402.709139] ? do_syscall_64+0x9a/0x820 [ 402.713151] ? do_syscall_64+0x9a/0x820 [ 402.717142] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 402.721754] ? trace_hardirqs_on+0xbd/0x310 [ 402.726081] ? __ia32_sys_read+0xb0/0xb0 [ 402.730158] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.735545] ? trace_hardirqs_off_caller+0x300/0x300 [ 402.740663] __x64_sys_sendmmsg+0x9d/0x100 [ 402.744906] do_syscall_64+0x1b9/0x820 [ 402.748803] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 402.754181] ? syscall_return_slowpath+0x5e0/0x5e0 [ 402.759130] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.763984] ? trace_hardirqs_on_caller+0x310/0x310 [ 402.769011] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 402.774035] ? prepare_exit_to_usermode+0x291/0x3b0 [ 402.779066] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.783925] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.789141] RIP: 0033:0x457569 [ 402.792347] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 402.811250] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 402.818977] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 402.826266] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 402.833534] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 402.840802] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 402.848086] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:48 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x3a], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:48 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x2200, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000100), &(0x7f0000000140)=0x4) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) 10:03:48 executing program 3 (fault-call:5 fault-nth:9): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:48 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdo0\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 403.007914] FAT-fs (loop4): bogus number of reserved sectors [ 403.030817] FAT-fs (loop4): Can't find a valid FAT filesystem [ 403.090204] FAULT_INJECTION: forcing a failure. [ 403.090204] name failslab, interval 1, probability 0, space 0, times 0 [ 403.120285] CPU: 0 PID: 20003 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 403.128893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.138292] Call Trace: [ 403.140910] dump_stack+0x244/0x39d [ 403.144554] ? dump_stack_print_info.cold.1+0x20/0x20 [ 403.149811] ? graph_lock+0x270/0x270 [ 403.153647] should_fail.cold.4+0xa/0x17 [ 403.157725] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 403.162843] ? __lock_acquire+0x62f/0x4c20 [ 403.167089] ? find_held_lock+0x36/0x1c0 [ 403.171206] ? mark_held_locks+0x130/0x130 [ 403.175462] ? find_held_lock+0x36/0x1c0 [ 403.179556] ? __switch_to_asm+0x34/0x70 [ 403.183628] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.189094] ? preempt_notifier_register+0x200/0x200 [ 403.194227] ? __switch_to_asm+0x34/0x70 [ 403.198330] ? __switch_to_asm+0x34/0x70 [ 403.202444] ? __switch_to_asm+0x40/0x70 [ 403.206522] __should_failslab+0x124/0x180 [ 403.210778] should_failslab+0x9/0x14 [ 403.214611] kmem_cache_alloc_node+0x26e/0x730 [ 403.219225] ? __schedule+0x8d7/0x21d0 [ 403.223164] __alloc_skb+0x114/0x770 [ 403.226898] ? netdev_alloc_frag+0x1f0/0x1f0 [ 403.231324] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.236901] ? lock_downgrade+0x900/0x900 [ 403.241076] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.246659] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 403.252157] sock_wmalloc+0x16d/0x1f0 [ 403.255976] ? skb_set_owner_w+0x360/0x360 [ 403.260238] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 403.265786] ? _copy_from_user+0xdf/0x150 [ 403.269976] pppol2tp_sendmsg+0x23d/0x6c0 [ 403.274157] ? apparmor_socket_sendmsg+0x29/0x30 [ 403.278953] ? pppol2tp_getsockopt+0x940/0x940 [ 403.283560] sock_sendmsg+0xd5/0x120 [ 403.287286] ___sys_sendmsg+0x51d/0x930 [ 403.291275] ? graph_lock+0x270/0x270 [ 403.295089] ? copy_msghdr_from_user+0x580/0x580 [ 403.299883] ? get_pid_task+0xd6/0x1a0 [ 403.303786] ? find_held_lock+0x36/0x1c0 [ 403.307867] ? __might_fault+0x12b/0x1e0 [ 403.311937] ? lock_downgrade+0x900/0x900 [ 403.316108] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.321582] __sys_sendmmsg+0x246/0x6d0 [ 403.325592] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 403.329919] ? __lock_is_held+0xb5/0x140 [ 403.334019] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.339580] ? check_preemption_disabled+0x48/0x280 [ 403.344614] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 403.350157] ? fput+0x130/0x1a0 [ 403.350173] ? do_syscall_64+0x9a/0x820 [ 403.350187] ? do_syscall_64+0x9a/0x820 [ 403.350204] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 403.353654] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 403.357479] ? trace_hardirqs_on+0xbd/0x310 [ 403.357509] ? __ia32_sys_read+0xb0/0xb0 [ 403.357527] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 403.357545] ? trace_hardirqs_off_caller+0x300/0x300 [ 403.357566] __x64_sys_sendmmsg+0x9d/0x100 [ 403.357600] do_syscall_64+0x1b9/0x820 [ 403.357635] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 403.406089] ? syscall_return_slowpath+0x5e0/0x5e0 [ 403.411025] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.415866] ? trace_hardirqs_on_caller+0x310/0x310 [ 403.420882] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 403.425918] ? prepare_exit_to_usermode+0x291/0x3b0 [ 403.430950] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.435822] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 403.441011] RIP: 0033:0x457569 [ 403.444205] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 403.463103] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 403.470836] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 403.478102] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:03:48 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x100000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 403.485416] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 403.492699] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 403.499989] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:48 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e036040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:48 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:48 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x418, 0x80807, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000040)=0x3, 0x4) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r3, 0xc04c5349, &(0x7f00000001c0)={0x0, 0x7}) 10:03:48 executing program 3 (fault-call:5 fault-nth:10): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 403.615808] minix_free_inode: bit 1 already cleared 10:03:49 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x88caffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 403.672291] FAULT_INJECTION: forcing a failure. [ 403.672291] name failslab, interval 1, probability 0, space 0, times 0 [ 403.694969] CPU: 1 PID: 20023 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 403.703571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.712923] Call Trace: [ 403.715548] dump_stack+0x244/0x39d [ 403.719213] ? dump_stack_print_info.cold.1+0x20/0x20 [ 403.724431] should_fail.cold.4+0xa/0x17 [ 403.728499] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 403.733601] ? __save_stack_trace+0x8d/0xf0 [ 403.737949] ? save_stack+0xa9/0xd0 [ 403.741629] ? save_stack+0x43/0xd0 [ 403.745262] ? find_held_lock+0x36/0x1c0 [ 403.749346] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.754855] ? check_preemption_disabled+0x48/0x280 [ 403.759885] __should_failslab+0x124/0x180 [ 403.764164] should_failslab+0x9/0x14 [ 403.768003] kmem_cache_alloc_node_trace+0x270/0x740 [ 403.773145] __kmalloc_node_track_caller+0x3c/0x70 [ 403.778087] __kmalloc_reserve.isra.38+0x41/0xe0 [ 403.782893] __alloc_skb+0x150/0x770 [ 403.786618] ? netdev_alloc_frag+0x1f0/0x1f0 [ 403.791066] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.796524] ? lock_downgrade+0x900/0x900 [ 403.800696] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.806245] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 403.811712] sock_wmalloc+0x16d/0x1f0 [ 403.815520] ? skb_set_owner_w+0x360/0x360 [ 403.819775] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 403.825316] ? _copy_from_user+0xdf/0x150 [ 403.829509] pppol2tp_sendmsg+0x23d/0x6c0 [ 403.833670] ? apparmor_socket_sendmsg+0x29/0x30 [ 403.838434] ? pppol2tp_getsockopt+0x940/0x940 [ 403.843021] sock_sendmsg+0xd5/0x120 [ 403.846742] ___sys_sendmsg+0x51d/0x930 [ 403.850744] ? graph_lock+0x270/0x270 [ 403.854549] ? copy_msghdr_from_user+0x580/0x580 [ 403.859360] ? get_pid_task+0xd6/0x1a0 [ 403.863253] ? find_held_lock+0x36/0x1c0 [ 403.867341] ? __might_fault+0x12b/0x1e0 [ 403.871433] ? lock_downgrade+0x900/0x900 [ 403.875605] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.881072] __sys_sendmmsg+0x246/0x6d0 [ 403.885053] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 403.889391] ? __lock_is_held+0xb5/0x140 [ 403.893462] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.899003] ? check_preemption_disabled+0x48/0x280 [ 403.904034] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 403.909572] ? fput+0x130/0x1a0 [ 403.912851] ? do_syscall_64+0x9a/0x820 [ 403.916832] ? do_syscall_64+0x9a/0x820 [ 403.920805] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 403.925423] ? trace_hardirqs_on+0xbd/0x310 [ 403.929764] ? __ia32_sys_read+0xb0/0xb0 [ 403.933858] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 403.939227] ? trace_hardirqs_off_caller+0x300/0x300 [ 403.944338] __x64_sys_sendmmsg+0x9d/0x100 [ 403.948580] do_syscall_64+0x1b9/0x820 [ 403.952470] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 403.957836] ? syscall_return_slowpath+0x5e0/0x5e0 [ 403.962796] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.967683] ? trace_hardirqs_on_caller+0x310/0x310 [ 403.972715] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 403.977766] ? prepare_exit_to_usermode+0x291/0x3b0 [ 403.983827] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.988678] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 403.993866] RIP: 0033:0x457569 [ 403.997089] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 404.016028] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 10:03:49 executing program 3 (fault-call:5 fault-nth:11): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 404.023741] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 404.031012] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 404.038293] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 404.045579] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 404.052848] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:49 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdox\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:49 executing program 1: prctl$PR_GET_TSC(0x19, &(0x7f0000000040)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:49 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x806], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 404.182170] FAULT_INJECTION: forcing a failure. [ 404.182170] name failslab, interval 1, probability 0, space 0, times 0 10:03:49 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8847], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 404.262712] CPU: 1 PID: 20030 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 404.271332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.280692] Call Trace: [ 404.283297] dump_stack+0x244/0x39d [ 404.286946] ? dump_stack_print_info.cold.1+0x20/0x20 [ 404.292169] should_fail.cold.4+0xa/0x17 [ 404.296251] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 404.301363] ? __save_stack_trace+0x8d/0xf0 [ 404.305727] ? save_stack+0xa9/0xd0 [ 404.309374] ? save_stack+0x43/0xd0 [ 404.313059] ? find_held_lock+0x36/0x1c0 [ 404.317175] ? perf_trace_sched_process_exec+0x860/0x860 [ 404.322661] ? check_preemption_disabled+0x48/0x280 [ 404.327705] __should_failslab+0x124/0x180 [ 404.331954] should_failslab+0x9/0x14 [ 404.335764] kmem_cache_alloc_node_trace+0x270/0x740 [ 404.340897] __kmalloc_node_track_caller+0x3c/0x70 [ 404.345854] __kmalloc_reserve.isra.38+0x41/0xe0 [ 404.350631] __alloc_skb+0x150/0x770 [ 404.354360] ? netdev_alloc_frag+0x1f0/0x1f0 [ 404.358779] ? perf_trace_sched_process_exec+0x860/0x860 [ 404.364238] ? lock_downgrade+0x900/0x900 [ 404.368424] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.373977] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 404.379445] sock_wmalloc+0x16d/0x1f0 [ 404.383255] ? skb_set_owner_w+0x360/0x360 [ 404.387494] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 404.393037] ? _copy_from_user+0xdf/0x150 [ 404.397207] pppol2tp_sendmsg+0x23d/0x6c0 [ 404.401372] ? apparmor_socket_sendmsg+0x29/0x30 [ 404.406142] ? pppol2tp_getsockopt+0x940/0x940 [ 404.410732] sock_sendmsg+0xd5/0x120 [ 404.414477] ___sys_sendmsg+0x51d/0x930 [ 404.418461] ? graph_lock+0x270/0x270 [ 404.422284] ? copy_msghdr_from_user+0x580/0x580 [ 404.427050] ? get_pid_task+0xd6/0x1a0 [ 404.430967] ? find_held_lock+0x36/0x1c0 [ 404.435045] ? __might_fault+0x12b/0x1e0 [ 404.439127] ? lock_downgrade+0x900/0x900 [ 404.443303] ? perf_trace_sched_process_exec+0x860/0x860 [ 404.448784] __sys_sendmmsg+0x246/0x6d0 [ 404.452804] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 404.457185] ? __lock_is_held+0xb5/0x140 [ 404.461290] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.466885] ? check_preemption_disabled+0x48/0x280 [ 404.471951] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 404.477499] ? fput+0x130/0x1a0 [ 404.480789] ? do_syscall_64+0x9a/0x820 [ 404.484764] ? do_syscall_64+0x9a/0x820 [ 404.488758] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 404.493347] ? trace_hardirqs_on+0xbd/0x310 [ 404.497671] ? __ia32_sys_read+0xb0/0xb0 [ 404.501740] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 404.507123] ? trace_hardirqs_off_caller+0x300/0x300 [ 404.512260] __x64_sys_sendmmsg+0x9d/0x100 [ 404.516520] do_syscall_64+0x1b9/0x820 [ 404.520434] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 404.525802] ? syscall_return_slowpath+0x5e0/0x5e0 [ 404.530733] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.535604] ? trace_hardirqs_on_caller+0x310/0x310 [ 404.540622] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 404.545642] ? prepare_exit_to_usermode+0x291/0x3b0 [ 404.550681] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.555550] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 404.560738] RIP: 0033:0x457569 [ 404.563930] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 404.582839] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 404.590549] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 404.597831] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 404.605100] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 10:03:50 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos&', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 404.612375] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 404.619661] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:50 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000080)={'veth0_to_bond\x00', {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1d}}}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0x800000000000001, &(0x7f0000000040)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) [ 404.918256] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:50 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e005000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:50 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x5800], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:50 executing program 3 (fault-call:5 fault-nth:12): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:50 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdo\n\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:50 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) mlockall(0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:50 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 405.045410] minix_free_inode: bit 1 already cleared 10:03:50 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x700], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 405.114110] FAULT_INJECTION: forcing a failure. [ 405.114110] name failslab, interval 1, probability 0, space 0, times 0 [ 405.127134] CPU: 1 PID: 20075 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 405.135733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.145091] Call Trace: [ 405.147702] dump_stack+0x244/0x39d [ 405.151350] ? dump_stack_print_info.cold.1+0x20/0x20 [ 405.156556] ? graph_lock+0x270/0x270 [ 405.160389] should_fail.cold.4+0xa/0x17 [ 405.164468] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 405.169584] ? __lock_acquire+0x62f/0x4c20 [ 405.173832] ? find_held_lock+0x36/0x1c0 [ 405.177924] ? mark_held_locks+0x130/0x130 [ 405.182176] ? find_held_lock+0x36/0x1c0 [ 405.186269] ? __switch_to_asm+0x34/0x70 [ 405.190343] ? perf_trace_sched_process_exec+0x860/0x860 [ 405.195806] ? preempt_notifier_register+0x200/0x200 [ 405.200920] ? __switch_to_asm+0x34/0x70 [ 405.205003] ? __switch_to_asm+0x34/0x70 [ 405.209071] ? __switch_to_asm+0x40/0x70 [ 405.213157] __should_failslab+0x124/0x180 [ 405.217460] should_failslab+0x9/0x14 [ 405.221272] kmem_cache_alloc_node+0x26e/0x730 [ 405.225866] ? __schedule+0x8d7/0x21d0 [ 405.229786] __alloc_skb+0x114/0x770 [ 405.233557] ? netdev_alloc_frag+0x1f0/0x1f0 [ 405.237979] ? perf_trace_sched_process_exec+0x860/0x860 [ 405.243451] ? lock_downgrade+0x900/0x900 [ 405.247620] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.253203] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 405.258675] sock_wmalloc+0x16d/0x1f0 [ 405.262490] ? skb_set_owner_w+0x360/0x360 [ 405.266731] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.272292] ? _copy_from_user+0xdf/0x150 [ 405.276462] pppol2tp_sendmsg+0x23d/0x6c0 [ 405.280624] ? apparmor_socket_sendmsg+0x29/0x30 [ 405.285395] ? pppol2tp_getsockopt+0x940/0x940 [ 405.289991] sock_sendmsg+0xd5/0x120 [ 405.293721] ___sys_sendmsg+0x51d/0x930 [ 405.297705] ? graph_lock+0x270/0x270 [ 405.301555] ? copy_msghdr_from_user+0x580/0x580 [ 405.306339] ? get_pid_task+0xd6/0x1a0 [ 405.310242] ? find_held_lock+0x36/0x1c0 [ 405.314329] ? __might_fault+0x12b/0x1e0 [ 405.318401] ? lock_downgrade+0x900/0x900 [ 405.322575] ? perf_trace_sched_process_exec+0x860/0x860 [ 405.328040] __sys_sendmmsg+0x246/0x6d0 [ 405.332048] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 405.336424] ? __lock_is_held+0xb5/0x140 [ 405.340503] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.346052] ? check_preemption_disabled+0x48/0x280 [ 405.351094] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 405.356654] ? fput+0x130/0x1a0 [ 405.359949] ? do_syscall_64+0x9a/0x820 [ 405.363933] ? do_syscall_64+0x9a/0x820 [ 405.367921] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 405.372521] ? trace_hardirqs_on+0xbd/0x310 [ 405.376852] ? __ia32_sys_read+0xb0/0xb0 [ 405.380960] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 405.386342] ? trace_hardirqs_off_caller+0x300/0x300 [ 405.391504] __x64_sys_sendmmsg+0x9d/0x100 [ 405.395746] do_syscall_64+0x1b9/0x820 [ 405.399641] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 405.405017] ? syscall_return_slowpath+0x5e0/0x5e0 [ 405.409955] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.414815] ? trace_hardirqs_on_caller+0x310/0x310 [ 405.419859] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 405.424901] ? prepare_exit_to_usermode+0x291/0x3b0 [ 405.429939] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.434807] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 405.440041] RIP: 0033:0x457569 [ 405.443248] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:03:50 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x100) r1 = socket(0x18, 0x0, 0x1) r2 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0xffff, 0x10000) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r2, 0x0, 0xe, 0x4, &(0x7f0000000100)="a319edb4e0296e0851d89797af99", &(0x7f0000000140)=""/4, 0x2}, 0x28) io_setup(0x1, &(0x7f0000000080)=0x0) ioctl$void(r0, 0x5451) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 405.462168] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 405.469899] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 405.477182] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 405.484474] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 405.491749] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 405.499025] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:50 executing program 3 (fault-call:5 fault-nth:13): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 405.587105] FAT-fs (loop4): bogus number of reserved sectors [ 405.592950] FAT-fs (loop4): Can't find a valid FAT filesystem [ 405.641609] FAULT_INJECTION: forcing a failure. [ 405.641609] name failslab, interval 1, probability 0, space 0, times 0 [ 405.654535] CPU: 1 PID: 20087 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 405.663146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.672501] Call Trace: [ 405.675101] dump_stack+0x244/0x39d [ 405.678770] ? dump_stack_print_info.cold.1+0x20/0x20 [ 405.683967] ? __x64_sys_sendmmsg+0x9d/0x100 [ 405.688400] ? do_syscall_64+0x1b9/0x820 [ 405.692476] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 405.697855] ? kasan_check_read+0x11/0x20 [ 405.702053] should_fail.cold.4+0xa/0x17 [ 405.706128] ? trace_hardirqs_on+0xbd/0x310 [ 405.710461] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 405.715571] ? __lock_acquire+0x62f/0x4c20 [ 405.719813] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.725388] ? mark_held_locks+0x130/0x130 [ 405.729652] ? find_held_lock+0x36/0x1c0 [ 405.733748] ? perf_trace_sched_process_exec+0x860/0x860 [ 405.739203] ? graph_lock+0x270/0x270 [ 405.743004] ? kfree_skb+0x1c3/0x580 [ 405.746736] ? __kfree_skb+0x20/0x20 [ 405.750463] __should_failslab+0x124/0x180 [ 405.754705] should_failslab+0x9/0x14 [ 405.758523] kmem_cache_alloc_node+0x26e/0x730 [ 405.763108] ? find_held_lock+0x36/0x1c0 [ 405.767221] __alloc_skb+0x114/0x770 [ 405.770940] ? netdev_alloc_frag+0x1f0/0x1f0 [ 405.775354] ? perf_trace_sched_process_exec+0x860/0x860 [ 405.780808] ? lock_downgrade+0x900/0x900 [ 405.784997] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.790538] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 405.796016] sock_wmalloc+0x16d/0x1f0 [ 405.799838] ? skb_set_owner_w+0x360/0x360 [ 405.804069] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.809605] ? _copy_from_user+0xdf/0x150 [ 405.813766] pppol2tp_sendmsg+0x23d/0x6c0 [ 405.817953] ? apparmor_socket_sendmsg+0x29/0x30 [ 405.822715] ? pppol2tp_getsockopt+0x940/0x940 [ 405.827308] sock_sendmsg+0xd5/0x120 [ 405.831034] ___sys_sendmsg+0x51d/0x930 [ 405.835020] ? graph_lock+0x270/0x270 [ 405.838850] ? copy_msghdr_from_user+0x580/0x580 [ 405.843631] ? get_pid_task+0xd6/0x1a0 [ 405.847548] ? find_held_lock+0x36/0x1c0 [ 405.851647] ? __might_fault+0x12b/0x1e0 [ 405.855721] ? lock_downgrade+0x900/0x900 [ 405.859905] ? perf_trace_sched_process_exec+0x860/0x860 [ 405.865377] __sys_sendmmsg+0x246/0x6d0 [ 405.869366] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 405.873713] ? __lock_is_held+0xb5/0x140 [ 405.877790] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.883332] ? check_preemption_disabled+0x48/0x280 [ 405.888390] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 405.893939] ? fput+0x130/0x1a0 [ 405.897251] ? do_syscall_64+0x9a/0x820 [ 405.901238] ? do_syscall_64+0x9a/0x820 [ 405.905237] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 405.909843] ? trace_hardirqs_on+0xbd/0x310 [ 405.914180] ? __ia32_sys_read+0xb0/0xb0 [ 405.918258] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 405.923637] ? trace_hardirqs_off_caller+0x300/0x300 [ 405.928785] __x64_sys_sendmmsg+0x9d/0x100 [ 405.933068] do_syscall_64+0x1b9/0x820 [ 405.936963] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 405.942339] ? syscall_return_slowpath+0x5e0/0x5e0 [ 405.947277] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.952151] ? trace_hardirqs_on_caller+0x310/0x310 [ 405.957203] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 405.962235] ? prepare_exit_to_usermode+0x291/0x3b0 [ 405.967269] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.972144] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 405.977347] RIP: 0033:0x457569 [ 405.980549] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 405.999454] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 406.007173] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 406.014449] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 406.021722] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 406.028996] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 406.036283] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:51 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x608], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:51 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdou\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:51 executing program 3 (fault-call:5 fault-nth:14): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 406.119961] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 406.179078] FAULT_INJECTION: forcing a failure. [ 406.179078] name failslab, interval 1, probability 0, space 0, times 0 [ 406.190361] CPU: 0 PID: 20101 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 406.198953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.208322] Call Trace: [ 406.210943] dump_stack+0x244/0x39d [ 406.214593] ? dump_stack_print_info.cold.1+0x20/0x20 [ 406.219804] ? is_bpf_text_address+0xac/0x170 [ 406.224320] should_fail.cold.4+0xa/0x17 [ 406.228402] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 406.233524] ? rcu_read_unlock_special+0x370/0x370 [ 406.238458] ? rcu_softirq_qs+0x20/0x20 [ 406.242445] ? unwind_dump+0x190/0x190 [ 406.246355] ? kernel_text_address+0x79/0xf0 [ 406.250787] ? __lock_acquire+0x62f/0x4c20 [ 406.255032] ? __save_stack_trace+0x8d/0xf0 [ 406.259392] ? mark_held_locks+0x130/0x130 [ 406.263642] ? save_stack+0x43/0xd0 [ 406.267281] ? __kmalloc_node_track_caller+0x50/0x70 [ 406.272399] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 406.277338] ? __alloc_skb+0x150/0x770 [ 406.281238] ? sock_wmalloc+0x16d/0x1f0 [ 406.285221] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 406.289548] ? sock_sendmsg+0xd5/0x120 [ 406.293444] ? ___sys_sendmsg+0x51d/0x930 [ 406.297606] ? __sys_sendmmsg+0x246/0x6d0 [ 406.301765] ? __x64_sys_sendmmsg+0x9d/0x100 [ 406.306187] ? do_syscall_64+0x1b9/0x820 [ 406.310306] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 406.315690] __should_failslab+0x124/0x180 [ 406.319936] should_failslab+0x9/0x14 [ 406.323748] kmem_cache_alloc_node_trace+0x5a/0x740 [ 406.328798] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 406.334363] __kmalloc_node_track_caller+0x3c/0x70 [ 406.339315] __kmalloc_reserve.isra.38+0x41/0xe0 [ 406.344087] pskb_expand_head+0x230/0x10f0 [ 406.348345] ? kasan_kmalloc+0xc7/0xe0 [ 406.352274] ? skb_release_data+0x880/0x880 [ 406.356616] ? __might_fault+0x12b/0x1e0 [ 406.360696] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 406.366246] ? iov_iter_advance+0x306/0x13f0 [ 406.370670] ? lock_release+0xa10/0xa10 [ 406.374651] ? perf_trace_sched_process_exec+0x860/0x860 [ 406.380107] ? once_deferred+0xa0/0xa0 [ 406.384036] ? perf_trace_sched_process_exec+0x860/0x860 [ 406.389499] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 406.394364] l2tp_xmit_skb+0x106b/0x1670 [ 406.398452] ? l2tp_recv_common+0x1d40/0x1d40 [ 406.402952] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 406.408495] ? _copy_from_user+0xdf/0x150 [ 406.412656] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 406.417001] pppol2tp_sendmsg+0x4b1/0x6c0 [ 406.421162] ? apparmor_socket_sendmsg+0x29/0x30 [ 406.425928] ? pppol2tp_getsockopt+0x940/0x940 [ 406.430518] sock_sendmsg+0xd5/0x120 [ 406.434244] ___sys_sendmsg+0x51d/0x930 [ 406.438229] ? graph_lock+0x270/0x270 [ 406.442043] ? copy_msghdr_from_user+0x580/0x580 [ 406.446815] ? get_pid_task+0xd6/0x1a0 [ 406.450720] ? find_held_lock+0x36/0x1c0 [ 406.454803] ? __might_fault+0x12b/0x1e0 [ 406.458889] ? lock_downgrade+0x900/0x900 [ 406.463064] ? perf_trace_sched_process_exec+0x860/0x860 [ 406.468541] __sys_sendmmsg+0x246/0x6d0 [ 406.472535] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 406.476873] ? __lock_is_held+0xb5/0x140 [ 406.480951] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 406.486594] ? check_preemption_disabled+0x48/0x280 [ 406.491642] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 406.497191] ? fput+0x130/0x1a0 [ 406.500482] ? do_syscall_64+0x9a/0x820 [ 406.504470] ? do_syscall_64+0x9a/0x820 [ 406.508458] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 406.513056] ? trace_hardirqs_on+0xbd/0x310 [ 406.517394] ? __ia32_sys_read+0xb0/0xb0 [ 406.521472] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 406.526845] ? trace_hardirqs_off_caller+0x300/0x300 [ 406.531967] __x64_sys_sendmmsg+0x9d/0x100 [ 406.536220] do_syscall_64+0x1b9/0x820 [ 406.540127] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 406.545507] ? syscall_return_slowpath+0x5e0/0x5e0 [ 406.550446] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.555305] ? trace_hardirqs_on_caller+0x310/0x310 [ 406.560334] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 406.565360] ? prepare_exit_to_usermode+0x291/0x3b0 [ 406.570407] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.575270] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 406.580468] RIP: 0033:0x457569 [ 406.583671] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 406.602576] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 406.610293] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 406.617565] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:03:51 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e055000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:51 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x0, &(0x7f0000000100)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:51 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7305", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xf5ffffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 406.624839] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 406.632127] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 406.639410] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:52 executing program 3 (fault-call:5 fault-nth:15): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 406.685657] minix_free_inode: bit 1 already cleared 10:03:52 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) io_setup(0x3, &(0x7f0000000040)) 10:03:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x1000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:52 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdot\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 406.887006] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 406.887777] FAULT_INJECTION: forcing a failure. [ 406.887777] name failslab, interval 1, probability 0, space 0, times 0 [ 406.911870] CPU: 1 PID: 20126 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 406.920472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.920478] Call Trace: [ 406.920500] dump_stack+0x244/0x39d [ 406.920522] ? dump_stack_print_info.cold.1+0x20/0x20 [ 406.920543] ? __x64_sys_sendmmsg+0x9d/0x100 [ 406.941274] ? do_syscall_64+0x1b9/0x820 [ 406.941294] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 406.941315] ? kasan_check_read+0x11/0x20 [ 406.949776] should_fail.cold.4+0xa/0x17 [ 406.949794] ? trace_hardirqs_on+0xbd/0x310 [ 406.949815] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 406.959309] ? __lock_acquire+0x62f/0x4c20 [ 406.959330] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 406.959359] ? mark_held_locks+0x130/0x130 [ 406.986824] ? find_held_lock+0x36/0x1c0 [ 406.990956] ? perf_trace_sched_process_exec+0x860/0x860 [ 406.996412] ? graph_lock+0x270/0x270 [ 407.000237] ? kfree_skb+0x1c3/0x580 [ 407.003960] ? __kfree_skb+0x20/0x20 [ 407.007694] __should_failslab+0x124/0x180 [ 407.011944] should_failslab+0x9/0x14 [ 407.015757] kmem_cache_alloc_node+0x26e/0x730 [ 407.020352] ? find_held_lock+0x36/0x1c0 [ 407.024431] __alloc_skb+0x114/0x770 [ 407.028185] ? netdev_alloc_frag+0x1f0/0x1f0 [ 407.032614] ? perf_trace_sched_process_exec+0x860/0x860 [ 407.038076] ? lock_downgrade+0x900/0x900 [ 407.042251] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 407.047807] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 407.053280] sock_wmalloc+0x16d/0x1f0 [ 407.057096] ? skb_set_owner_w+0x360/0x360 [ 407.061351] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 407.066905] ? _copy_from_user+0xdf/0x150 [ 407.071077] pppol2tp_sendmsg+0x23d/0x6c0 [ 407.075251] ? apparmor_socket_sendmsg+0x29/0x30 [ 407.080031] ? pppol2tp_getsockopt+0x940/0x940 [ 407.084629] sock_sendmsg+0xd5/0x120 [ 407.088355] ___sys_sendmsg+0x51d/0x930 [ 407.092342] ? graph_lock+0x270/0x270 [ 407.096180] ? copy_msghdr_from_user+0x580/0x580 [ 407.100943] ? get_pid_task+0xd6/0x1a0 [ 407.104898] ? find_held_lock+0x36/0x1c0 [ 407.108978] ? __might_fault+0x12b/0x1e0 [ 407.113057] ? lock_downgrade+0x900/0x900 [ 407.117234] ? perf_trace_sched_process_exec+0x860/0x860 [ 407.122700] __sys_sendmmsg+0x246/0x6d0 [ 407.126698] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 407.131034] ? __lock_is_held+0xb5/0x140 [ 407.135107] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 407.140661] ? check_preemption_disabled+0x48/0x280 [ 407.145700] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 407.151249] ? fput+0x130/0x1a0 [ 407.154540] ? do_syscall_64+0x9a/0x820 [ 407.158536] ? do_syscall_64+0x9a/0x820 [ 407.162523] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 407.167130] ? trace_hardirqs_on+0xbd/0x310 [ 407.171459] ? __ia32_sys_read+0xb0/0xb0 [ 407.175530] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 407.180908] ? trace_hardirqs_off_caller+0x300/0x300 [ 407.186103] __x64_sys_sendmmsg+0x9d/0x100 [ 407.190386] do_syscall_64+0x1b9/0x820 [ 407.194314] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 407.199695] ? syscall_return_slowpath+0x5e0/0x5e0 [ 407.204671] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.209553] ? trace_hardirqs_on_caller+0x310/0x310 [ 407.214579] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 407.219604] ? prepare_exit_to_usermode+0x291/0x3b0 [ 407.224640] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.229501] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 407.234693] RIP: 0033:0x457569 [ 407.237907] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 407.256814] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 407.264523] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 407.271794] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 407.279078] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 10:03:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xf0], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:52 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdosg', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:52 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e014000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:52 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0xffffffffffffffeb, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 407.286393] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 407.293688] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 407.325614] minix_free_inode: bit 1 already cleared 10:03:52 executing program 3 (fault-call:5 fault-nth:16): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 407.467856] FAULT_INJECTION: forcing a failure. [ 407.467856] name failslab, interval 1, probability 0, space 0, times 0 [ 407.479147] CPU: 0 PID: 20147 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 407.487774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.497150] Call Trace: [ 407.499746] dump_stack+0x244/0x39d [ 407.503389] ? dump_stack_print_info.cold.1+0x20/0x20 [ 407.508586] ? is_bpf_text_address+0xac/0x170 [ 407.513090] should_fail.cold.4+0xa/0x17 10:03:52 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdoo\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x86ddffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x58000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 407.517424] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 407.522694] ? rcu_read_unlock_special+0x370/0x370 [ 407.527638] ? rcu_softirq_qs+0x20/0x20 [ 407.531659] ? unwind_dump+0x190/0x190 [ 407.535586] ? kernel_text_address+0x79/0xf0 [ 407.540035] ? __lock_acquire+0x62f/0x4c20 [ 407.544273] ? __save_stack_trace+0x8d/0xf0 [ 407.548608] ? mark_held_locks+0x130/0x130 [ 407.552881] ? save_stack+0x43/0xd0 [ 407.556502] ? __kmalloc_node_track_caller+0x50/0x70 [ 407.561606] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 407.561618] ? __alloc_skb+0x150/0x770 [ 407.561631] ? sock_wmalloc+0x16d/0x1f0 [ 407.561645] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 407.561657] ? sock_sendmsg+0xd5/0x120 [ 407.561668] ? ___sys_sendmsg+0x51d/0x930 [ 407.561680] ? __sys_sendmmsg+0x246/0x6d0 [ 407.561692] ? __x64_sys_sendmmsg+0x9d/0x100 [ 407.561710] ? do_syscall_64+0x1b9/0x820 [ 407.570528] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 407.570614] ? bpf_dentry_finalize+0x68/0xb0 [ 407.570632] __should_failslab+0x124/0x180 [ 407.579018] should_failslab+0x9/0x14 [ 407.579033] kmem_cache_alloc_node_trace+0x5a/0x740 [ 407.579051] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 407.579072] __kmalloc_node_track_caller+0x3c/0x70 [ 407.579087] __kmalloc_reserve.isra.38+0x41/0xe0 [ 407.579105] pskb_expand_head+0x230/0x10f0 [ 407.595695] ? kasan_kmalloc+0xc7/0xe0 [ 407.595721] ? skb_release_data+0x880/0x880 [ 407.595744] ? __might_fault+0x12b/0x1e0 [ 407.595764] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 407.595781] ? iov_iter_advance+0x306/0x13f0 [ 407.595813] ? lock_release+0xa10/0xa10 [ 407.595828] ? perf_trace_sched_process_exec+0x860/0x860 [ 407.595843] ? once_deferred+0xa0/0xa0 [ 407.595861] ? perf_trace_sched_process_exec+0x860/0x860 [ 407.609736] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 407.609760] l2tp_xmit_skb+0x106b/0x1670 [ 407.609786] ? l2tp_recv_common+0x1d40/0x1d40 [ 407.609802] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 407.609817] ? _copy_from_user+0xdf/0x150 [ 407.609836] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 407.623013] pppol2tp_sendmsg+0x4b1/0x6c0 [ 407.623033] ? apparmor_socket_sendmsg+0x29/0x30 [ 407.623051] ? pppol2tp_getsockopt+0x940/0x940 [ 407.623068] sock_sendmsg+0xd5/0x120 [ 407.623100] ___sys_sendmsg+0x51d/0x930 [ 407.623114] ? graph_lock+0x270/0x270 [ 407.623155] ? copy_msghdr_from_user+0x580/0x580 [ 407.740530] ? get_pid_task+0xd6/0x1a0 [ 407.744431] ? find_held_lock+0x36/0x1c0 [ 407.748508] ? __might_fault+0x12b/0x1e0 [ 407.752590] ? lock_downgrade+0x900/0x900 [ 407.756766] ? perf_trace_sched_process_exec+0x860/0x860 [ 407.762242] __sys_sendmmsg+0x246/0x6d0 [ 407.766237] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 407.770573] ? __lock_is_held+0xb5/0x140 [ 407.774666] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 407.780214] ? check_preemption_disabled+0x48/0x280 [ 407.785254] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 407.790796] ? fput+0x130/0x1a0 [ 407.794079] ? do_syscall_64+0x9a/0x820 [ 407.798056] ? do_syscall_64+0x9a/0x820 [ 407.802109] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 407.806717] ? trace_hardirqs_on+0xbd/0x310 [ 407.811052] ? __ia32_sys_read+0xb0/0xb0 [ 407.815142] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 407.820506] ? trace_hardirqs_off_caller+0x300/0x300 [ 407.825622] __x64_sys_sendmmsg+0x9d/0x100 [ 407.829857] do_syscall_64+0x1b9/0x820 [ 407.833745] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 407.839108] ? syscall_return_slowpath+0x5e0/0x5e0 [ 407.844049] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.848909] ? trace_hardirqs_on_caller+0x310/0x310 [ 407.853939] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 407.858961] ? prepare_exit_to_usermode+0x291/0x3b0 [ 407.863978] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.868827] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 407.874009] RIP: 0033:0x457569 [ 407.877214] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 407.896109] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 407.903820] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 407.911096] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:03:53 executing program 3 (fault-call:5 fault-nth:17): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 407.918364] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 407.925668] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 407.932952] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 407.952705] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:53 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x8000, 0x0) ioctl$RTC_VL_READ(r3, 0x80047013, &(0x7f0000000100)) 10:03:53 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x2800], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:53 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e010000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 408.060992] FAULT_INJECTION: forcing a failure. [ 408.060992] name failslab, interval 1, probability 0, space 0, times 0 [ 408.073113] CPU: 0 PID: 20168 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 408.081699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.091061] Call Trace: [ 408.093669] dump_stack+0x244/0x39d [ 408.097312] ? dump_stack_print_info.cold.1+0x20/0x20 [ 408.102534] should_fail.cold.4+0xa/0x17 [ 408.106601] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 408.111726] ? __save_stack_trace+0x8d/0xf0 [ 408.116066] ? save_stack+0xa9/0xd0 [ 408.119696] ? save_stack+0x43/0xd0 [ 408.123342] ? find_held_lock+0x36/0x1c0 [ 408.127454] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.132949] ? check_preemption_disabled+0x48/0x280 [ 408.137967] __should_failslab+0x124/0x180 [ 408.142200] should_failslab+0x9/0x14 [ 408.146009] kmem_cache_alloc_node_trace+0x270/0x740 [ 408.151139] __kmalloc_node_track_caller+0x3c/0x70 [ 408.156069] __kmalloc_reserve.isra.38+0x41/0xe0 [ 408.160823] __alloc_skb+0x150/0x770 [ 408.164564] ? netdev_alloc_frag+0x1f0/0x1f0 [ 408.168977] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.174426] ? lock_downgrade+0x900/0x900 [ 408.178583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.184134] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 408.189608] sock_wmalloc+0x16d/0x1f0 [ 408.193413] ? skb_set_owner_w+0x360/0x360 [ 408.197645] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.203218] ? _copy_from_user+0xdf/0x150 [ 408.207369] pppol2tp_sendmsg+0x23d/0x6c0 [ 408.211532] ? apparmor_socket_sendmsg+0x29/0x30 [ 408.216299] ? pppol2tp_getsockopt+0x940/0x940 [ 408.220893] sock_sendmsg+0xd5/0x120 [ 408.224617] ___sys_sendmsg+0x51d/0x930 [ 408.228633] ? graph_lock+0x270/0x270 [ 408.232438] ? copy_msghdr_from_user+0x580/0x580 [ 408.237208] ? get_pid_task+0xd6/0x1a0 [ 408.241097] ? find_held_lock+0x36/0x1c0 [ 408.245187] ? __might_fault+0x12b/0x1e0 [ 408.249267] ? lock_downgrade+0x900/0x900 [ 408.253429] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.259020] __sys_sendmmsg+0x246/0x6d0 [ 408.263003] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 408.267323] ? __lock_is_held+0xb5/0x140 [ 408.271392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.276928] ? check_preemption_disabled+0x48/0x280 [ 408.281951] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 408.287485] ? fput+0x130/0x1a0 [ 408.290764] ? do_syscall_64+0x9a/0x820 [ 408.294737] ? do_syscall_64+0x9a/0x820 [ 408.298720] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 408.303328] ? trace_hardirqs_on+0xbd/0x310 [ 408.307646] ? __ia32_sys_read+0xb0/0xb0 [ 408.311734] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 408.317096] ? trace_hardirqs_off_caller+0x300/0x300 [ 408.322217] __x64_sys_sendmmsg+0x9d/0x100 [ 408.326486] do_syscall_64+0x1b9/0x820 [ 408.330376] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 408.335757] ? syscall_return_slowpath+0x5e0/0x5e0 [ 408.340684] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.345520] ? trace_hardirqs_on_caller+0x310/0x310 [ 408.350534] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 408.355549] ? prepare_exit_to_usermode+0x291/0x3b0 [ 408.360565] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.365414] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 408.370597] RIP: 0033:0x457569 [ 408.373783] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 408.392677] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 408.400390] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 408.407686] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 408.414984] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 408.422264] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 408.429535] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:53 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\n', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 408.468428] minix_free_inode: bit 1 already cleared 10:03:53 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdo*\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:53 executing program 3 (fault-call:5 fault-nth:18): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:53 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x3a00000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:53 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) r1 = perf_event_open$cgroup(&(0x7f0000000100)={0x1, 0x70, 0x9, 0x200, 0x5, 0x40, 0x0, 0x20, 0x0, 0x4, 0x2, 0x459f, 0x1ff8, 0x0, 0x8, 0x9, 0x7ff, 0x6, 0x81, 0x0, 0xfffffffffffffff8, 0xfcb, 0x6, 0x9, 0x7fff, 0x9, 0x21d, 0xc0, 0x1, 0x180dca79, 0x4, 0x10001, 0x30, 0xdd6, 0x8000, 0x6, 0x9, 0x5, 0x0, 0x8, 0x4, @perf_config_ext={0x56d4, 0x10000}, 0x20008, 0x0, 0x3, 0x6, 0x9, 0x6, 0x3}, 0xffffffffffffff9c, 0xd, 0xffffffffffffffff, 0x7) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x9) r2 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) getpeername$packet(r2, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14) bind$xdp(r2, &(0x7f0000000240)={0x2c, 0x7, r4, 0x4, r2}, 0x10) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000040)=0x3f, 0x4) [ 408.730354] FAULT_INJECTION: forcing a failure. [ 408.730354] name failslab, interval 1, probability 0, space 0, times 0 [ 408.751027] CPU: 1 PID: 20192 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 408.759619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.768964] Call Trace: [ 408.771572] dump_stack+0x244/0x39d [ 408.775241] ? dump_stack_print_info.cold.1+0x20/0x20 [ 408.780450] ? __x64_sys_sendmmsg+0x9d/0x100 [ 408.784895] ? do_syscall_64+0x1b9/0x820 [ 408.788978] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 408.794346] ? kasan_check_read+0x11/0x20 [ 408.798519] should_fail.cold.4+0xa/0x17 [ 408.802587] ? trace_hardirqs_on+0xbd/0x310 [ 408.806925] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 408.812030] ? __lock_acquire+0x62f/0x4c20 [ 408.816267] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.821823] ? mark_held_locks+0x130/0x130 [ 408.826064] ? find_held_lock+0x36/0x1c0 [ 408.830163] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.835613] ? graph_lock+0x270/0x270 [ 408.839426] ? kfree_skb+0x1c3/0x580 [ 408.843159] ? __kfree_skb+0x20/0x20 [ 408.846901] __should_failslab+0x124/0x180 [ 408.851158] should_failslab+0x9/0x14 [ 408.855014] kmem_cache_alloc_node+0x26e/0x730 [ 408.859594] ? find_held_lock+0x36/0x1c0 [ 408.863678] __alloc_skb+0x114/0x770 [ 408.867402] ? netdev_alloc_frag+0x1f0/0x1f0 [ 408.871817] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.877268] ? lock_downgrade+0x900/0x900 [ 408.881442] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.886980] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 408.892441] sock_wmalloc+0x16d/0x1f0 [ 408.896247] ? skb_set_owner_w+0x360/0x360 [ 408.900485] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.906033] ? _copy_from_user+0xdf/0x150 [ 408.910212] pppol2tp_sendmsg+0x23d/0x6c0 [ 408.914383] ? apparmor_socket_sendmsg+0x29/0x30 [ 408.919156] ? pppol2tp_getsockopt+0x940/0x940 [ 408.923775] sock_sendmsg+0xd5/0x120 [ 408.927497] ___sys_sendmsg+0x51d/0x930 [ 408.931477] ? graph_lock+0x270/0x270 [ 408.935284] ? copy_msghdr_from_user+0x580/0x580 [ 408.940072] ? get_pid_task+0xd6/0x1a0 [ 408.943989] ? find_held_lock+0x36/0x1c0 [ 408.948057] ? __might_fault+0x12b/0x1e0 [ 408.952147] ? lock_downgrade+0x900/0x900 [ 408.956314] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.961772] __sys_sendmmsg+0x246/0x6d0 [ 408.965759] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 408.970083] ? __lock_is_held+0xb5/0x140 [ 408.974161] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.979697] ? check_preemption_disabled+0x48/0x280 [ 408.984740] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 408.990278] ? fput+0x130/0x1a0 [ 408.993583] ? do_syscall_64+0x9a/0x820 [ 408.997574] ? do_syscall_64+0x9a/0x820 [ 409.001549] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 409.006169] ? trace_hardirqs_on+0xbd/0x310 [ 409.010496] ? __ia32_sys_read+0xb0/0xb0 [ 409.014559] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 409.019942] ? trace_hardirqs_off_caller+0x300/0x300 [ 409.025054] __x64_sys_sendmmsg+0x9d/0x100 [ 409.029299] do_syscall_64+0x1b9/0x820 [ 409.033234] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 409.038616] ? syscall_return_slowpath+0x5e0/0x5e0 [ 409.043543] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.048386] ? trace_hardirqs_on_caller+0x310/0x310 [ 409.053420] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 409.058439] ? prepare_exit_to_usermode+0x291/0x3b0 [ 409.063459] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.068354] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 409.073542] RIP: 0033:0x457569 [ 409.076730] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 409.095627] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 409.103331] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 409.110600] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 409.117866] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 409.125184] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 10:03:54 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8864000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:54 executing program 3 (fault-call:5 fault-nth:19): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 409.132498] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:54 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x0, 0x0) setsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000000140)={@local, @local, @local}, 0xc) ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000100)={0x3, 0x7}) io_setup(0x1, &(0x7f0000000080)=0x0) ioctl$TUNSETNOCSUM(r2, 0x400454c8, 0x1) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:54 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 409.235082] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:03:54 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x2800000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:54 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdo+\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 409.296405] FAULT_INJECTION: forcing a failure. [ 409.296405] name failslab, interval 1, probability 0, space 0, times 0 10:03:54 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e009000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 409.359560] FAT-fs (loop4): bogus number of reserved sectors [ 409.366378] CPU: 1 PID: 20205 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 409.374955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.375350] FAT-fs (loop4): Can't find a valid FAT filesystem [ 409.384311] Call Trace: [ 409.392754] dump_stack+0x244/0x39d [ 409.396424] ? dump_stack_print_info.cold.1+0x20/0x20 [ 409.401624] ? __x64_sys_sendmmsg+0x9d/0x100 [ 409.406026] ? do_syscall_64+0x1b9/0x820 [ 409.410088] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 409.415458] ? kasan_check_read+0x11/0x20 [ 409.419608] should_fail.cold.4+0xa/0x17 [ 409.423710] ? trace_hardirqs_on+0xbd/0x310 [ 409.428052] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 409.433191] ? __lock_acquire+0x62f/0x4c20 [ 409.437428] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.442980] ? mark_held_locks+0x130/0x130 [ 409.447264] ? find_held_lock+0x36/0x1c0 [ 409.451406] ? perf_trace_sched_process_exec+0x860/0x860 [ 409.456876] ? graph_lock+0x270/0x270 [ 409.460701] ? kfree_skb+0x1c3/0x580 [ 409.464427] ? __kfree_skb+0x20/0x20 [ 409.468178] __should_failslab+0x124/0x180 [ 409.472449] should_failslab+0x9/0x14 [ 409.476293] kmem_cache_alloc_node+0x26e/0x730 [ 409.480877] ? find_held_lock+0x36/0x1c0 [ 409.484948] __alloc_skb+0x114/0x770 [ 409.488666] ? netdev_alloc_frag+0x1f0/0x1f0 [ 409.493090] ? perf_trace_sched_process_exec+0x860/0x860 [ 409.498548] ? lock_downgrade+0x900/0x900 [ 409.502718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 10:03:54 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x43050000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 409.508281] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 409.513751] sock_wmalloc+0x16d/0x1f0 [ 409.517698] ? skb_set_owner_w+0x360/0x360 [ 409.521930] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.527464] ? _copy_from_user+0xdf/0x150 [ 409.531649] pppol2tp_sendmsg+0x23d/0x6c0 [ 409.535801] ? apparmor_socket_sendmsg+0x29/0x30 [ 409.540589] ? pppol2tp_getsockopt+0x940/0x940 [ 409.545169] sock_sendmsg+0xd5/0x120 [ 409.548897] ___sys_sendmsg+0x51d/0x930 [ 409.552868] ? graph_lock+0x270/0x270 [ 409.556692] ? copy_msghdr_from_user+0x580/0x580 [ 409.561445] ? get_pid_task+0xd6/0x1a0 [ 409.565352] ? find_held_lock+0x36/0x1c0 [ 409.569420] ? __might_fault+0x12b/0x1e0 [ 409.573487] ? lock_downgrade+0x900/0x900 [ 409.577679] ? perf_trace_sched_process_exec+0x860/0x860 [ 409.583167] __sys_sendmmsg+0x246/0x6d0 [ 409.587177] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 409.591543] ? __lock_is_held+0xb5/0x140 [ 409.595621] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.601186] ? check_preemption_disabled+0x48/0x280 [ 409.606221] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 409.611767] ? fput+0x130/0x1a0 [ 409.615050] ? do_syscall_64+0x9a/0x820 [ 409.619027] ? do_syscall_64+0x9a/0x820 [ 409.623007] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 409.627612] ? trace_hardirqs_on+0xbd/0x310 [ 409.631941] ? __ia32_sys_read+0xb0/0xb0 [ 409.636005] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 409.641371] ? trace_hardirqs_off_caller+0x300/0x300 [ 409.646478] __x64_sys_sendmmsg+0x9d/0x100 [ 409.650715] do_syscall_64+0x1b9/0x820 [ 409.654611] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 409.659986] ? syscall_return_slowpath+0x5e0/0x5e0 [ 409.664918] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.669792] ? trace_hardirqs_on_caller+0x310/0x310 [ 409.674809] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 409.679825] ? prepare_exit_to_usermode+0x291/0x3b0 [ 409.684845] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.689694] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 409.694891] RIP: 0033:0x457569 [ 409.698086] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 409.717005] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 409.724711] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 409.731974] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 409.739683] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 409.746950] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 10:03:55 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x800, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x1, 0x8001, 0x3, 0x80000001, 0x11, r1, 0xc25d}, 0x2c) r2 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) 10:03:55 executing program 3 (fault-call:5 fault-nth:20): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:55 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0xf0ffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 409.754220] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 409.775599] minix_free_inode: bit 1 already cleared [ 409.782547] FAT-fs (loop4): bogus number of reserved sectors [ 409.796568] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:55 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:55 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdoX\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 410.017107] FAULT_INJECTION: forcing a failure. [ 410.017107] name failslab, interval 1, probability 0, space 0, times 0 [ 410.044916] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 410.075515] CPU: 0 PID: 20231 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 410.084098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.093448] Call Trace: [ 410.093481] dump_stack+0x244/0x39d [ 410.093499] ? dump_stack_print_info.cold.1+0x20/0x20 [ 410.093522] should_fail.cold.4+0xa/0x17 [ 410.093537] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 410.104933] ? __save_stack_trace+0x8d/0xf0 [ 410.104992] ? save_stack+0xa9/0xd0 [ 410.105007] ? save_stack+0x43/0xd0 [ 410.105039] ? find_held_lock+0x36/0x1c0 [ 410.122203] ? ieee80211_rx_handlers+0xa1b8/0xb420 [ 410.122224] ? ieee80211_rx_handlers+0xa1b8/0xb420 [ 410.129878] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.129895] ? check_preemption_disabled+0x48/0x280 [ 410.129912] __should_failslab+0x124/0x180 [ 410.129929] should_failslab+0x9/0x14 [ 410.129942] kmem_cache_alloc_node_trace+0x270/0x740 [ 410.129962] __kmalloc_node_track_caller+0x3c/0x70 [ 410.136599] FAT-fs (loop4): bogus number of reserved sectors [ 410.139798] __kmalloc_reserve.isra.38+0x41/0xe0 [ 410.139814] __alloc_skb+0x150/0x770 [ 410.139830] ? netdev_alloc_frag+0x1f0/0x1f0 [ 410.139846] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.139865] ? lock_downgrade+0x900/0x900 [ 410.148673] FAT-fs (loop4): Can't find a valid FAT filesystem [ 410.150325] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.150342] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 410.150363] sock_wmalloc+0x16d/0x1f0 [ 410.150399] ? skb_set_owner_w+0x360/0x360 [ 410.150414] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 410.226967] ? _copy_from_user+0xdf/0x150 [ 410.231166] pppol2tp_sendmsg+0x23d/0x6c0 [ 410.235352] ? apparmor_socket_sendmsg+0x29/0x30 [ 410.240113] ? pppol2tp_getsockopt+0x940/0x940 [ 410.244707] sock_sendmsg+0xd5/0x120 [ 410.248463] ___sys_sendmsg+0x51d/0x930 [ 410.252454] ? graph_lock+0x270/0x270 [ 410.256283] ? copy_msghdr_from_user+0x580/0x580 [ 410.261043] ? get_pid_task+0xd6/0x1a0 [ 410.264964] ? find_held_lock+0x36/0x1c0 [ 410.269029] ? __might_fault+0x12b/0x1e0 [ 410.273091] ? lock_downgrade+0x900/0x900 [ 410.277272] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.282728] __sys_sendmmsg+0x246/0x6d0 [ 410.286711] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 410.291035] ? __lock_is_held+0xb5/0x140 [ 410.295133] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.300676] ? check_preemption_disabled+0x48/0x280 [ 410.305702] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 410.311292] ? fput+0x130/0x1a0 [ 410.314586] ? do_syscall_64+0x9a/0x820 [ 410.318562] ? do_syscall_64+0x9a/0x820 [ 410.322557] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 410.327150] ? trace_hardirqs_on+0xbd/0x310 [ 410.331489] ? __ia32_sys_read+0xb0/0xb0 [ 410.335591] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 410.340950] ? trace_hardirqs_off_caller+0x300/0x300 [ 410.346052] __x64_sys_sendmmsg+0x9d/0x100 [ 410.350285] do_syscall_64+0x1b9/0x820 [ 410.354235] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 410.359595] ? syscall_return_slowpath+0x5e0/0x5e0 [ 410.364542] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.369390] ? trace_hardirqs_on_caller+0x310/0x310 [ 410.374407] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 410.379423] ? prepare_exit_to_usermode+0x291/0x3b0 [ 410.384441] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.389302] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 410.394491] RIP: 0033:0x457569 [ 410.397677] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 410.416571] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 10:03:55 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x6000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:55 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e007000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:55 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0xa0a6, &(0x7f0000000280)=0x0) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snapshot\x00', 0x101000, 0x0) getdents(r4, &(0x7f00000002c0)=""/114, 0x72) io_submit(r3, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000040)={0x0, 0x7}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000140)={0x65, 0x200, 0x9, 0x400, r5}, &(0x7f00000001c0)=0x10) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETAW(r6, 0x5407, &(0x7f0000000200)={0x8, 0x4, 0x8, 0x916, 0x7f, 0x3, 0x1, 0x0, 0x0, 0x4}) [ 410.424321] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 410.431589] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 410.438854] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 410.446157] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 410.453451] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:55 executing program 3 (fault-call:5 fault-nth:21): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 410.522786] FAT-fs (loop4): bogus number of reserved sectors [ 410.535606] minix_free_inode: bit 1 already cleared [ 410.536694] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:55 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:56 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdop\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:56 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) tee(r0, r0, 0x5, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000003c00)={0x0, 0x68, &(0x7f0000003b80)=[@in={0x2, 0x4e22, @broadcast}, @in={0x2, 0x4e24, @loopback}, @in={0x2, 0x4e21, @multicast1}, @in6={0xa, 0x4e24, 0x3, @remote, 0xd9b}, @in6={0xa, 0x4e20, 0x4, @mcast2, 0xc6}]}, &(0x7f0000003c40)=0x10) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000003d00)={0xe264, 0x200, 0x8, 0x0, 0x0, [{r2, 0x0, 0xffff}, {r2, 0x0, 0x4}, {r1, 0x0, 0x5}, {r2, 0x0, 0x2}, {r1, 0x0, 0x4}, {r1, 0x0, 0x3}, {r1, 0x0, 0x1}, {r2, 0x0, 0x3}]}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000003c80)={r3, 0x19, "0512c157983ac1a4155355615a2a090ee9921d54aad20e851e"}, &(0x7f0000003cc0)=0x21) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r4, 0x0, 0x0) io_submit(r4, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x10, r1, 0x0) recvmmsg(r1, &(0x7f0000003880)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f00000001c0)=""/180, 0xb4}, {&(0x7f0000000100)=""/95, 0x5f}, {&(0x7f0000000280)=""/252, 0xfc}, {&(0x7f0000000040)=""/6, 0x6}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/37, 0x25}, {&(0x7f00000013c0)=""/199, 0xc7}, {&(0x7f00000014c0)=""/174, 0xae}, {&(0x7f0000001580)=""/23, 0x17}], 0x9, &(0x7f0000001680)=""/59, 0x3b}, 0xffffffffffffff00}, {{&(0x7f00000016c0)=@generic, 0x80, &(0x7f0000002ac0)=[{&(0x7f0000001740)=""/2, 0x2}, {&(0x7f0000001780)=""/30, 0x1e}, {&(0x7f00000017c0)=""/137, 0x89}, {&(0x7f0000001880)=""/4096, 0x1000}, {&(0x7f0000002880)=""/149, 0x95}, {&(0x7f0000002940)=""/49, 0x31}, {&(0x7f0000002980)=""/30, 0x1e}, {&(0x7f00000029c0)=""/208, 0xd0}], 0x8, 0x0, 0x0, 0x7fff}, 0x7a73c11a}, {{&(0x7f0000002b40)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000002d00)=[{&(0x7f0000002bc0)=""/136, 0x88}, {&(0x7f0000002c80)=""/68, 0x44}], 0x2, &(0x7f0000002d40)=""/22, 0x16}, 0x7ff}, {{&(0x7f0000002d80)=@pppol2tpv3, 0x80, &(0x7f0000003140)=[{&(0x7f0000002e00)=""/173, 0xad}, {&(0x7f0000002ec0)=""/104, 0x68}, {&(0x7f0000002f40)=""/133, 0x85}, {&(0x7f0000003000)=""/253, 0xfd}, {&(0x7f0000003100)=""/15, 0xf}], 0x5, &(0x7f00000031c0)=""/13, 0xd, 0x5}, 0x8}, {{&(0x7f0000003200)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000003680)=[{&(0x7f0000003280)=""/87, 0x57}, {&(0x7f0000003300)=""/169, 0xa9}, {&(0x7f00000033c0)=""/62, 0x3e}, {&(0x7f0000003400)=""/17, 0x11}, {&(0x7f0000003440)=""/47, 0x2f}, {&(0x7f0000003480)=""/105, 0x69}, {&(0x7f0000003500)=""/74, 0x4a}, {&(0x7f0000003580)=""/208, 0xd0}], 0x8, 0x0, 0x0, 0x200}}, {{&(0x7f0000003700)=@in={0x2, 0x0, @multicast2}, 0x80, &(0x7f00000037c0)=[{&(0x7f0000003780)=""/2, 0x2}], 0x1, &(0x7f0000003800)=""/84, 0x54, 0x6}, 0x1000}], 0x6, 0x21, &(0x7f0000003a00)={0x0, 0x989680}) sendmsg$can_raw(r2, &(0x7f0000003b40)={&(0x7f0000003a40)={0x1d, r5}, 0x10, &(0x7f0000003b00)={&(0x7f0000003a80)=@canfd={{0x1, 0x7fffffff, 0x10001, 0xd4d5}, 0x3f, 0x1, 0x0, 0x0, "e7e86f792511f3a8c93f95196935a674aee7d80491d5a9288dc8e31e52e59240e8b85ad38665f64ea08ee875b87d2a543592a280fdb1161bfda1c086b26f0f23"}, 0x48}, 0x1, 0x0, 0x0, 0x200000c4}, 0x4a0de15ab0bc06f1) 10:03:56 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:56 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x8864], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 410.760379] FAULT_INJECTION: forcing a failure. [ 410.760379] name failslab, interval 1, probability 0, space 0, times 0 [ 410.772238] CPU: 0 PID: 20264 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 410.780817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.790210] Call Trace: [ 410.792824] dump_stack+0x244/0x39d [ 410.796459] ? dump_stack_print_info.cold.1+0x20/0x20 [ 410.801655] ? graph_lock+0x270/0x270 [ 410.805467] should_fail.cold.4+0xa/0x17 [ 410.809528] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 410.814632] ? __lock_acquire+0x62f/0x4c20 [ 410.818864] ? find_held_lock+0x36/0x1c0 [ 410.822938] ? mark_held_locks+0x130/0x130 [ 410.827190] ? find_held_lock+0x36/0x1c0 [ 410.831302] ? ncsi_configure_channel+0x2d8/0x2350 [ 410.836308] ? __switch_to_asm+0x34/0x70 [ 410.840413] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.845873] ? preempt_notifier_register+0x200/0x200 [ 410.850991] ? __switch_to_asm+0x34/0x70 [ 410.855080] ? __switch_to_asm+0x34/0x70 [ 410.859166] ? __switch_to_asm+0x40/0x70 [ 410.863236] __should_failslab+0x124/0x180 [ 410.867490] should_failslab+0x9/0x14 [ 410.871290] kmem_cache_alloc_node+0x26e/0x730 [ 410.875870] ? __schedule+0x8d7/0x21d0 [ 410.879761] __alloc_skb+0x114/0x770 [ 410.883473] ? netdev_alloc_frag+0x1f0/0x1f0 [ 410.887878] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.893335] ? lock_downgrade+0x900/0x900 [ 410.897491] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.903045] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 410.908542] sock_wmalloc+0x16d/0x1f0 [ 410.912357] ? skb_set_owner_w+0x360/0x360 [ 410.916592] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 410.922149] ? _copy_from_user+0xdf/0x150 [ 410.926305] pppol2tp_sendmsg+0x23d/0x6c0 [ 410.930482] ? apparmor_socket_sendmsg+0x29/0x30 [ 410.935238] ? pppol2tp_getsockopt+0x940/0x940 [ 410.939831] sock_sendmsg+0xd5/0x120 [ 410.943547] ___sys_sendmsg+0x51d/0x930 [ 410.947547] ? graph_lock+0x270/0x270 [ 410.951363] ? copy_msghdr_from_user+0x580/0x580 [ 410.956127] ? get_pid_task+0xd6/0x1a0 [ 410.960028] ? find_held_lock+0x36/0x1c0 [ 410.964090] ? __might_fault+0x12b/0x1e0 [ 410.968153] ? lock_downgrade+0x900/0x900 [ 410.972310] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.977763] __sys_sendmmsg+0x246/0x6d0 [ 410.981740] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 410.986062] ? __lock_is_held+0xb5/0x140 [ 410.990139] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.995712] ? check_preemption_disabled+0x48/0x280 [ 411.000738] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 411.006269] ? fput+0x130/0x1a0 [ 411.009543] ? do_syscall_64+0x9a/0x820 [ 411.013514] ? do_syscall_64+0x9a/0x820 [ 411.017491] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 411.022085] ? trace_hardirqs_on+0xbd/0x310 [ 411.026459] ? __ia32_sys_read+0xb0/0xb0 [ 411.030553] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 411.035913] ? trace_hardirqs_off_caller+0x300/0x300 [ 411.041038] __x64_sys_sendmmsg+0x9d/0x100 [ 411.045269] do_syscall_64+0x1b9/0x820 [ 411.049159] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 411.054520] ? syscall_return_slowpath+0x5e0/0x5e0 [ 411.059458] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.064300] ? trace_hardirqs_on_caller+0x310/0x310 [ 411.069313] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 411.074348] ? prepare_exit_to_usermode+0x291/0x3b0 [ 411.079362] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.084217] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 411.089405] RIP: 0033:0x457569 [ 411.092606] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:03:56 executing program 3 (fault-call:5 fault-nth:22): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 411.111502] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 411.119220] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 411.126484] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 411.133753] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 411.141021] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 411.148283] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:56 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) connect$vsock_dgram(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10) io_setup(0x1, &(0x7f0000000080)=0x0) r3 = syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x101, 0x80) ioctl$VIDIOC_SUBDEV_G_SELECTION(r3, 0xc040563d, &(0x7f0000000140)={0x1, 0x40, 0x102, 0x6, {0x4, 0x5, 0x6, 0x2}}) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 411.197202] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 411.219545] FAT-fs (loop4): bogus number of reserved sectors [ 411.239243] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:56 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e035040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 411.260642] FAULT_INJECTION: forcing a failure. [ 411.260642] name failslab, interval 1, probability 0, space 0, times 0 [ 411.288701] CPU: 1 PID: 20276 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 411.297284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.306630] Call Trace: [ 411.309230] dump_stack+0x244/0x39d [ 411.312874] ? dump_stack_print_info.cold.1+0x20/0x20 [ 411.318064] ? __x64_sys_sendmmsg+0x9d/0x100 [ 411.322468] ? do_syscall_64+0x1b9/0x820 [ 411.326530] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 411.331919] ? kasan_check_read+0x11/0x20 [ 411.336090] should_fail.cold.4+0xa/0x17 [ 411.340181] ? trace_hardirqs_on+0xbd/0x310 [ 411.344507] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 411.349613] ? __lock_acquire+0x62f/0x4c20 [ 411.353846] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.359397] ? mark_held_locks+0x130/0x130 [ 411.363674] ? find_held_lock+0x36/0x1c0 [ 411.367831] ? perf_trace_sched_process_exec+0x860/0x860 [ 411.373307] ? graph_lock+0x270/0x270 [ 411.377104] ? kfree_skb+0x1c3/0x580 [ 411.380838] ? __kfree_skb+0x20/0x20 [ 411.384551] __should_failslab+0x124/0x180 [ 411.388786] should_failslab+0x9/0x14 [ 411.392606] kmem_cache_alloc_node+0x26e/0x730 [ 411.397186] ? find_held_lock+0x36/0x1c0 [ 411.401255] __alloc_skb+0x114/0x770 [ 411.404968] ? netdev_alloc_frag+0x1f0/0x1f0 [ 411.409398] ? perf_trace_sched_process_exec+0x860/0x860 [ 411.414877] ? lock_downgrade+0x900/0x900 [ 411.419037] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.424570] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 411.430025] sock_wmalloc+0x16d/0x1f0 [ 411.433826] ? skb_set_owner_w+0x360/0x360 [ 411.438063] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 411.443600] ? _copy_from_user+0xdf/0x150 [ 411.447755] pppol2tp_sendmsg+0x23d/0x6c0 [ 411.451907] ? apparmor_socket_sendmsg+0x29/0x30 [ 411.456680] ? pppol2tp_getsockopt+0x940/0x940 [ 411.461271] sock_sendmsg+0xd5/0x120 [ 411.465012] ___sys_sendmsg+0x51d/0x930 [ 411.468984] ? graph_lock+0x270/0x270 [ 411.472814] ? copy_msghdr_from_user+0x580/0x580 [ 411.477604] ? get_pid_task+0xd6/0x1a0 [ 411.481515] ? find_held_lock+0x36/0x1c0 [ 411.485651] ? __might_fault+0x12b/0x1e0 [ 411.489764] ? lock_downgrade+0x900/0x900 [ 411.493931] ? perf_trace_sched_process_exec+0x860/0x860 [ 411.499390] __sys_sendmmsg+0x246/0x6d0 [ 411.503383] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 411.507717] ? __lock_is_held+0xb5/0x140 [ 411.511778] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.517478] ? check_preemption_disabled+0x48/0x280 [ 411.522545] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 411.528081] ? fput+0x130/0x1a0 [ 411.531363] ? do_syscall_64+0x9a/0x820 [ 411.535337] ? do_syscall_64+0x9a/0x820 [ 411.539310] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 411.543902] ? trace_hardirqs_on+0xbd/0x310 [ 411.548220] ? __ia32_sys_read+0xb0/0xb0 [ 411.552303] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 411.557704] ? trace_hardirqs_off_caller+0x300/0x300 [ 411.562827] __x64_sys_sendmmsg+0x9d/0x100 [ 411.567086] do_syscall_64+0x1b9/0x820 [ 411.570975] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 411.576337] ? syscall_return_slowpath+0x5e0/0x5e0 [ 411.581288] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.586164] ? trace_hardirqs_on_caller+0x310/0x310 [ 411.591203] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 411.596222] ? prepare_exit_to_usermode+0x291/0x3b0 [ 411.601282] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.606165] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 411.611385] RIP: 0033:0x457569 [ 411.614573] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 411.633484] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 411.641190] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 411.648456] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:03:56 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x5800000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 411.655746] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 411.663036] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 411.670304] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 411.694828] FAT-fs (loop4): bogus number of reserved sectors [ 411.706072] minix_free_inode: bit 1 already cleared 10:03:57 executing program 3 (fault-call:5 fault-nth:23): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 411.716133] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:57 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x143) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) r3 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x9, 0x81) ioctl$IOC_PR_PREEMPT_ABORT(r3, 0x401870cc, &(0x7f0000000140)={0x7fffffff, 0x61d3, 0x0, 0xffff}) connect$l2tp(r3, &(0x7f0000000200)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x3, 0x3, 0x0, 0x0, {0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x3}}}, 0x3a) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r4, 0x0, 0x0) io_submit(r4, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) ioctl$VIDIOC_TRY_ENCODER_CMD(r3, 0xc028564e, &(0x7f0000000180)={0x0, 0x1, [0x9, 0x2, 0x100, 0x4, 0x1ff, 0x0, 0x3f, 0x80000000]}) 10:03:57 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x43050000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:57 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 411.931699] FAULT_INJECTION: forcing a failure. [ 411.931699] name failslab, interval 1, probability 0, space 0, times 0 [ 411.942950] CPU: 1 PID: 20293 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 411.951551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.960929] Call Trace: [ 411.963561] dump_stack+0x244/0x39d [ 411.967198] ? dump_stack_print_info.cold.1+0x20/0x20 [ 411.972394] ? is_bpf_text_address+0xac/0x170 [ 411.976900] should_fail.cold.4+0xa/0x17 [ 411.980964] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 411.986147] ? rcu_read_unlock_special+0x370/0x370 [ 411.991082] ? rcu_softirq_qs+0x20/0x20 [ 411.995074] ? unwind_dump+0x190/0x190 [ 411.998998] ? kernel_text_address+0x79/0xf0 [ 412.003446] ? __lock_acquire+0x62f/0x4c20 [ 412.007681] ? __save_stack_trace+0x8d/0xf0 [ 412.012011] ? mark_held_locks+0x130/0x130 [ 412.016245] ? save_stack+0x43/0xd0 [ 412.019869] ? __kmalloc_node_track_caller+0x50/0x70 [ 412.024970] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 412.029915] ? __alloc_skb+0x150/0x770 [ 412.033829] ? sock_wmalloc+0x16d/0x1f0 [ 412.037798] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 412.042143] ? sock_sendmsg+0xd5/0x120 [ 412.046040] ? ___sys_sendmsg+0x51d/0x930 [ 412.050180] ? __sys_sendmmsg+0x246/0x6d0 [ 412.054321] ? __x64_sys_sendmmsg+0x9d/0x100 [ 412.058753] ? do_syscall_64+0x1b9/0x820 [ 412.062845] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 412.068231] __should_failslab+0x124/0x180 [ 412.072510] should_failslab+0x9/0x14 [ 412.076306] kmem_cache_alloc_node_trace+0x5a/0x740 10:03:57 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdo%\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:57 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8035], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 412.076324] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 412.076343] __kmalloc_node_track_caller+0x3c/0x70 [ 412.076357] __kmalloc_reserve.isra.38+0x41/0xe0 [ 412.076373] pskb_expand_head+0x230/0x10f0 [ 412.076386] ? kasan_kmalloc+0xc7/0xe0 [ 412.076405] ? skb_release_data+0x880/0x880 [ 412.076426] ? __might_fault+0x12b/0x1e0 [ 412.086988] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 412.087002] ? iov_iter_advance+0x306/0x13f0 [ 412.087017] ? lock_release+0xa10/0xa10 [ 412.087029] ? perf_trace_sched_process_exec+0x860/0x860 [ 412.087043] ? once_deferred+0xa0/0xa0 [ 412.087055] ? perf_trace_sched_process_exec+0x860/0x860 [ 412.087077] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 412.101016] l2tp_xmit_skb+0x106b/0x1670 [ 412.101041] ? l2tp_recv_common+0x1d40/0x1d40 [ 412.101054] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 412.101072] ? _copy_from_user+0xdf/0x150 [ 412.113359] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 412.113376] pppol2tp_sendmsg+0x4b1/0x6c0 [ 412.113392] ? apparmor_socket_sendmsg+0x29/0x30 [ 412.113411] ? pppol2tp_getsockopt+0x940/0x940 [ 412.113426] sock_sendmsg+0xd5/0x120 [ 412.186648] ___sys_sendmsg+0x51d/0x930 [ 412.190628] ? graph_lock+0x270/0x270 [ 412.194519] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 412.199284] ? copy_msghdr_from_user+0x580/0x580 [ 412.204172] ? find_held_lock+0x36/0x1c0 [ 412.208259] ? __might_fault+0x12b/0x1e0 [ 412.212359] ? lock_downgrade+0x900/0x900 [ 412.216538] ? perf_trace_sched_process_exec+0x860/0x860 [ 412.222002] __sys_sendmmsg+0x246/0x6d0 [ 412.226012] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 412.230333] ? __lock_is_held+0xb5/0x140 [ 412.234409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 412.239947] ? check_preemption_disabled+0x48/0x280 [ 412.244982] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 412.250523] ? fput+0x130/0x1a0 [ 412.253811] ? do_syscall_64+0x9a/0x820 [ 412.257786] ? do_syscall_64+0x9a/0x820 [ 412.261759] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 412.266340] ? trace_hardirqs_on+0xbd/0x310 [ 412.270659] ? __ia32_sys_read+0xb0/0xb0 [ 412.274723] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 412.280096] ? trace_hardirqs_off_caller+0x300/0x300 [ 412.285206] __x64_sys_sendmmsg+0x9d/0x100 [ 412.289464] do_syscall_64+0x1b9/0x820 [ 412.293384] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 412.298762] ? syscall_return_slowpath+0x5e0/0x5e0 [ 412.303690] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.308552] ? trace_hardirqs_on_caller+0x310/0x310 [ 412.313567] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 412.318600] ? prepare_exit_to_usermode+0x291/0x3b0 [ 412.323622] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.328487] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 412.333677] RIP: 0033:0x457569 [ 412.336872] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 412.355782] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 412.363492] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 412.370758] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:03:57 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xf0ffffffffffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 412.378036] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 412.385329] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 412.392596] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 412.475065] FAT-fs (loop4): bogus number of reserved sectors [ 412.488078] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 412.499379] FAT-fs (loop4): Can't find a valid FAT filesystem 10:03:57 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r0, 0x0, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x101, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000100)={0x1, [0x0]}, &(0x7f0000000140)=0x8) write$FUSE_STATFS(r1, &(0x7f00000001c0)={0x60, 0x0, 0x1, {{0x0, 0x400, 0x667, 0x5, 0x10000, 0x77b, 0x8, 0x4}}}, 0x60) io_submit(r0, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000080), 0x121}]) 10:03:57 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e02f040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:57 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x86ddffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:58 executing program 3 (fault-call:5 fault-nth:24): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 412.583731] FAT-fs (loop4): bogus number of reserved sectors [ 412.597644] FAT-fs (loop4): Can't find a valid FAT filesystem [ 412.616075] minix_free_inode: bit 1 already cleared 10:03:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x81000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:58 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:58 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f00000004c0)=[{&(0x7f0000000100)="18837350b0806e84244f1844b60cff816e8f9bcf6ebe19948dda1411e2645724165f2bc271d02007cb0653b086ecccf32f2d27ec1b51723c954cb24713e332d69f33e375f9a0eaf2ac92fe8ad266cffaf78d8a758907ec0440bdb633ff0c3a8ddfc00448ba6cd9a6db92", 0x6a}, {&(0x7f00000001c0)="9f9f1ad10b28e0889bcf4ac0f94226b58f31bde14587015a26b1ff0af759a16306e7b29f2c091df43b1adaa87937f028c5a392c1478cc1d432c23eb290c9d6269622d56a944d4f2d46bff0380b25a6248c19b1b4585255fd104b89fcd653557a5ef6aa3e6feda4c62a5d2f", 0x6b}, {&(0x7f0000000240)="7a7b1c4ac556c127e86dfe1dbbb219c1d649aa38ead21d8868db2c0e428bf785387c727d858bcf2451b43c4cc557b9e9fad375bda9db2fad5018a89a8a078e531617a02bbe2a3d8458a4924c4eb206ca72569945bdfb26835a61a4c408674c35a641ea223d37c2fbcd4da62699ebdac053d80ab462b6a8335f5ca93ef4643fec95642d459abc026e65899e443f2f723232811e57b942682d2aa165edf1011aa4d110517af19d1c9f43", 0xa9}, {&(0x7f0000000040)="790e04310c1a6433c1453bd4a69f54cb5481adc578f8888731ecd11af8c2bab550027eff1a33675839c3b0e317727a4d4e7c65d581019223949150d42f9c93", 0x3f}, {&(0x7f0000000300)="fd10f830c98ef62b0b619ca41192ddf9ed8b87d9ccd1c69b60c63c515e1ca5682aeec44037c27d2b5e40e0ad567321488828ff1905af8a06ec00a182f327c605b79a3ddb5e1bf69cf9065a695892c96a921cc042de6fd785076786511fb8f4bf5576ebdf0afdcea75061b6e661f86737ab887e3652d6223cd74869e198127a94dc21b85a2c7861bc64e8", 0x8a}, {&(0x7f00000003c0)="040945b95311c5ad74cde529f8e3dfcb2e63437c84a2a164afb32957d2dd24a232d21a43831596d9426e196e2a9efac26db8f854ca2bbddc45aa1fc509ba953dccd4c5c14b44ef4c3ad2f528b0cd46894678e6803797dfc882", 0x59}, {&(0x7f0000000440)="46a300afbff50eb8b1fe276df438fac7f99e844b2028e011774121a1acf5a0b9315dcb6cde32ffcc24c6876286703bb20dbcc356119dd5528fee8dc07f71f2a57dba786c38c41fa01a1689e3ca83c5b82015136f9426b1115f4e953cda191e533c2de741e360d22a5dbfcaf410cf4fee4f036bb4e28ea0", 0x77}], 0x7, 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) r2 = syz_open_dev$media(&(0x7f0000000540)='/dev/media#\x00', 0x120000000000, 0x404002) ioctl$KDGKBSENT(r2, 0x4b48, &(0x7f0000000580)={0x0, 0x7fff, 0x7fffffff}) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x84, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f00000005c0)={'bridge_slave_1\x00', {0x2, 0x4e24, @multicast2}}) ioctl$SG_GET_RESERVED_SIZE(r2, 0x2272, &(0x7f0000000600)) 10:03:58 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdoc\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8906], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:58 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/netfilter\x00') ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000100)={0x7b2c30d9, 0x5, 0x3, "3e802ddccf4245efee6741ea331d7f2737a027f19a04713d224385e387939b92", 0x4777475e}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) setxattr$security_ima(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='security.ima\x00', &(0x7f0000000240)=@v1={0x2, "8958eb3bdbb08bf314"}, 0xa, 0x3) ioctl$KVM_ASSIGN_PCI_DEVICE(r1, 0x8040ae69, &(0x7f0000000040)={0x15f, 0x200, 0x2, 0x2419381d41fedc4d, 0x65a}) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) [ 412.858110] FAULT_INJECTION: forcing a failure. [ 412.858110] name failslab, interval 1, probability 0, space 0, times 0 [ 412.886535] FAT-fs (loop4): bogus number of reserved sectors [ 412.892343] FAT-fs (loop4): Can't find a valid FAT filesystem [ 412.928217] CPU: 0 PID: 20328 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 412.936799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.946149] Call Trace: [ 412.948766] dump_stack+0x244/0x39d [ 412.952406] ? dump_stack_print_info.cold.1+0x20/0x20 [ 412.957635] should_fail.cold.4+0xa/0x17 [ 412.961696] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 412.966795] ? __save_stack_trace+0x8d/0xf0 [ 412.971132] ? save_stack+0xa9/0xd0 [ 412.974756] ? save_stack+0x43/0xd0 [ 412.978403] ? find_held_lock+0x36/0x1c0 [ 412.982477] ? perf_trace_sched_process_exec+0x860/0x860 [ 412.987951] ? check_preemption_disabled+0x48/0x280 [ 412.993002] __should_failslab+0x124/0x180 [ 412.997255] should_failslab+0x9/0x14 [ 413.001055] kmem_cache_alloc_node_trace+0x270/0x740 [ 413.006168] __kmalloc_node_track_caller+0x3c/0x70 [ 413.011098] __kmalloc_reserve.isra.38+0x41/0xe0 [ 413.015944] __alloc_skb+0x150/0x770 [ 413.019657] ? netdev_alloc_frag+0x1f0/0x1f0 [ 413.024071] ? perf_trace_sched_process_exec+0x860/0x860 [ 413.029527] ? lock_downgrade+0x900/0x900 [ 413.033684] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 413.039220] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 413.044704] sock_wmalloc+0x16d/0x1f0 [ 413.048499] ? skb_set_owner_w+0x360/0x360 [ 413.052749] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 413.058298] ? _copy_from_user+0xdf/0x150 [ 413.062450] pppol2tp_sendmsg+0x23d/0x6c0 [ 413.066597] ? apparmor_socket_sendmsg+0x29/0x30 [ 413.071353] ? pppol2tp_getsockopt+0x940/0x940 [ 413.075963] sock_sendmsg+0xd5/0x120 [ 413.079674] ___sys_sendmsg+0x51d/0x930 [ 413.083643] ? graph_lock+0x270/0x270 [ 413.087450] ? copy_msghdr_from_user+0x580/0x580 [ 413.092249] ? get_pid_task+0xd6/0x1a0 [ 413.096157] ? find_held_lock+0x36/0x1c0 [ 413.100222] ? __might_fault+0x12b/0x1e0 [ 413.104324] ? lock_downgrade+0x900/0x900 [ 413.108534] ? perf_trace_sched_process_exec+0x860/0x860 [ 413.114040] __sys_sendmmsg+0x246/0x6d0 [ 413.118053] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 413.122400] ? __lock_is_held+0xb5/0x140 [ 413.126468] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 413.132006] ? check_preemption_disabled+0x48/0x280 [ 413.137066] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 413.142603] ? fput+0x130/0x1a0 [ 413.145884] ? do_syscall_64+0x9a/0x820 [ 413.149870] ? do_syscall_64+0x9a/0x820 [ 413.153841] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 413.158462] ? trace_hardirqs_on+0xbd/0x310 [ 413.162779] ? __ia32_sys_read+0xb0/0xb0 [ 413.166858] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 413.172262] ? trace_hardirqs_off_caller+0x300/0x300 [ 413.177404] __x64_sys_sendmmsg+0x9d/0x100 [ 413.181651] do_syscall_64+0x1b9/0x820 [ 413.185566] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 413.190939] ? syscall_return_slowpath+0x5e0/0x5e0 [ 413.195864] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.200756] ? trace_hardirqs_on_caller+0x310/0x310 [ 413.205794] ? prepare_exit_to_usermode+0x291/0x3b0 [ 413.210812] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.215686] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 413.220868] RIP: 0033:0x457569 [ 413.224103] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 413.243006] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 413.250717] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 413.258007] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 413.265269] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 413.272532] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 10:03:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xfffffffffffff000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:58 executing program 3 (fault-call:5 fault-nth:25): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 413.279821] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 413.365154] FAT-fs (loop4): bogus number of reserved sectors [ 413.380554] FAT-fs (loop4): Can't find a valid FAT filesystem [ 413.407777] FAULT_INJECTION: forcing a failure. [ 413.407777] name failslab, interval 1, probability 0, space 0, times 0 [ 413.435794] CPU: 1 PID: 20349 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 413.444378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 413.453735] Call Trace: [ 413.456355] dump_stack+0x244/0x39d [ 413.459987] ? dump_stack_print_info.cold.1+0x20/0x20 [ 413.465179] ? graph_lock+0x270/0x270 [ 413.468985] should_fail.cold.4+0xa/0x17 [ 413.473047] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 413.478160] ? __lock_acquire+0x62f/0x4c20 [ 413.482392] ? find_held_lock+0x36/0x1c0 [ 413.486507] ? mark_held_locks+0x130/0x130 [ 413.490746] ? find_held_lock+0x36/0x1c0 [ 413.494871] ? __switch_to_asm+0x34/0x70 [ 413.498939] ? perf_trace_sched_process_exec+0x860/0x860 [ 413.504387] ? preempt_notifier_register+0x200/0x200 [ 413.509488] ? __switch_to_asm+0x34/0x70 [ 413.513551] ? __switch_to_asm+0x34/0x70 [ 413.517742] ? __switch_to_asm+0x40/0x70 [ 413.521839] __should_failslab+0x124/0x180 [ 413.526078] should_failslab+0x9/0x14 [ 413.529890] kmem_cache_alloc_node+0x26e/0x730 [ 413.534475] ? __schedule+0x8d7/0x21d0 [ 413.538378] __alloc_skb+0x114/0x770 [ 413.542141] ? netdev_alloc_frag+0x1f0/0x1f0 [ 413.546585] ? perf_trace_sched_process_exec+0x860/0x860 [ 413.552038] ? lock_downgrade+0x900/0x900 [ 413.556219] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 413.561792] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 413.567257] sock_wmalloc+0x16d/0x1f0 [ 413.571072] ? skb_set_owner_w+0x360/0x360 [ 413.575308] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 413.580855] ? _copy_from_user+0xdf/0x150 [ 413.585041] pppol2tp_sendmsg+0x23d/0x6c0 [ 413.589197] ? apparmor_socket_sendmsg+0x29/0x30 [ 413.593964] ? pppol2tp_getsockopt+0x940/0x940 [ 413.598547] sock_sendmsg+0xd5/0x120 [ 413.602275] ___sys_sendmsg+0x51d/0x930 [ 413.602290] ? graph_lock+0x270/0x270 [ 413.602308] ? copy_msghdr_from_user+0x580/0x580 [ 413.602324] ? get_pid_task+0xd6/0x1a0 [ 413.602342] ? find_held_lock+0x36/0x1c0 [ 413.602361] ? __might_fault+0x12b/0x1e0 [ 413.614244] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 413.614883] ? lock_downgrade+0x900/0x900 [ 413.614933] ? perf_trace_sched_process_exec+0x860/0x860 [ 413.614972] __sys_sendmmsg+0x246/0x6d0 [ 413.648130] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 413.652466] ? __lock_is_held+0xb5/0x140 [ 413.656535] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 413.662074] ? check_preemption_disabled+0x48/0x280 [ 413.667104] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 413.672653] ? fput+0x130/0x1a0 [ 413.675965] ? do_syscall_64+0x9a/0x820 [ 413.679950] ? do_syscall_64+0x9a/0x820 [ 413.683923] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 413.683954] ? trace_hardirqs_on+0xbd/0x310 [ 413.683967] ? __ia32_sys_read+0xb0/0xb0 [ 413.683984] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 413.684016] ? trace_hardirqs_off_caller+0x300/0x300 [ 413.684035] __x64_sys_sendmmsg+0x9d/0x100 [ 413.684052] do_syscall_64+0x1b9/0x820 [ 413.692978] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 413.692995] ? syscall_return_slowpath+0x5e0/0x5e0 [ 413.693009] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.693026] ? trace_hardirqs_on_caller+0x310/0x310 [ 413.693041] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 413.693057] ? prepare_exit_to_usermode+0x291/0x3b0 [ 413.693075] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.750612] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 413.755817] RIP: 0033:0x457569 10:03:59 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x2], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 413.759043] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 413.777949] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 413.785655] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 413.792919] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 413.800197] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 413.807464] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 413.814731] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:59 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e032040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:03:59 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:03:59 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) socket(0x9, 0x80003, 0x20) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom\x00', 0x40, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000000100)={0x0, 0xc, "57f0fc46ce4ffe373b1ff5b4"}, &(0x7f0000000140)=0x14) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={r4, @in={{0x2, 0x4e22, @rand_addr=0x7}}, 0x1, 0x3f, 0x4, 0x3, 0x1}, &(0x7f0000000280)=0x98) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:03:59 executing program 3 (fault-call:5 fault-nth:26): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:59 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdoi\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 413.955848] minix_free_inode: bit 1 already cleared 10:03:59 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xf5ffffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 414.027745] FAULT_INJECTION: forcing a failure. [ 414.027745] name failslab, interval 1, probability 0, space 0, times 0 [ 414.039001] CPU: 0 PID: 20367 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 414.047577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.056924] Call Trace: [ 414.059528] dump_stack+0x244/0x39d [ 414.063176] ? dump_stack_print_info.cold.1+0x20/0x20 [ 414.068380] ? is_bpf_text_address+0xac/0x170 [ 414.072899] should_fail.cold.4+0xa/0x17 [ 414.076986] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 414.082099] ? rcu_read_unlock_special+0x370/0x370 [ 414.087033] ? rcu_softirq_qs+0x20/0x20 [ 414.091020] ? unwind_dump+0x190/0x190 [ 414.094944] ? kernel_text_address+0x79/0xf0 [ 414.099383] ? __lock_acquire+0x62f/0x4c20 [ 414.103652] ? __save_stack_trace+0x8d/0xf0 [ 414.108003] ? mark_held_locks+0x130/0x130 [ 414.112239] ? save_stack+0x43/0xd0 [ 414.115862] ? __kmalloc_node_track_caller+0x50/0x70 [ 414.120975] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 414.125897] ? __alloc_skb+0x150/0x770 [ 414.129810] ? sock_wmalloc+0x16d/0x1f0 [ 414.133780] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 414.138097] ? sock_sendmsg+0xd5/0x120 [ 414.141981] ? ___sys_sendmsg+0x51d/0x930 [ 414.146132] ? __sys_sendmmsg+0x246/0x6d0 [ 414.150277] ? __x64_sys_sendmmsg+0x9d/0x100 [ 414.154706] ? do_syscall_64+0x1b9/0x820 [ 414.158765] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 414.164144] ? syscall_trace_enter+0x8e8/0x1260 [ 414.168814] __should_failslab+0x124/0x180 [ 414.173050] should_failslab+0x9/0x14 [ 414.176864] kmem_cache_alloc_node_trace+0x5a/0x740 [ 414.181896] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 414.187449] __kmalloc_node_track_caller+0x3c/0x70 [ 414.192395] __kmalloc_reserve.isra.38+0x41/0xe0 [ 414.197158] pskb_expand_head+0x230/0x10f0 [ 414.201433] ? kasan_kmalloc+0xc7/0xe0 [ 414.205342] ? skb_release_data+0x880/0x880 [ 414.209666] ? __might_fault+0x12b/0x1e0 [ 414.213745] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 414.219325] ? iov_iter_advance+0x306/0x13f0 [ 414.223729] ? lock_release+0xa10/0xa10 [ 414.227699] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.233154] ? once_deferred+0xa0/0xa0 [ 414.237036] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.242490] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 414.247349] l2tp_xmit_skb+0x106b/0x1670 [ 414.251437] ? l2tp_recv_common+0x1d40/0x1d40 [ 414.255944] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 414.261499] ? _copy_from_user+0xdf/0x150 [ 414.265668] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 414.269991] pppol2tp_sendmsg+0x4b1/0x6c0 [ 414.274159] ? apparmor_socket_sendmsg+0x29/0x30 [ 414.278930] ? pppol2tp_getsockopt+0x940/0x940 [ 414.283525] sock_sendmsg+0xd5/0x120 [ 414.287254] ___sys_sendmsg+0x51d/0x930 [ 414.291234] ? graph_lock+0x270/0x270 [ 414.295092] ? copy_msghdr_from_user+0x580/0x580 [ 414.299872] ? get_pid_task+0xd6/0x1a0 [ 414.303772] ? find_held_lock+0x36/0x1c0 [ 414.307855] ? __might_fault+0x12b/0x1e0 [ 414.311943] ? lock_downgrade+0x900/0x900 [ 414.316117] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.321601] __sys_sendmmsg+0x246/0x6d0 [ 414.325599] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 414.329932] ? __lock_is_held+0xb5/0x140 [ 414.334024] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 414.339568] ? check_preemption_disabled+0x48/0x280 [ 414.344626] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 414.350181] ? fput+0x130/0x1a0 [ 414.353464] ? do_syscall_64+0x9a/0x820 [ 414.357441] ? do_syscall_64+0x9a/0x820 [ 414.361417] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 414.366017] ? trace_hardirqs_on+0xbd/0x310 [ 414.370349] ? __ia32_sys_read+0xb0/0xb0 [ 414.374412] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 414.379772] ? trace_hardirqs_off_caller+0x300/0x300 [ 414.384875] __x64_sys_sendmmsg+0x9d/0x100 [ 414.389139] do_syscall_64+0x1b9/0x820 [ 414.393033] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 414.398403] ? syscall_return_slowpath+0x5e0/0x5e0 [ 414.403332] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.408210] ? trace_hardirqs_on_caller+0x310/0x310 [ 414.413228] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 414.418243] ? prepare_exit_to_usermode+0x291/0x3b0 [ 414.423274] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.428120] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 414.433417] RIP: 0033:0x457569 [ 414.436605] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 414.455518] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 414.463233] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 414.470515] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 414.477788] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 414.485052] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 414.492317] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:03:59 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8035000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:03:59 executing program 3 (fault-call:5 fault-nth:27): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:03:59 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) socket$inet_sctp(0x2, 0x0, 0x84) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 414.670512] FAULT_INJECTION: forcing a failure. [ 414.670512] name failslab, interval 1, probability 0, space 0, times 0 [ 414.681788] CPU: 0 PID: 20389 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 414.690417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.699770] Call Trace: [ 414.702360] dump_stack+0x244/0x39d [ 414.706000] ? dump_stack_print_info.cold.1+0x20/0x20 [ 414.711206] ? is_bpf_text_address+0xac/0x170 [ 414.715707] should_fail.cold.4+0xa/0x17 [ 414.719766] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 414.724904] ? rcu_read_unlock_special+0x370/0x370 [ 414.729830] ? rcu_softirq_qs+0x20/0x20 [ 414.733840] ? unwind_dump+0x190/0x190 [ 414.737739] ? kernel_text_address+0x79/0xf0 [ 414.742161] ? __lock_acquire+0x62f/0x4c20 [ 414.746450] ? __save_stack_trace+0x8d/0xf0 [ 414.750788] ? mark_held_locks+0x130/0x130 [ 414.755028] ? save_stack+0x43/0xd0 [ 414.758662] ? __kmalloc_node_track_caller+0x50/0x70 [ 414.763791] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 414.768738] ? __alloc_skb+0x150/0x770 [ 414.772659] ? sock_wmalloc+0x16d/0x1f0 [ 414.776668] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 414.781003] ? sock_sendmsg+0xd5/0x120 [ 414.784890] ? ___sys_sendmsg+0x51d/0x930 [ 414.789048] ? __sys_sendmmsg+0x246/0x6d0 [ 414.793210] ? __x64_sys_sendmmsg+0x9d/0x100 [ 414.797621] ? do_syscall_64+0x1b9/0x820 [ 414.801696] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 414.807074] __should_failslab+0x124/0x180 [ 414.811319] should_failslab+0x9/0x14 [ 414.815136] kmem_cache_alloc_node_trace+0x5a/0x740 [ 414.820180] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 414.825737] __kmalloc_node_track_caller+0x3c/0x70 [ 414.830709] __kmalloc_reserve.isra.38+0x41/0xe0 [ 414.835507] pskb_expand_head+0x230/0x10f0 [ 414.839768] ? kasan_kmalloc+0xc7/0xe0 [ 414.843700] ? skb_release_data+0x880/0x880 [ 414.848038] ? __might_fault+0x12b/0x1e0 [ 414.852122] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 414.857691] ? iov_iter_advance+0x306/0x13f0 [ 414.862117] ? lock_release+0xa10/0xa10 [ 414.866108] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.866136] ? once_deferred+0xa0/0xa0 [ 414.866153] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.866174] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 414.866199] l2tp_xmit_skb+0x106b/0x1670 [ 414.866225] ? l2tp_recv_common+0x1d40/0x1d40 [ 414.866246] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 414.875576] ? _copy_from_user+0xdf/0x150 [ 414.875594] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 414.875613] pppol2tp_sendmsg+0x4b1/0x6c0 [ 414.875638] ? apparmor_socket_sendmsg+0x29/0x30 [ 414.875656] ? pppol2tp_getsockopt+0x940/0x940 [ 414.875673] sock_sendmsg+0xd5/0x120 [ 414.875690] ___sys_sendmsg+0x51d/0x930 [ 414.875709] ? graph_lock+0x270/0x270 [ 414.933456] ? copy_msghdr_from_user+0x580/0x580 [ 414.938232] ? get_pid_task+0xd6/0x1a0 [ 414.942159] ? find_held_lock+0x36/0x1c0 [ 414.946261] ? __might_fault+0x12b/0x1e0 [ 414.950336] ? lock_downgrade+0x900/0x900 [ 414.954505] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.959972] __sys_sendmmsg+0x246/0x6d0 [ 414.963981] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 414.968327] ? __lock_is_held+0xb5/0x140 [ 414.972414] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 414.977977] ? check_preemption_disabled+0x48/0x280 [ 414.983019] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 414.988565] ? fput+0x130/0x1a0 [ 414.991855] ? do_syscall_64+0x9a/0x820 [ 414.995840] ? do_syscall_64+0x9a/0x820 [ 414.999827] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 415.004432] ? trace_hardirqs_on+0xbd/0x310 [ 415.008773] ? __ia32_sys_read+0xb0/0xb0 [ 415.012860] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 415.018237] ? trace_hardirqs_off_caller+0x300/0x300 [ 415.023360] __x64_sys_sendmmsg+0x9d/0x100 [ 415.027630] do_syscall_64+0x1b9/0x820 [ 415.031550] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 415.036927] ? syscall_return_slowpath+0x5e0/0x5e0 [ 415.041867] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.046723] ? trace_hardirqs_on_caller+0x310/0x310 [ 415.051750] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 415.056778] ? prepare_exit_to_usermode+0x291/0x3b0 [ 415.061812] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.066683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 415.071880] RIP: 0033:0x457569 [ 415.075118] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 415.094068] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 415.101784] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 415.109074] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:04:00 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x4305], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 415.116357] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 415.123637] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 415.130912] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:00 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:00 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x3580], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 415.347440] FAT-fs (loop4): bogus number of reserved sectors [ 415.363085] FAT-fs (loop4): Can't find a valid FAT filesystem [ 415.447220] FAT-fs (loop4): bogus number of reserved sectors [ 415.453073] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:01 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e003000a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:01 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) r3 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x1, 0x2) write$P9_RCREATE(r3, &(0x7f0000000100)={0x18, 0x73, 0x1, {{0x80, 0x0, 0x1}, 0xffffffff}}, 0x18) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) socket(0x3, 0x800, 0x100) bind$bt_sco(r3, &(0x7f0000000140)={0x1f, {0x1337, 0x8, 0x800, 0xa56b, 0x7, 0x7}}, 0x8) 10:04:01 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f73ff", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:01 executing program 3 (fault-call:5 fault-nth:28): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:01 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xffffff8d], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:01 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 415.608968] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 415.678592] FAULT_INJECTION: forcing a failure. [ 415.678592] name failslab, interval 1, probability 0, space 0, times 0 [ 415.709754] FAT-fs (loop4): bogus number of reserved sectors [ 415.715824] minix_free_inode: bit 1 already cleared [ 415.734296] FAT-fs (loop4): Can't find a valid FAT filesystem [ 415.745959] CPU: 1 PID: 20414 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 415.754551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 415.754557] Call Trace: [ 415.754580] dump_stack+0x244/0x39d [ 415.754601] ? dump_stack_print_info.cold.1+0x20/0x20 [ 415.766512] ? __x64_sys_sendmmsg+0x9d/0x100 [ 415.766526] ? do_syscall_64+0x1b9/0x820 [ 415.766541] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 415.766556] ? kasan_check_read+0x11/0x20 [ 415.766572] should_fail.cold.4+0xa/0x17 [ 415.797340] ? trace_hardirqs_on+0xbd/0x310 [ 415.801677] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 415.806797] ? __lock_acquire+0x62f/0x4c20 [ 415.811035] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 415.816581] ? mark_held_locks+0x130/0x130 [ 415.816597] ? find_held_lock+0x36/0x1c0 [ 415.816684] ? trace_event_raw_event_binder_lru_page_class+0x1c8/0x2e0 [ 415.831551] ? perf_trace_sched_process_exec+0x860/0x860 [ 415.831563] ? graph_lock+0x270/0x270 [ 415.831575] ? kfree_skb+0x1c3/0x580 [ 415.831589] ? __kfree_skb+0x20/0x20 [ 415.848236] __should_failslab+0x124/0x180 [ 415.852469] should_failslab+0x9/0x14 [ 415.856268] kmem_cache_alloc_node+0x26e/0x730 [ 415.860867] ? find_held_lock+0x36/0x1c0 [ 415.864938] __alloc_skb+0x114/0x770 [ 415.868652] ? netdev_alloc_frag+0x1f0/0x1f0 [ 415.873064] ? perf_trace_sched_process_exec+0x860/0x860 [ 415.878532] ? lock_downgrade+0x900/0x900 [ 415.882693] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 415.888248] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 415.893706] sock_wmalloc+0x16d/0x1f0 [ 415.897507] ? skb_set_owner_w+0x360/0x360 [ 415.901737] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 415.907286] ? _copy_from_user+0xdf/0x150 [ 415.911492] pppol2tp_sendmsg+0x23d/0x6c0 [ 415.915654] ? apparmor_socket_sendmsg+0x29/0x30 [ 415.920423] ? pppol2tp_getsockopt+0x940/0x940 [ 415.925021] sock_sendmsg+0xd5/0x120 [ 415.928765] ___sys_sendmsg+0x51d/0x930 10:04:01 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x100000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 415.932732] ? graph_lock+0x270/0x270 [ 415.936537] ? copy_msghdr_from_user+0x580/0x580 [ 415.941291] ? get_pid_task+0xd6/0x1a0 [ 415.945181] ? find_held_lock+0x36/0x1c0 [ 415.949261] ? __might_fault+0x12b/0x1e0 [ 415.953340] ? lock_downgrade+0x900/0x900 [ 415.957517] ? perf_trace_sched_process_exec+0x860/0x860 [ 415.962975] __sys_sendmmsg+0x246/0x6d0 [ 415.966961] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 415.971287] ? __lock_is_held+0xb5/0x140 [ 415.975351] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 415.980932] ? check_preemption_disabled+0x48/0x280 [ 415.985973] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 415.991522] ? fput+0x130/0x1a0 [ 415.994816] ? do_syscall_64+0x9a/0x820 [ 415.998791] ? do_syscall_64+0x9a/0x820 [ 416.002786] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 416.007369] ? trace_hardirqs_on+0xbd/0x310 [ 416.011731] ? __ia32_sys_read+0xb0/0xb0 [ 416.015794] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 416.021161] ? trace_hardirqs_off_caller+0x300/0x300 [ 416.026273] __x64_sys_sendmmsg+0x9d/0x100 [ 416.030512] do_syscall_64+0x1b9/0x820 [ 416.034397] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 416.039781] ? syscall_return_slowpath+0x5e0/0x5e0 [ 416.044706] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.049545] ? trace_hardirqs_on_caller+0x310/0x310 [ 416.054557] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 416.059590] ? prepare_exit_to_usermode+0x291/0x3b0 [ 416.064607] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.069470] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 416.074652] RIP: 0033:0x457569 [ 416.077844] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 416.096736] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 416.104451] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 416.111716] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 416.118980] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 416.126257] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 10:04:01 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 416.133519] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:01 executing program 3 (fault-call:5 fault-nth:29): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:01 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) sendmsg$inet_sctp(r2, &(0x7f00000002c0)={&(0x7f0000000040)=@in={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000100)="269a672e0b1ad281e361f1c98dc8276ac5917358e7bbb7f3f44d6db3d2e5c457ba4ed77793f78ed7b2f11798d26d4d03fb1d880ab3cc21e50c161d3d4e3ba6d3d7437e48d6760e2f8ea5", 0x4a}, {&(0x7f00000001c0)="92c97a80", 0x4}, {&(0x7f0000000200)="5a5a899d75942b9b6320199bf514582212348c5b6a2f3d9654029c99fef4aa7ac6c3122dea9272b797f1226dd0c2894b242a1e5c29126e27958598e02edadb57bbd8b983244ec83945c97a716359f0eee7c5055ea29d83dd6e560aaa28462f64721ac5807e55b3cca1715b4e10728f31c2a6c56c3a5607417d6a5425b502", 0x7e}], 0x3, 0x0, 0x0, 0x4080}, 0x8000) io_setup(0x1, &(0x7f0000000080)=0x0) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000300)='/dev/mixer\x00', 0x0, 0x0) ioctl$SG_GET_ACCESS_COUNT(r4, 0x2289, &(0x7f0000000340)) io_submit(r3, 0x5ed38fd9b2127d4, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) io_submit(r3, 0xa, &(0x7f0000001ac0)=[&(0x7f0000000400)={0x0, 0x0, 0x0, 0x3, 0x9, r1, &(0x7f0000000380)="3747967edff4b8e502f99391e6724fa3fd67cd3d552700d5911335399a118182168365742514cbda5e0bf4d847a81d5b0a1caa2ea84a687b6c2d41557ad048f1cec94250a365b3c0a98d96dafe2eb2b5afff021f96ce38b4c9ac6b8453457046fc4b4a4642c15b48011aae0b6553aec57dfc161a", 0x74, 0x3f, 0x0, 0x2, r1}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffe, r4, &(0x7f0000000440)="60b6dc4e436544d92f7ff91ef0791a9edca2e34a8ce95252d4f28b5c74b260e3177a60e487f8554ac75253c2553608ccfb22c1132ce392c89c7988ddcf717b4d", 0x40, 0x1, 0x0, 0x3, r4}, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x6, 0x10000, r1, &(0x7f00000004c0)="f15249dad4a6ef339747e6daabb5d0f73cd53b47eddb4b39f32cd1d115e7ced6e785cc6734a3e48b7823322cae05bd7278f2f3caaef6f1acb428d6af5dd84424afb3eedd26c0f666f61a43f65a6bf0cf3590a3fc15d8316543f736da3b198c763ecde2cbc45f18bd60207c4277276ce42842919c84635e78a1b22319e210a1009199d2dbf9a985be566a4697ea4a191577d9e9fd83f39ccc6f1a77dee4998abe1bc9a286df494bbdba59556e6509db37c372c2c09e62ccf48d4a8bdc3bb77898f8a2aefc86df2f5dba9a0b066380b179558e01bf195df53de5350dcdf9ef69f2849c7708bce6f9a29b4cf60600e6c571d3eacee6d6936245bc6f78132f63322dbfebd63c3b68bdd737d3ffbcdc0fdd4d0420b6bbf599276e894a13884c0603e16acc06feeeb2488690fb6e4e3b690c84d9a7e9f4862d7296c38b01f284a0e99b9503fed1f2e959d35670671c78a89e60f67cd7f46881118b3db6cb658d98c71a5df907b7bde93e4441b82f7d71baf8802f23cfdb5f56468a0c041ee310b57d93e4fdd3a5d1befd6ff923c8a67f5636b6cb6cf7ddcfd2f02edbb175624219f2637ef245163fd86e6d1560e84120343df072db73301dba487a707008557084a0aa70783b6e2b23b61164d446d72782fa3af340a4c8aa9244830c8017081d7dda0158a045d376d8b5f27776df0084e0c7b54c3405b224ecfbb0a8051e3667b7c213b4392ea716558c8135358a16f0d2477cb9a93e28102ef31a4cea34e3d45770c1d5fc76018247edeac3bf52e0846ec8170e4d5fcf9a673a26550176bb337d621bfb04a5c3d4a69a19d591f1eab34f07e483ea7a61312883aaf6a5f66c4f9d668fb24057ab9a57b5a8d22491761b5e9003f09841f59309233171138944644090df06fb8a047f43e1bfae3f31cce8cd27f586d8c7829cc36bb298d0d2257ec37be56aba4a1d9ec538e7491fa7cfce33e827f321ef5aee703db1654c3b245bacab7bbd54a7388f3578a89aecb2807cdd68c9ec0214c0d28a9b57c488ed28e8c9828bd3c61b9e7230509aee53180252369251da419ec8c613a5250cef54c4990e9fe27eefbbe5fb6faab60afe74844042ef868677facc09e24a1accc012c6ce686a3f1f67a5c5073f8cadb457f1986386d1c550d7bc8f5e7885d21fd18d4ccfed604cb486551cb59309d6724b0777a1f8ef3605c9ea7c5637eb57894ea5204de67cc7cf5926b6c9eeffbb7df662d37b2ceb6ab069fb4c45c2c63ef3e5acdd7d1e3ffacff7972fa7db8fb32cdf61c5ad71c46a87f0ef1131f2daa44baf32b66cd169bdf985aaba6bf596c122ffed4bce1d23726241aeb29faf51769d14853567954d4521fbd9ac442cb57f6a94caaddf532dda9e8d30078ed6c085adb8cfc235f9714dc6c0a7e67fd0fa957a8c2f6d7f1e804ef7cba4ea71635f2c4c63b65a1b449a11431f57dda13580ba86f53175f9d7ff12bef21fd9a043e91b261253e508e1ed5ffec1e625f0bff4afee13983a48c8a25d7fc4304f574bc3982dcc5f0e153d87296596aa3267146afd48fed1122d96a3ad81ba387908b044b1dc91826e2f640ca370337001d1e3b9218d136495f2956336700d8237e5bc084ba5b2d9362aebedc167266b7e9432ac89fd45c5314c45364e472ec63196e201e5b4a39b9542108cbf6e2db3c4b7cc0bb0363c9ae60574b5eca774e7dbe2ef9f8d66196b3ce834add6b2b9ec490a5458239a2f8aa093f7993ede62f16cb5685e2692f4d82fee703333d52992af4b6f956ec4de85b8905ceff8268e4343a9eb8392664db2ae30fb04ea0841e842b0a94aa84bf432848d036c8d33327a464ddfe7e606c21a8c22a452bc66662aaf0e18ec8407d892d0c371aada611382b8b08c17b937dc3b8003cb5476239b62a27fa8e6b1ec45cfb245a88f626a045f71460d3a76ec9dc26b20cd79229c3ca034e9b3674eaf5015c2b01eea921b6a007ae31cfd85e29fda32fe5dd4829e16d28977716abda3974a3dbcfbb13d9823b5caf61904cb5a8b92951ead92ead49d4a7bc4a0b97431bb1b3d8d3247928959a90afba32494fedb5de8cc823b8546cd2ab0cae2aa1d83c8ece768d49f5d40ae06310bd0924b09470c07bfd3f1693575929947451b8a06f4b986a0b2dabb23c53ac3a12514e01ef794f18af919e97dd048af3940aca691539881cc546e662bb7f487f20220e8bcd1299a1adb498e890cdebf73035e517ad16ff9e04f7ef14a966db885cf9d993dd79bc8c934bf709b09f90289aa219146664abb9e83194b41c786d406ded53214a2a0eaf7dfb9d282c2e100a6c7c7c06b1e12bc421fdf3814bb164078d3ce8d6003361da39e7ee9540190f03ad8cbec987ada22faa1bb5447cf662ad53a0a978a03a5607b442517d342561ddf61164dca2c9dc02cc15a14a50d17532c08529505b3294aa19ad5b7c5f95a7beeb4c4b1a86271507d30b8ac93c9050f6dd32e50d05dff16d355950683ac2c9a63b75a9091cf78584df5213998fca6287b492bd02ea289fc972d7249e8d789f290acd64a1db9dd9a6640e6c05d64ab2b9ed9ce13bffd8f81b6792a20201800ffdc4b26ba174771bc92b41a27f17a789427d129f04653005d691383531bdc46b8281b3e6277c2902b24b92ce5fede4da3ed0c3d88dff8157ab7a36e228d290a377d5087212647262eee646dec05fd082fdf8dadce8285aa346095dc469e3f6b24586457d566f3d3f98f4d78e0fcd6ba407c519102c9d4fbdded4f17dff0aa72e6d3bbebf6dd59b6ea090aa78f1b32b49c2a19d703ea8d97be8da5e4f75145420006935602e51a75da698c2cf122c6743e97ec3aa751839570ad52b257c365537c81d791d2e71b9bbc1284922d29387623b36883b51b24649705e0e0f6d6e3786bc935bd5c8c49df172edebffba292e28595b441d4267aa1aa1ca2c62c8e8715760d49f751dcabe4f75555d66bcf26490bd06e972f02234f3090841d509d8313c0da435c30e5ffd9a01044cfa71955a0e7de3cfc5d590cb41b243ea3aab5478d86e49ab2cfdb777ae1ce25099ad982b1fc399e3843f24fe2410a37f2f6f9e3bc7c323ddf289ff27f8b84df8727dd0bf8f0f4f5fd94ad02bc9d2d4ebe13eaf6d943eb9ee3d769138f9961079b58a7767e78c5a8ee00987e44adcac2dd2951fc325a64f2d94321fd49dade6cddf8b36785bad4d421b7051c381879e87580f2b2b6af1762d9d2212ba5901169a7fa26299028b68b6f1bd58d7b1701379c667080565684cab64ee1b9e4915960f48504ee36a5741bcac30fb69481b1049685f5fd0dd03a5a65ea3797cb1edad54f59f6949782493c9ac7afdcc2b84deb5b5a17fbc0adc32afe29ff7a7c9c26b1bdb54c44ac8f0a05148bd26efb70ce838db77ea2483094b487191636a61a5b0aff000e61732c60b2ae71cc6bf9305af9452ab2da828e485f594f8a640c74f5245ee4717178e44d5c2e257ba050e99f0832a20323c3200b325775573d2de1565a34bdf2379ac64f2826c2d07e8e473dd02a2982b1aefcc84cca1448bfac321137afe2265a2c12e811c15cc9cc32aa70bab37b381e8cde1e2baa87abd815c766f2c87257acf33301a865a2a61c0993df294897a4980f63e4a2824d758c788421a8c7b898241c806f5ccea1db797771373d5745cb46ee3d39cb1db0dd8491fd0dddf5b84b693ba4bd7401b76dcd0879708d2c12bf4910185ada0e82e34b98d53ce01885938e1f741647df1a4d6312827d06a89499c4af75c4c761a0d4b2862a4f8e7e30496128dde4d689ad94b7e0c3bc22378e8824d7817657048a1db1624e8631641550fbe652fcdf8f5b73d9949cf81274fb6785315327aa8c14245440602d6eaf4cf8a30aa25d078fb1820b58521ffa04ea0580be7e6101f8023a4b605c6c466a04ab34aee79a008fbc642a00b769042da8c6e3d65e4fc739614e4958b789f7e19087300e80d41cc05789687643162406b36930efded2e480ceb636b66a9b7a81ef0e2210d50cd2a31bcbba394247fed219b4cb7f817249a0f09f255455de14360bac5101c2115a8322cc169d0ae5835ee86b02185207964623e2135d19e21887523c4f72c7a4caf6e4105f629a0cd9468905e9e4a43ecc95c1d331f56be3718cac82d06a24908f8b70566833372ee613732d573262384ac0c0445fd5bb980c7b2d2220a721bd101fb466df69b039e28b7c1110a9a97cfb088ed6f076bb4eb6c8c14014143b583b355f8320c50fe3bb262eee40d39f56e421a5e72825b45d1ffa134b78ac1e310f73c56d337cba56b2701cde2dc2f647f3501a20709ef5dbc8e89e1a3ec724ba7eecb4019e32f7bfbc9ae5b34b511ab22c911795b749cd9d4ae1f8ea03f73f07f9a7514d447df33ac6a304a0bc1ed821d6e7ebda78ec4b79f7e1f974e1dd679234a56abdd1cfc41091906e29392f20eebce22ffbe1dd03fcaef5b5945e3619fb6c39ed40eba73d422aaf2bea4cb3566927176c7088e48343d491dead226954000d6e713a4ba32ca93bb757f3710da3efae3f68f5e8664115249f5edd68fcefd63a012e8e4cd84648c41e3a77323901fbcb9202ffffb4a69052681e0b3085bff15c1655f2e972f4c2f64a6286ef89d903badc0a11094a159d62eb6f8f171eb875e091b55cc8ece2d694ae833723f9227635999076d08202ecbbc7c118c47fbed5d64fc3f4b50d970850c450244c92efcf4692110942ff60656e089288beedae2142dd1322ee0969c7a134e678a9825840fffbe29cada1e93aa5ca4f384fa4b8d9b1934b15da2f564fa79fa7dc4a3f2d2ecc95f4b3158958bbf221189e38b9033caf146b977224f42703615fe6843d08fe7c3aef23f75642b7c419be4dfb21bf290c42e326a9cb2b8215ed46aa2ca3dc9ea1fd0d968ea08241df4664a8f5341ffd73d00b7e92f24bc4730c0a61f6bb03851d5ee441eb66ba5ecf175b8ae9faddccf1afa261619ac17fd6db6d07efd4c48c871de987e75556654ea3cd32f0141a688e2b3272444179fbb0d618c7c279560236a1d615328484ee52c2d0a3de44b63395e90070e080bce57737d8d2c16efcbade6526b36b705b4ed11104643887eb2a04a61531cf51e31b8b9df7d25c5d449343e7c53c48a36788c2b4805f25c7b367b4c569161868f89cabc1a87dfa45ecac2acbb4bcb4d00a1e3846bae6a46ff9ab1b819693e50c481556d7d563f0526b2fcdc7a923e03fc13f09fb4c62ddc34402a6cd8834a1ea91085bc8ba7b6bd4429610f71c5b12f44422630e612787933610440bbadf6652b114d24e6f9dd81523dbdfa2cced5c96effaba29a1699710b670be0a9ed0e828a9e50efb02a73d406404e35d1f2b45e5dd9611b589907144d5d1faf857352b13fe911da6973e3f9304c8a8f7201bd885569d9a0fb381c3b1509104642f23ee79cc490d8c3903dce03f82c698e9002586100f4d96430857815f58d033570f265f3352983397f4ee128ba5070eb71f7ce4ee4606fb2d0ef015d22425f8448d282b7afb3645eba458483ee901443b39991b54b3636cd96dfcb91bc2fbedc06ac94cd95be2886a0678933e403e2c8ad8924572b71de86093519f74ad0ce1ea982d49066373f074f5e5360444fe896935d68b2536d3aa00091f24aef32a5c0df78a6844ecc20beaac66b5c203a538becf68bf0ea336eaeca856db51d2ef4b3a3e1250bdf25c190f25a6a00f33abae2e95272be06dfecc48fdc8fd697047c783c9f67168f283575fb5344ee276ce078ee6d6ae55ded7824f8c725f917799b476b30d244acaaaa570", 0x1000, 0x4, 0x0, 0x0, r4}, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x0, 0x2, r0, &(0x7f0000001500)="eabb9e33dd1b0de675babb3f647cc581f566668708097a1ad03a81fc60f6df9f1c1fc3ef88471708c5fc0e7712ad19ccbe07e9cae80f7cd4d301b41cb95500cbeb3b3f9bdbf974f92821a12bdb249aab6ce7eda38e63be43e6545e5a297661fe5515babdf09532b795d11e323b94d2c818f44f99bd989db809679f829dce27d0f77b27fb4e0bd0d8bfde18c1c895877c327cf18f1b5f60dd843bcba4dcb1d4647b0b4eddfbc20b1f9a996f1a7ed490c7eea87cede9eaa3b50033e3d080b8333b36b847b4d20b937a68632296be3b94cc01e57fe7496a5e278289e6f53987c2272c472027a2963b", 0xe7, 0x4000000040000000, 0x0, 0x2, r4}, &(0x7f0000001680)={0x0, 0x0, 0x0, 0xf, 0x20, r0, &(0x7f0000001640)="9c734c0f77b3ed08dfcdefe752620de2288da4a61b0cd222", 0x18, 0x40, 0x0, 0x3, r4}, &(0x7f0000001740)={0x0, 0x0, 0x0, 0x8, 0x9, r2, &(0x7f00000016c0)="4d622e44971c3b51442d7f30c88a0e7633df04dbdcb51908c5529e73db3e18bc67f98224abd2c3ba58b0da5f465eb590090e0398a8e2fc829efd45a0389df2818b3dd1e924b569ceccc67f48e10da2f06a049c8369225aa09f0a0f145eea4e69f24ddc9f", 0x64, 0xfffffffffffffbe5, 0x0, 0x2, r4}, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x7, 0x4, r2, &(0x7f0000001780)="5badff022857d7ec91e59c0c6d045f41594eb4472af81119ef7603f3682abc54a5b42307f07a1e0471b5a9c927e3a5a824e0ba24a18db2e061d951cdd20657121a8cb1986a016ffc29805e5a2abc0f6eb3c595a740e565781a1705ac846cd688a4637fcd813e202079de4ed948c905130faaa5c87b57", 0x76, 0x0, 0x0, 0x2, r4}, &(0x7f0000001940)={0x0, 0x0, 0x0, 0xf, 0x7, r4, &(0x7f0000001840)="2f34d9ffd49bd3d21eb8d887bd72acf2eacc7f54be5271f377824e10f8cd81b75ed055a0b1615a8e9dbd6dc77c6cc41d2963f6ed67aa2306a84d5c51f24011cce09e86f369693dd44b4cbe0707998f35af2706e91fb76d30374e4ff807fc5bfac1a63809deec06878376e6820d321072aa58bf9cee372342867e5ad4c87bad45fdeaf2402be6350088aca60360f6ea390e1302c42b6f2388b4cedf239bf15b9f4c7f27168878a599ed5fd745f99533e4e5473b697aa8d9c746646be6efe473ebbc81ac45f663ec4d57cf6c2c85a0bcad401d9ed2785bed609dd2768a2f2834d286d0c258bf", 0xe5, 0x9, 0x0, 0x0, r4}, &(0x7f00000019c0)={0x0, 0x0, 0x0, 0x5, 0x3, r0, &(0x7f0000001980)="0094efcf11f75332b8fa3deba7f1b75246ca542e1e8a669867a828431486cb07397474bb4250ea9fdc461bbe78aa49a13d11", 0x32, 0x10000, 0x0, 0x0, r4}, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x3, 0x1, r1, &(0x7f0000001a00)="44a75691b346402bb26c53ef07d8e149651523c0405c5390b0df587c60a37ea91689f8090fb3b86b31e87a41761e3ee4cf45c632f083f757329d08e59cf4015489d183697af982a2ff725aaa261487f5c8d4a8c0b78642c1fc1549cfedbd927f41d44b88f446", 0x66, 0x7, 0x0, 0x0, r4}]) 10:04:01 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x700000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:01 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 416.282952] FAT-fs (loop5): bogus number of reserved sectors [ 416.289586] FAT-fs (loop5): Can't find a valid FAT filesystem [ 416.307794] FAULT_INJECTION: forcing a failure. [ 416.307794] name failslab, interval 1, probability 0, space 0, times 0 [ 416.328989] CPU: 1 PID: 20437 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 416.337577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.346924] Call Trace: [ 416.349526] dump_stack+0x244/0x39d [ 416.353176] ? dump_stack_print_info.cold.1+0x20/0x20 [ 416.358365] ? __x64_sys_sendmmsg+0x9d/0x100 [ 416.362785] ? do_syscall_64+0x1b9/0x820 [ 416.366848] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 416.372210] ? kasan_check_read+0x11/0x20 [ 416.376380] should_fail.cold.4+0xa/0x17 [ 416.380442] ? trace_hardirqs_on+0xbd/0x310 [ 416.384763] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 416.389863] ? __lock_acquire+0x62f/0x4c20 [ 416.394117] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 416.399674] ? mark_held_locks+0x130/0x130 [ 416.403914] ? find_held_lock+0x36/0x1c0 [ 416.408008] ? perf_trace_sched_process_exec+0x860/0x860 [ 416.413453] ? graph_lock+0x270/0x270 [ 416.417268] ? kfree_skb+0x1c3/0x580 [ 416.420978] ? __kfree_skb+0x20/0x20 [ 416.424712] __should_failslab+0x124/0x180 [ 416.428984] should_failslab+0x9/0x14 [ 416.432809] kmem_cache_alloc_node+0x26e/0x730 [ 416.437393] ? find_held_lock+0x36/0x1c0 [ 416.441486] __alloc_skb+0x114/0x770 [ 416.445215] ? netdev_alloc_frag+0x1f0/0x1f0 [ 416.449642] ? perf_trace_sched_process_exec+0x860/0x860 [ 416.455109] ? lock_downgrade+0x900/0x900 [ 416.459277] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 416.464815] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 416.470276] sock_wmalloc+0x16d/0x1f0 [ 416.474083] ? skb_set_owner_w+0x360/0x360 [ 416.478322] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 416.483861] ? _copy_from_user+0xdf/0x150 [ 416.488047] pppol2tp_sendmsg+0x23d/0x6c0 [ 416.492218] ? apparmor_socket_sendmsg+0x29/0x30 [ 416.496995] ? pppol2tp_getsockopt+0x940/0x940 [ 416.502363] sock_sendmsg+0xd5/0x120 [ 416.506078] ___sys_sendmsg+0x51d/0x930 [ 416.510055] ? graph_lock+0x270/0x270 [ 416.513905] ? copy_msghdr_from_user+0x580/0x580 [ 416.518700] ? get_pid_task+0xd6/0x1a0 [ 416.522615] ? find_held_lock+0x36/0x1c0 [ 416.526692] ? __might_fault+0x12b/0x1e0 [ 416.530759] ? lock_downgrade+0x900/0x900 [ 416.534932] ? perf_trace_sched_process_exec+0x860/0x860 [ 416.540399] __sys_sendmmsg+0x246/0x6d0 [ 416.544391] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 416.548727] ? __lock_is_held+0xb5/0x140 [ 416.552802] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 416.558378] ? check_preemption_disabled+0x48/0x280 [ 416.563419] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 416.568993] ? fput+0x130/0x1a0 [ 416.572282] ? do_syscall_64+0x9a/0x820 [ 416.576264] ? do_syscall_64+0x9a/0x820 [ 416.580266] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 416.584859] ? trace_hardirqs_on+0xbd/0x310 [ 416.589194] ? __ia32_sys_read+0xb0/0xb0 [ 416.593281] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 416.598669] ? trace_hardirqs_off_caller+0x300/0x300 [ 416.603788] __x64_sys_sendmmsg+0x9d/0x100 [ 416.608037] do_syscall_64+0x1b9/0x820 [ 416.611935] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 416.617324] ? syscall_return_slowpath+0x5e0/0x5e0 [ 416.622280] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.627156] ? trace_hardirqs_on_caller+0x310/0x310 [ 416.632192] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 416.637221] ? prepare_exit_to_usermode+0x291/0x3b0 [ 416.642254] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.647630] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 416.652825] RIP: 0033:0x457569 [ 416.656041] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 416.674947] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 416.682662] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 416.689953] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 416.697229] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 416.704511] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 416.711786] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 416.747606] FAT-fs (loop4): bogus number of reserved sectors [ 416.758964] FAT-fs (loop4): Can't find a valid FAT filesystem [ 416.769344] FAT-fs (loop5): bogus number of reserved sectors [ 416.775656] FAT-fs (loop5): Can't find a valid FAT filesystem [ 416.782990] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 416.814510] FAT-fs (loop4): bogus number of reserved sectors [ 416.822865] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:02 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e037040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:02 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x88470000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:02 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000100)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:02 executing program 3 (fault-call:5 fault-nth:30): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:02 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 416.946629] FAULT_INJECTION: forcing a failure. [ 416.946629] name failslab, interval 1, probability 0, space 0, times 0 [ 416.957876] CPU: 1 PID: 20449 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 416.966457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.975809] Call Trace: [ 416.978402] dump_stack+0x244/0x39d [ 416.982043] ? dump_stack_print_info.cold.1+0x20/0x20 [ 416.987240] ? is_bpf_text_address+0xac/0x170 [ 416.991781] should_fail.cold.4+0xa/0x17 10:04:02 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 416.995853] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 417.000968] ? rcu_read_unlock_special+0x370/0x370 [ 417.005915] ? rcu_softirq_qs+0x20/0x20 [ 417.009910] ? unwind_dump+0x190/0x190 [ 417.013813] ? kernel_text_address+0x79/0xf0 [ 417.018234] ? __lock_acquire+0x62f/0x4c20 [ 417.022477] ? __save_stack_trace+0x8d/0xf0 [ 417.026864] ? mark_held_locks+0x130/0x130 [ 417.031109] ? save_stack+0x43/0xd0 [ 417.034754] ? __kmalloc_node_track_caller+0x50/0x70 [ 417.039863] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 417.044800] ? __alloc_skb+0x150/0x770 [ 417.048728] ? sock_wmalloc+0x16d/0x1f0 [ 417.052734] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 417.057057] ? sock_sendmsg+0xd5/0x120 [ 417.060959] ? ___sys_sendmsg+0x51d/0x930 [ 417.065105] ? __sys_sendmmsg+0x246/0x6d0 [ 417.069256] ? __x64_sys_sendmmsg+0x9d/0x100 [ 417.073668] ? do_syscall_64+0x1b9/0x820 [ 417.077770] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 417.083184] __should_failslab+0x124/0x180 [ 417.087432] should_failslab+0x9/0x14 [ 417.091248] kmem_cache_alloc_node_trace+0x5a/0x740 [ 417.096299] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 417.101843] __kmalloc_node_track_caller+0x3c/0x70 [ 417.106773] __kmalloc_reserve.isra.38+0x41/0xe0 [ 417.111537] pskb_expand_head+0x230/0x10f0 [ 417.115774] ? kasan_kmalloc+0xc7/0xe0 [ 417.119725] ? skb_release_data+0x880/0x880 [ 417.124056] ? __might_fault+0x12b/0x1e0 [ 417.128121] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 417.133693] ? iov_iter_advance+0x306/0x13f0 [ 417.138138] ? lock_release+0xa10/0xa10 [ 417.142118] ? perf_trace_sched_process_exec+0x860/0x860 [ 417.147593] ? once_deferred+0xa0/0xa0 [ 417.151486] ? perf_trace_sched_process_exec+0x860/0x860 [ 417.156941] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 417.161807] l2tp_xmit_skb+0x106b/0x1670 [ 417.165884] ? l2tp_recv_common+0x1d40/0x1d40 [ 417.170389] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 417.175931] ? _copy_from_user+0xdf/0x150 [ 417.180084] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 417.184412] pppol2tp_sendmsg+0x4b1/0x6c0 [ 417.188572] ? apparmor_socket_sendmsg+0x29/0x30 [ 417.193373] ? pppol2tp_getsockopt+0x940/0x940 [ 417.197983] sock_sendmsg+0xd5/0x120 [ 417.201706] ___sys_sendmsg+0x51d/0x930 [ 417.205680] ? graph_lock+0x270/0x270 [ 417.209504] ? copy_msghdr_from_user+0x580/0x580 [ 417.214267] ? get_pid_task+0xd6/0x1a0 [ 417.218194] ? find_held_lock+0x36/0x1c0 [ 417.222283] ? __might_fault+0x12b/0x1e0 [ 417.226347] ? lock_downgrade+0x900/0x900 [ 417.230522] ? perf_trace_sched_process_exec+0x860/0x860 [ 417.235984] __sys_sendmmsg+0x246/0x6d0 [ 417.239966] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 417.244288] ? __lock_is_held+0xb5/0x140 [ 417.248355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 417.253914] ? check_preemption_disabled+0x48/0x280 [ 417.258945] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 417.264481] ? fput+0x130/0x1a0 [ 417.267762] ? do_syscall_64+0x9a/0x820 [ 417.271736] ? do_syscall_64+0x9a/0x820 [ 417.275710] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 417.280307] ? trace_hardirqs_on+0xbd/0x310 [ 417.284627] ? __ia32_sys_read+0xb0/0xb0 [ 417.288704] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 417.294070] ? trace_hardirqs_off_caller+0x300/0x300 [ 417.299224] __x64_sys_sendmmsg+0x9d/0x100 [ 417.303460] do_syscall_64+0x1b9/0x820 [ 417.307350] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 417.312710] ? syscall_return_slowpath+0x5e0/0x5e0 [ 417.317669] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.322513] ? trace_hardirqs_on_caller+0x310/0x310 [ 417.327566] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 417.332601] ? prepare_exit_to_usermode+0x291/0x3b0 [ 417.337623] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.342477] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 417.347663] RIP: 0033:0x457569 [ 417.350860] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 417.369789] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 417.377490] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 417.384768] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:04:02 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x58000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 417.392036] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 417.399319] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 417.406581] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 417.425528] minix_free_inode: bit 1 already cleared 10:04:02 executing program 3 (fault-call:5 fault-nth:31): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:02 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = syz_open_dev$usb(&(0x7f0000000340)='/dev/bus/usb/00#/00#\x00', 0x80000001, 0x102) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000380)=0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, &(0x7f0000000400)={{0x7, 0x3, 0x4, 0xcb, 'syz1\x00', 0xfffffffffffffff9}, 0x2, 0x30000010, 0x800, r3, 0x5, 0x5, 'syz1\x00', &(0x7f00000003c0)=['/dev/vcs#\x00', '/dev/vcs#\x00', ')!{em1trusted\x00', 'vmnet0trusted/#mime_type\x00', '\x00'], 0x3c, [], [0x200, 0x0, 0x2, 0x5]}) r4 = socket(0x18, 0x0, 0x1) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000240)=0x1, 0x4) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r4, 0x84, 0x1e, &(0x7f00000001c0), &(0x7f0000000300)=0x4) io_setup(0x1, &(0x7f0000000040)=0x0) io_submit(r5, 0x0, 0x0) setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000002640)=0xffffffff, 0x2) ioctl$VIDIOC_ENUMINPUT(r4, 0xc050561a, &(0x7f0000000280)={0x5, "7e86c958c16f77534118d4190ba33f0ce9e9692e5a4a7104d2261a7e694b010d", 0x3, 0xff, 0x7, 0x1700, 0x2}) r6 = syz_open_dev$vcsn(&(0x7f0000000200)='/dev/vcs#\x00', 0x3, 0x3d) ioctl$EVIOCGBITKEY(r6, 0x80404521, &(0x7f0000000100)=""/117) ioctl$TIOCSWINSZ(r6, 0x5414, &(0x7f0000000080)={0xd, 0xe6, 0x2000000000000015, 0x401}) ioctl$VHOST_GET_VRING_ENDIAN(r6, 0x4008af14, &(0x7f0000002600)={0x0, 0x20000}) ioctl$VIDIOC_SUBDEV_S_SELECTION(r2, 0xc040563e, &(0x7f0000000540)={0x0, 0xf0, 0x103, 0x1, {0x80000001, 0x4f, 0x3, 0x4e77}}) io_submit(r5, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r4, &(0x7f0000000080), 0x121}]) ioprio_get$pid(0x0, r3) ioctl$KVM_GET_NESTED_STATE(r6, 0xc080aebe, &(0x7f0000000580)={0x0, 0x0, 0x2080}) 10:04:02 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x6], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 417.562480] FAT-fs (loop4): bogus number of reserved sectors [ 417.579084] FAT-fs (loop4): Can't find a valid FAT filesystem [ 417.601753] FAULT_INJECTION: forcing a failure. [ 417.601753] name failslab, interval 1, probability 0, space 0, times 0 [ 417.622913] CPU: 1 PID: 20471 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 417.631509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 417.640858] Call Trace: [ 417.643454] dump_stack+0x244/0x39d [ 417.647085] ? dump_stack_print_info.cold.1+0x20/0x20 [ 417.652272] ? __x64_sys_sendmmsg+0x9d/0x100 [ 417.656724] ? do_syscall_64+0x1b9/0x820 [ 417.660838] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 417.666219] ? kasan_check_read+0x11/0x20 [ 417.670400] should_fail.cold.4+0xa/0x17 [ 417.674463] ? trace_hardirqs_on+0xbd/0x310 [ 417.678841] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 417.683944] ? __lock_acquire+0x62f/0x4c20 [ 417.688179] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 417.693780] ? mark_held_locks+0x130/0x130 [ 417.698017] ? find_held_lock+0x36/0x1c0 [ 417.702162] ? des_ekey+0x3ce8/0x5dc0 [ 417.706003] ? perf_trace_sched_process_exec+0x860/0x860 [ 417.711449] ? graph_lock+0x270/0x270 [ 417.715246] ? kfree_skb+0x1c3/0x580 [ 417.718960] ? __kfree_skb+0x20/0x20 [ 417.722675] __should_failslab+0x124/0x180 [ 417.726927] should_failslab+0x9/0x14 [ 417.730727] kmem_cache_alloc_node+0x26e/0x730 [ 417.735310] ? find_held_lock+0x36/0x1c0 [ 417.739408] __alloc_skb+0x114/0x770 [ 417.743166] ? netdev_alloc_frag+0x1f0/0x1f0 [ 417.747619] ? perf_trace_sched_process_exec+0x860/0x860 [ 417.753071] ? lock_downgrade+0x900/0x900 [ 417.757238] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 417.762795] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 417.768248] sock_wmalloc+0x16d/0x1f0 [ 417.772081] ? skb_set_owner_w+0x360/0x360 [ 417.776320] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 417.781860] ? _copy_from_user+0xdf/0x150 [ 417.786020] pppol2tp_sendmsg+0x23d/0x6c0 [ 417.790169] ? apparmor_socket_sendmsg+0x29/0x30 [ 417.794952] ? pppol2tp_getsockopt+0x940/0x940 [ 417.799607] sock_sendmsg+0xd5/0x120 [ 417.803325] ___sys_sendmsg+0x51d/0x930 [ 417.807307] ? graph_lock+0x270/0x270 [ 417.811150] ? copy_msghdr_from_user+0x580/0x580 [ 417.815912] ? get_pid_task+0xd6/0x1a0 [ 417.819816] ? find_held_lock+0x36/0x1c0 [ 417.823905] ? __might_fault+0x12b/0x1e0 [ 417.827986] ? lock_downgrade+0x900/0x900 [ 417.832160] ? perf_trace_sched_process_exec+0x860/0x860 [ 417.837625] __sys_sendmmsg+0x246/0x6d0 [ 417.841605] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 417.845932] ? __lock_is_held+0xb5/0x140 [ 417.849995] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 417.855544] ? check_preemption_disabled+0x48/0x280 [ 417.860572] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 417.866119] ? fput+0x130/0x1a0 [ 417.869421] ? do_syscall_64+0x9a/0x820 [ 417.873425] ? do_syscall_64+0x9a/0x820 [ 417.877421] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 417.882020] ? trace_hardirqs_on+0xbd/0x310 [ 417.886337] ? __ia32_sys_read+0xb0/0xb0 [ 417.890395] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 417.895771] ? trace_hardirqs_off_caller+0x300/0x300 [ 417.900877] __x64_sys_sendmmsg+0x9d/0x100 [ 417.905176] do_syscall_64+0x1b9/0x820 [ 417.909101] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 417.914488] ? syscall_return_slowpath+0x5e0/0x5e0 [ 417.919444] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.924321] ? trace_hardirqs_on_caller+0x310/0x310 [ 417.929340] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 417.934357] ? prepare_exit_to_usermode+0x291/0x3b0 [ 417.939379] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.944229] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 417.949431] RIP: 0033:0x457569 [ 417.952617] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 417.971509] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 417.979208] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 417.986469] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 417.993749] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 418.001015] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 10:04:03 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:03 executing program 3 (fault-call:5 fault-nth:32): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 418.008280] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 418.117029] FAT-fs (loop4): bogus number of reserved sectors [ 418.122900] FAT-fs (loop4): Can't find a valid FAT filesystem [ 418.204192] FAULT_INJECTION: forcing a failure. [ 418.204192] name failslab, interval 1, probability 0, space 0, times 0 [ 418.235358] CPU: 0 PID: 20481 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 418.243958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.253316] Call Trace: [ 418.255920] dump_stack+0x244/0x39d [ 418.259571] ? dump_stack_print_info.cold.1+0x20/0x20 [ 418.264779] ? __x64_sys_sendmmsg+0x9d/0x100 [ 418.269203] ? do_syscall_64+0x1b9/0x820 [ 418.273275] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 418.278651] ? kasan_check_read+0x11/0x20 [ 418.282814] should_fail.cold.4+0xa/0x17 [ 418.286883] ? trace_hardirqs_on+0xbd/0x310 [ 418.291228] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 418.296344] ? __lock_acquire+0x62f/0x4c20 [ 418.300588] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.306179] ? mark_held_locks+0x130/0x130 [ 418.310439] ? find_held_lock+0x36/0x1c0 [ 418.314538] ? perf_trace_sched_process_exec+0x860/0x860 [ 418.320001] ? graph_lock+0x270/0x270 [ 418.323815] ? kfree_skb+0x1c3/0x580 [ 418.327577] ? __kfree_skb+0x20/0x20 [ 418.331309] __should_failslab+0x124/0x180 [ 418.335556] should_failslab+0x9/0x14 [ 418.339385] kmem_cache_alloc_node+0x26e/0x730 [ 418.344003] ? find_held_lock+0x36/0x1c0 [ 418.348111] __alloc_skb+0x114/0x770 [ 418.351882] ? netdev_alloc_frag+0x1f0/0x1f0 [ 418.356307] ? perf_trace_sched_process_exec+0x860/0x860 [ 418.361769] ? lock_downgrade+0x900/0x900 [ 418.365954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.371521] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 418.377007] sock_wmalloc+0x16d/0x1f0 [ 418.380821] ? skb_set_owner_w+0x360/0x360 [ 418.385088] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 418.390635] ? _copy_from_user+0xdf/0x150 [ 418.394803] pppol2tp_sendmsg+0x23d/0x6c0 [ 418.398981] ? apparmor_socket_sendmsg+0x29/0x30 [ 418.403747] ? pppol2tp_getsockopt+0x940/0x940 [ 418.408339] sock_sendmsg+0xd5/0x120 [ 418.412067] ___sys_sendmsg+0x51d/0x930 [ 418.416048] ? graph_lock+0x270/0x270 [ 418.419859] ? copy_msghdr_from_user+0x580/0x580 [ 418.424622] ? get_pid_task+0xd6/0x1a0 [ 418.428541] ? find_held_lock+0x36/0x1c0 [ 418.432627] ? __might_fault+0x12b/0x1e0 [ 418.436704] ? lock_downgrade+0x900/0x900 [ 418.440871] ? perf_trace_sched_process_exec+0x860/0x860 [ 418.440907] __sys_sendmmsg+0x246/0x6d0 [ 418.446506] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 418.450335] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 418.450352] ? __lock_is_held+0xb5/0x140 [ 418.450387] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.471891] ? check_preemption_disabled+0x48/0x280 [ 418.476941] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 418.482488] ? fput+0x130/0x1a0 [ 418.485776] ? do_syscall_64+0x9a/0x820 [ 418.489758] ? do_syscall_64+0x9a/0x820 [ 418.493737] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 418.498358] ? trace_hardirqs_on+0xbd/0x310 10:04:03 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e0024c0a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:03 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:03 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7306", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:03 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x6000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:03 executing program 1: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x1) r2 = socket(0xd, 0x0, 0x0) r3 = syz_open_dev$admmidi(&(0x7f00000002c0)='/dev/admmidi#\x00', 0x4, 0x400800) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000300)={0x0}, &(0x7f0000000340)=0xc) write$FUSE_LK(r3, &(0x7f0000000380)={0x28, 0xffffffffffffffff, 0x6, {{0x5, 0x1, 0x2, r4}}}, 0x28) io_setup(0x1, &(0x7f0000000080)=0x0) r6 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x4000000002001, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r6, 0x4040ae72, &(0x7f0000000240)={0xff, 0x6, 0x6, 0x1, 0xce5f}) bind$bt_rfcomm(r6, &(0x7f0000000280)={0x1f, {0x5, 0xff, 0x6, 0xb63, 0x20, 0x1}, 0x96c}, 0xa) r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x208000, 0x0) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x400) memfd_create(&(0x7f00000003c0)="736572020000000000006d6100f60131df8da69527d55d745c67a623c04774ae8d58f14327dac94acdee430d5c20eafc53bb02", 0x5) io_submit(r5, 0xfffffffffffffc69, 0x0) fsetxattr$security_ima(r7, &(0x7f0000000140)='security.ima\x00', &(0x7f00000001c0)=@md5={0x1, "084fe7788fa174e9b1a0cad12217fe34"}, 0x11, 0x1) io_submit(r5, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e21, 0x3f, @local, 0x2}, 0x1c) 10:04:03 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8060000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 418.502685] ? __ia32_sys_read+0xb0/0xb0 [ 418.506749] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 418.512115] ? trace_hardirqs_off_caller+0x300/0x300 [ 418.517485] __x64_sys_sendmmsg+0x9d/0x100 [ 418.521749] do_syscall_64+0x1b9/0x820 [ 418.525666] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 418.531083] ? syscall_return_slowpath+0x5e0/0x5e0 [ 418.536009] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.540901] ? trace_hardirqs_on_caller+0x310/0x310 [ 418.545920] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 418.550940] ? prepare_exit_to_usermode+0x291/0x3b0 [ 418.555962] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.560818] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 418.566003] RIP: 0033:0x457569 [ 418.566017] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 418.566025] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 418.566039] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 10:04:04 executing program 3 (fault-call:5 fault-nth:33): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 418.566047] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 418.566055] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 418.566063] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 418.566070] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 418.646558] minix_free_inode: bit 1 already cleared [ 418.728348] FAULT_INJECTION: forcing a failure. [ 418.728348] name failslab, interval 1, probability 0, space 0, times 0 [ 418.739959] CPU: 1 PID: 20504 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 418.748540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.757881] Call Trace: [ 418.757903] dump_stack+0x244/0x39d [ 418.757919] ? dump_stack_print_info.cold.1+0x20/0x20 [ 418.757933] ? graph_lock+0x270/0x270 [ 418.757952] should_fail.cold.4+0xa/0x17 [ 418.757971] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 418.782320] ? __lock_acquire+0x62f/0x4c20 [ 418.786556] ? find_held_lock+0x36/0x1c0 [ 418.790629] ? mark_held_locks+0x130/0x130 [ 418.794884] ? find_held_lock+0x36/0x1c0 [ 418.799027] ? __switch_to_asm+0x34/0x70 [ 418.803112] ? perf_trace_sched_process_exec+0x860/0x860 [ 418.808603] ? preempt_notifier_register+0x200/0x200 [ 418.813707] ? __switch_to_asm+0x34/0x70 [ 418.817768] ? __switch_to_asm+0x34/0x70 [ 418.821842] ? __switch_to_asm+0x40/0x70 [ 418.825913] __should_failslab+0x124/0x180 [ 418.830171] should_failslab+0x9/0x14 [ 418.833981] kmem_cache_alloc_node+0x26e/0x730 [ 418.838560] ? __schedule+0x8d7/0x21d0 [ 418.842473] __alloc_skb+0x114/0x770 [ 418.846203] ? netdev_alloc_frag+0x1f0/0x1f0 [ 418.850632] ? perf_trace_sched_process_exec+0x860/0x860 [ 418.856092] ? lock_downgrade+0x900/0x900 [ 418.860300] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.865855] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 418.871308] sock_wmalloc+0x16d/0x1f0 [ 418.875109] ? skb_set_owner_w+0x360/0x360 [ 418.879346] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 418.884907] ? _copy_from_user+0xdf/0x150 [ 418.889063] pppol2tp_sendmsg+0x23d/0x6c0 [ 418.893212] ? apparmor_socket_sendmsg+0x29/0x30 [ 418.897970] ? pppol2tp_getsockopt+0x940/0x940 [ 418.902552] sock_sendmsg+0xd5/0x120 [ 418.906284] ___sys_sendmsg+0x51d/0x930 [ 418.910258] ? graph_lock+0x270/0x270 [ 418.914059] ? copy_msghdr_from_user+0x580/0x580 [ 418.918834] ? get_pid_task+0xd6/0x1a0 [ 418.922747] ? find_held_lock+0x36/0x1c0 [ 418.926829] ? __might_fault+0x12b/0x1e0 [ 418.930917] ? lock_downgrade+0x900/0x900 [ 418.935081] ? perf_trace_sched_process_exec+0x860/0x860 [ 418.940540] __sys_sendmmsg+0x246/0x6d0 [ 418.944546] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 418.948867] ? __lock_is_held+0xb5/0x140 [ 418.952935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.958475] ? check_preemption_disabled+0x48/0x280 [ 418.963518] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 418.969054] ? fput+0x130/0x1a0 [ 418.972362] ? do_syscall_64+0x9a/0x820 [ 418.976364] ? do_syscall_64+0x9a/0x820 [ 418.980337] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 418.984941] ? trace_hardirqs_on+0xbd/0x310 [ 418.989293] ? __ia32_sys_read+0xb0/0xb0 [ 418.993420] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 418.998782] ? trace_hardirqs_off_caller+0x300/0x300 [ 419.003887] __x64_sys_sendmmsg+0x9d/0x100 [ 419.008162] do_syscall_64+0x1b9/0x820 [ 419.012060] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 419.017433] ? syscall_return_slowpath+0x5e0/0x5e0 [ 419.022359] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 419.027204] ? trace_hardirqs_on_caller+0x310/0x310 [ 419.032222] ? prepare_exit_to_usermode+0x291/0x3b0 [ 419.037240] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 419.042088] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 419.047268] RIP: 0033:0x457569 [ 419.050456] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 419.069350] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 10:04:04 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x2000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:04 executing program 3 (fault-call:5 fault-nth:34): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 419.077074] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 419.084336] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 419.091619] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 419.098886] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 419.106159] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:04 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:04 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xffffca88], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 419.303897] FAULT_INJECTION: forcing a failure. [ 419.303897] name failslab, interval 1, probability 0, space 0, times 0 [ 419.315181] CPU: 0 PID: 20514 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 419.323746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 419.333075] Call Trace: [ 419.335658] dump_stack+0x244/0x39d [ 419.339283] ? dump_stack_print_info.cold.1+0x20/0x20 [ 419.339301] ? is_bpf_text_address+0xac/0x170 [ 419.339319] should_fail.cold.4+0xa/0x17 [ 419.339334] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 419.339345] ? rcu_read_unlock_special+0x370/0x370 [ 419.339358] ? rcu_softirq_qs+0x20/0x20 [ 419.349060] ? unwind_dump+0x190/0x190 [ 419.349084] ? kernel_text_address+0x79/0xf0 [ 419.349102] ? __lock_acquire+0x62f/0x4c20 [ 419.349117] ? __save_stack_trace+0x8d/0xf0 [ 419.349153] ? mark_held_locks+0x130/0x130 [ 419.349168] ? save_stack+0x43/0xd0 [ 419.349184] ? __kmalloc_node_track_caller+0x50/0x70 [ 419.363237] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 419.363248] ? __alloc_skb+0x150/0x770 [ 419.363262] ? sock_wmalloc+0x16d/0x1f0 [ 419.363274] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 419.363300] ? sock_sendmsg+0xd5/0x120 [ 419.363327] ? ___sys_sendmsg+0x51d/0x930 [ 419.363355] ? __sys_sendmmsg+0x246/0x6d0 [ 419.363371] ? __x64_sys_sendmmsg+0x9d/0x100 [ 419.371228] ? do_syscall_64+0x1b9/0x820 [ 419.371243] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 419.371263] __should_failslab+0x124/0x180 [ 419.371281] should_failslab+0x9/0x14 [ 419.371308] kmem_cache_alloc_node_trace+0x5a/0x740 [ 419.371330] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 419.458753] __kmalloc_node_track_caller+0x3c/0x70 [ 419.463714] __kmalloc_reserve.isra.38+0x41/0xe0 [ 419.468505] pskb_expand_head+0x230/0x10f0 [ 419.472742] ? kasan_kmalloc+0xc7/0xe0 [ 419.476646] ? skb_release_data+0x880/0x880 [ 419.481000] ? __might_fault+0x12b/0x1e0 [ 419.485067] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 419.490617] ? iov_iter_advance+0x306/0x13f0 [ 419.495038] ? lock_release+0xa10/0xa10 [ 419.499012] ? perf_trace_sched_process_exec+0x860/0x860 [ 419.504481] ? once_deferred+0xa0/0xa0 [ 419.508371] ? perf_trace_sched_process_exec+0x860/0x860 [ 419.514191] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 419.519039] l2tp_xmit_skb+0x106b/0x1670 [ 419.523109] ? l2tp_recv_common+0x1d40/0x1d40 [ 419.527606] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 419.533166] ? _copy_from_user+0xdf/0x150 [ 419.537314] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 419.541636] pppol2tp_sendmsg+0x4b1/0x6c0 [ 419.545791] ? apparmor_socket_sendmsg+0x29/0x30 [ 419.550575] ? pppol2tp_getsockopt+0x940/0x940 [ 419.555160] sock_sendmsg+0xd5/0x120 [ 419.558871] ___sys_sendmsg+0x51d/0x930 [ 419.562849] ? graph_lock+0x270/0x270 [ 419.566655] ? copy_msghdr_from_user+0x580/0x580 [ 419.571433] ? get_pid_task+0xd6/0x1a0 [ 419.575321] ? find_held_lock+0x36/0x1c0 [ 419.579382] ? __might_fault+0x12b/0x1e0 [ 419.583459] ? lock_downgrade+0x900/0x900 [ 419.587620] ? perf_trace_sched_process_exec+0x860/0x860 [ 419.593105] __sys_sendmmsg+0x246/0x6d0 [ 419.597092] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 419.601414] ? __lock_is_held+0xb5/0x140 [ 419.605510] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 419.611076] ? check_preemption_disabled+0x48/0x280 [ 419.616144] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 419.621683] ? fput+0x130/0x1a0 [ 419.624961] ? do_syscall_64+0x9a/0x820 [ 419.628967] ? do_syscall_64+0x9a/0x820 [ 419.632958] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 419.637540] ? trace_hardirqs_on+0xbd/0x310 [ 419.641853] ? __ia32_sys_read+0xb0/0xb0 [ 419.645928] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 419.651295] ? trace_hardirqs_off_caller+0x300/0x300 [ 419.656411] __x64_sys_sendmmsg+0x9d/0x100 [ 419.660681] do_syscall_64+0x1b9/0x820 [ 419.664565] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 419.669940] ? syscall_return_slowpath+0x5e0/0x5e0 [ 419.674907] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 419.679762] ? trace_hardirqs_on_caller+0x310/0x310 [ 419.684796] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 419.689826] ? prepare_exit_to_usermode+0x291/0x3b0 [ 419.694866] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 419.699725] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 419.704907] RIP: 0033:0x457569 [ 419.708102] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 419.727018] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 419.734737] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 419.741996] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:04:05 executing program 3 (fault-call:5 fault-nth:35): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 419.749259] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 419.756524] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 419.763783] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 419.967292] FAULT_INJECTION: forcing a failure. [ 419.967292] name failslab, interval 1, probability 0, space 0, times 0 [ 420.029312] CPU: 1 PID: 20525 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 420.037895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.047241] Call Trace: [ 420.049838] dump_stack+0x244/0x39d [ 420.053481] ? dump_stack_print_info.cold.1+0x20/0x20 [ 420.058669] ? __x64_sys_sendmmsg+0x9d/0x100 [ 420.063071] ? do_syscall_64+0x1b9/0x820 [ 420.067137] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 420.072507] ? kasan_check_read+0x11/0x20 [ 420.076672] should_fail.cold.4+0xa/0x17 [ 420.080779] ? trace_hardirqs_on+0xbd/0x310 [ 420.085109] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 420.090223] ? __lock_acquire+0x62f/0x4c20 [ 420.094484] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.100082] ? mark_held_locks+0x130/0x130 [ 420.104342] ? find_held_lock+0x36/0x1c0 [ 420.108466] ? handler_ext+0x378/0xa50 [ 420.112367] ? perf_trace_sched_process_exec+0x860/0x860 [ 420.117830] ? graph_lock+0x270/0x270 [ 420.121625] ? kfree_skb+0x1c3/0x580 [ 420.125337] ? __kfree_skb+0x20/0x20 [ 420.129065] __should_failslab+0x124/0x180 [ 420.133304] should_failslab+0x9/0x14 [ 420.137105] kmem_cache_alloc_node+0x26e/0x730 [ 420.141738] ? find_held_lock+0x36/0x1c0 [ 420.145803] __alloc_skb+0x114/0x770 [ 420.149517] ? netdev_alloc_frag+0x1f0/0x1f0 [ 420.153929] ? perf_trace_sched_process_exec+0x860/0x860 [ 420.159390] ? lock_downgrade+0x900/0x900 [ 420.163545] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.169079] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 420.174542] sock_wmalloc+0x16d/0x1f0 [ 420.178368] ? skb_set_owner_w+0x360/0x360 [ 420.182598] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 420.188139] ? _copy_from_user+0xdf/0x150 [ 420.192295] pppol2tp_sendmsg+0x23d/0x6c0 [ 420.196450] ? apparmor_socket_sendmsg+0x29/0x30 [ 420.201213] ? pppol2tp_getsockopt+0x940/0x940 [ 420.205828] sock_sendmsg+0xd5/0x120 [ 420.209567] ___sys_sendmsg+0x51d/0x930 [ 420.213544] ? graph_lock+0x270/0x270 [ 420.217353] ? copy_msghdr_from_user+0x580/0x580 [ 420.222200] ? get_pid_task+0xd6/0x1a0 [ 420.226097] ? find_held_lock+0x36/0x1c0 [ 420.230173] ? __might_fault+0x12b/0x1e0 [ 420.234240] ? lock_downgrade+0x900/0x900 [ 420.238407] ? perf_trace_sched_process_exec+0x860/0x860 [ 420.243870] __sys_sendmmsg+0x246/0x6d0 [ 420.247862] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 420.252200] ? __lock_is_held+0xb5/0x140 [ 420.256280] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.261816] ? check_preemption_disabled+0x48/0x280 [ 420.266899] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 420.272513] ? fput+0x130/0x1a0 [ 420.275794] ? do_syscall_64+0x9a/0x820 [ 420.279784] ? do_syscall_64+0x9a/0x820 [ 420.283799] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 420.288402] ? trace_hardirqs_on+0xbd/0x310 [ 420.292769] ? __ia32_sys_read+0xb0/0xb0 [ 420.296835] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 420.302204] ? trace_hardirqs_off_caller+0x300/0x300 [ 420.307307] __x64_sys_sendmmsg+0x9d/0x100 [ 420.311545] do_syscall_64+0x1b9/0x820 [ 420.315447] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 420.320813] ? syscall_return_slowpath+0x5e0/0x5e0 [ 420.325799] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.330643] ? trace_hardirqs_on_caller+0x310/0x310 [ 420.335668] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 420.340701] ? prepare_exit_to_usermode+0x291/0x3b0 [ 420.345730] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.350603] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 420.355792] RIP: 0033:0x457569 [ 420.358995] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 420.377935] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 420.385688] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 420.392954] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 420.400229] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 420.407491] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 420.414758] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:09 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x7], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:09 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:09 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) r4 = open(&(0x7f0000000040)='./file0\x00', 0x210000, 0x151) r5 = fcntl$getown(r1, 0x9) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000100)=0x0) tgkill(r5, r6, 0x41) ioctl$KDSKBLED(r4, 0x4b65, 0x29f4) 10:04:09 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:09 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000d00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:09 executing program 3 (fault-call:5 fault-nth:36): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 423.878318] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 423.945246] FAT-fs (loop5): bogus number of reserved sectors [ 423.951433] minix_free_inode: bit 1 already cleared [ 423.956594] FAT-fs (loop5): Can't find a valid FAT filesystem [ 423.971802] FAT-fs (loop4): bogus number of reserved sectors 10:04:09 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x689], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 423.994978] FAULT_INJECTION: forcing a failure. [ 423.994978] name failslab, interval 1, probability 0, space 0, times 0 [ 424.007621] FAT-fs (loop4): Can't find a valid FAT filesystem [ 424.044079] CPU: 1 PID: 20537 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 424.052670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 424.062008] Call Trace: [ 424.064593] dump_stack+0x244/0x39d [ 424.068224] ? dump_stack_print_info.cold.1+0x20/0x20 [ 424.073412] ? __x64_sys_sendmmsg+0x9d/0x100 [ 424.077860] ? do_syscall_64+0x1b9/0x820 [ 424.081967] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 424.087332] ? kasan_check_read+0x11/0x20 [ 424.091477] should_fail.cold.4+0xa/0x17 [ 424.095537] ? trace_hardirqs_on+0xbd/0x310 [ 424.099878] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 424.105011] ? __lock_acquire+0x62f/0x4c20 [ 424.109273] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.114823] ? mark_held_locks+0x130/0x130 [ 424.119069] ? find_held_lock+0x36/0x1c0 [ 424.123150] ? perf_trace_sched_process_exec+0x860/0x860 [ 424.128610] ? graph_lock+0x270/0x270 [ 424.132403] ? kfree_skb+0x1c3/0x580 [ 424.136129] ? __kfree_skb+0x20/0x20 [ 424.139847] __should_failslab+0x124/0x180 [ 424.144102] should_failslab+0x9/0x14 [ 424.147901] kmem_cache_alloc_node+0x26e/0x730 [ 424.152479] ? find_held_lock+0x36/0x1c0 [ 424.156555] __alloc_skb+0x114/0x770 [ 424.160267] ? netdev_alloc_frag+0x1f0/0x1f0 [ 424.164678] ? perf_trace_sched_process_exec+0x860/0x860 [ 424.170148] ? lock_downgrade+0x900/0x900 [ 424.174300] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.179855] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 424.185341] sock_wmalloc+0x16d/0x1f0 [ 424.189159] ? skb_set_owner_w+0x360/0x360 [ 424.193390] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 424.198923] ? _copy_from_user+0xdf/0x150 [ 424.203085] pppol2tp_sendmsg+0x23d/0x6c0 [ 424.207244] ? apparmor_socket_sendmsg+0x29/0x30 [ 424.212018] ? pppol2tp_getsockopt+0x940/0x940 [ 424.216615] sock_sendmsg+0xd5/0x120 [ 424.220351] ___sys_sendmsg+0x51d/0x930 [ 424.224330] ? graph_lock+0x270/0x270 [ 424.228160] ? copy_msghdr_from_user+0x580/0x580 [ 424.232930] ? get_pid_task+0xd6/0x1a0 [ 424.236814] ? find_held_lock+0x36/0x1c0 [ 424.240881] ? __might_fault+0x12b/0x1e0 [ 424.244952] ? lock_downgrade+0x900/0x900 [ 424.249109] ? perf_trace_sched_process_exec+0x860/0x860 [ 424.254591] __sys_sendmmsg+0x246/0x6d0 [ 424.258594] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 424.262952] ? __lock_is_held+0xb5/0x140 [ 424.267034] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.272568] ? check_preemption_disabled+0x48/0x280 [ 424.277594] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 424.283153] ? fput+0x130/0x1a0 [ 424.286432] ? do_syscall_64+0x9a/0x820 [ 424.290398] ? do_syscall_64+0x9a/0x820 [ 424.294413] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 424.298992] ? trace_hardirqs_on+0xbd/0x310 [ 424.303309] ? __ia32_sys_read+0xb0/0xb0 [ 424.307384] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 424.312743] ? trace_hardirqs_off_caller+0x300/0x300 [ 424.317844] __x64_sys_sendmmsg+0x9d/0x100 [ 424.322077] do_syscall_64+0x1b9/0x820 [ 424.325974] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 424.331361] ? syscall_return_slowpath+0x5e0/0x5e0 [ 424.336299] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.341144] ? trace_hardirqs_on_caller+0x310/0x310 [ 424.346169] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 424.351193] ? prepare_exit_to_usermode+0x291/0x3b0 [ 424.356208] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.361060] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 424.366245] RIP: 0033:0x457569 [ 424.369445] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:04:09 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 424.388341] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 424.396080] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 424.403348] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 424.410623] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 424.417904] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 424.425172] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:09 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='trusted.overlay.origin\x00', &(0x7f0000000140)='y\x00', 0x2, 0x3) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:09 executing program 3 (fault-call:5 fault-nth:37): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:10 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x86ddffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 424.587422] FAT-fs (loop4): bogus number of reserved sectors [ 424.600666] FAULT_INJECTION: forcing a failure. [ 424.600666] name failslab, interval 1, probability 0, space 0, times 0 [ 424.602445] FAT-fs (loop4): Can't find a valid FAT filesystem [ 424.666280] CPU: 0 PID: 20553 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 424.674875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 424.684238] Call Trace: [ 424.686833] dump_stack+0x244/0x39d [ 424.690501] ? dump_stack_print_info.cold.1+0x20/0x20 [ 424.695731] should_fail.cold.4+0xa/0x17 [ 424.699792] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 424.704894] ? __save_stack_trace+0x8d/0xf0 [ 424.709229] ? save_stack+0xa9/0xd0 [ 424.712870] ? save_stack+0x43/0xd0 [ 424.716497] ? find_held_lock+0x36/0x1c0 [ 424.720566] ? perf_trace_sched_process_exec+0x860/0x860 [ 424.726029] ? check_preemption_disabled+0x48/0x280 [ 424.726063] __should_failslab+0x124/0x180 [ 424.726081] should_failslab+0x9/0x14 [ 424.726110] kmem_cache_alloc_node_trace+0x270/0x740 [ 424.726144] __kmalloc_node_track_caller+0x3c/0x70 [ 424.726162] __kmalloc_reserve.isra.38+0x41/0xe0 [ 424.726179] __alloc_skb+0x150/0x770 [ 424.726195] ? netdev_alloc_frag+0x1f0/0x1f0 [ 424.757652] ? perf_trace_sched_process_exec+0x860/0x860 [ 424.757667] ? lock_downgrade+0x900/0x900 [ 424.757692] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.757709] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 424.757731] sock_wmalloc+0x16d/0x1f0 [ 424.757746] ? skb_set_owner_w+0x360/0x360 [ 424.757773] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 424.757786] ? _copy_from_user+0xdf/0x150 [ 424.757818] pppol2tp_sendmsg+0x23d/0x6c0 [ 424.804518] ? apparmor_socket_sendmsg+0x29/0x30 [ 424.809270] ? pppol2tp_getsockopt+0x940/0x940 [ 424.813853] sock_sendmsg+0xd5/0x120 [ 424.817586] ___sys_sendmsg+0x51d/0x930 [ 424.821554] ? graph_lock+0x270/0x270 [ 424.825352] ? copy_msghdr_from_user+0x580/0x580 [ 424.830144] ? get_pid_task+0xd6/0x1a0 [ 424.834037] ? find_held_lock+0x36/0x1c0 [ 424.838132] ? __might_fault+0x12b/0x1e0 [ 424.842197] ? lock_downgrade+0x900/0x900 [ 424.846348] ? perf_trace_sched_process_exec+0x860/0x860 [ 424.851832] __sys_sendmmsg+0x246/0x6d0 [ 424.855840] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 424.860157] ? __lock_is_held+0xb5/0x140 [ 424.864212] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.869767] ? check_preemption_disabled+0x48/0x280 [ 424.874807] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 424.880374] ? fput+0x130/0x1a0 [ 424.883702] ? do_syscall_64+0x9a/0x820 [ 424.887667] ? do_syscall_64+0x9a/0x820 [ 424.891650] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 424.896240] ? trace_hardirqs_on+0xbd/0x310 [ 424.900606] ? __ia32_sys_read+0xb0/0xb0 [ 424.904701] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 424.910063] ? trace_hardirqs_off_caller+0x300/0x300 [ 424.915172] __x64_sys_sendmmsg+0x9d/0x100 [ 424.919409] do_syscall_64+0x1b9/0x820 [ 424.923293] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 424.928667] ? syscall_return_slowpath+0x5e0/0x5e0 [ 424.933587] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.938428] ? trace_hardirqs_on_caller+0x310/0x310 [ 424.943472] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 424.948482] ? prepare_exit_to_usermode+0x291/0x3b0 [ 424.953492] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.958339] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 424.963535] RIP: 0033:0x457569 [ 424.966719] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 424.985613] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 424.993321] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 425.000585] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 425.007859] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 425.015118] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 425.022389] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:10 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x5, 0x20000, 0x3) io_setup(0x10000000001, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) mmap(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x200000f, 0x5010, r0, 0x15) 10:04:10 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x80350000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 425.079944] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:10 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:10 executing program 3 (fault-call:5 fault-nth:38): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:10 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 425.213870] FAULT_INJECTION: forcing a failure. [ 425.213870] name failslab, interval 1, probability 0, space 0, times 0 [ 425.225198] CPU: 0 PID: 20573 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 425.233796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 425.233803] Call Trace: [ 425.233843] dump_stack+0x244/0x39d [ 425.233868] ? dump_stack_print_info.cold.1+0x20/0x20 [ 425.254604] ? is_bpf_text_address+0xac/0x170 [ 425.259118] should_fail.cold.4+0xa/0x17 [ 425.263200] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 425.268314] ? rcu_read_unlock_special+0x370/0x370 [ 425.273250] ? rcu_softirq_qs+0x20/0x20 [ 425.277230] ? unwind_dump+0x190/0x190 [ 425.281150] ? kernel_text_address+0x79/0xf0 [ 425.285573] ? __lock_acquire+0x62f/0x4c20 [ 425.289821] ? __save_stack_trace+0x8d/0xf0 [ 425.294187] ? mark_held_locks+0x130/0x130 [ 425.298435] ? save_stack+0x43/0xd0 [ 425.302075] ? __kmalloc_node_track_caller+0x50/0x70 [ 425.307187] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 425.312145] ? __alloc_skb+0x150/0x770 [ 425.316060] ? sock_wmalloc+0x16d/0x1f0 [ 425.320039] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 425.324364] ? sock_sendmsg+0xd5/0x120 [ 425.328268] ? ___sys_sendmsg+0x51d/0x930 [ 425.332424] ? __sys_sendmmsg+0x246/0x6d0 [ 425.332437] ? __x64_sys_sendmmsg+0x9d/0x100 [ 425.332452] ? do_syscall_64+0x1b9/0x820 [ 425.332468] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 425.332489] __should_failslab+0x124/0x180 [ 425.354687] should_failslab+0x9/0x14 [ 425.354706] kmem_cache_alloc_node_trace+0x5a/0x740 [ 425.354729] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 425.354754] __kmalloc_node_track_caller+0x3c/0x70 [ 425.354773] __kmalloc_reserve.isra.38+0x41/0xe0 [ 425.378778] pskb_expand_head+0x230/0x10f0 [ 425.383019] ? kasan_kmalloc+0xc7/0xe0 [ 425.386918] ? skb_release_data+0x880/0x880 [ 425.391246] ? __might_fault+0x12b/0x1e0 [ 425.395309] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 425.400850] ? iov_iter_advance+0x306/0x13f0 [ 425.405278] ? lock_release+0xa10/0xa10 [ 425.409259] ? perf_trace_sched_process_exec+0x860/0x860 [ 425.414775] ? once_deferred+0xa0/0xa0 [ 425.418675] ? perf_trace_sched_process_exec+0x860/0x860 [ 425.424150] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 425.429006] l2tp_xmit_skb+0x106b/0x1670 [ 425.433084] ? l2tp_recv_common+0x1d40/0x1d40 [ 425.437620] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 425.443177] ? _copy_from_user+0xdf/0x150 [ 425.447333] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 425.451665] pppol2tp_sendmsg+0x4b1/0x6c0 [ 425.455821] ? apparmor_socket_sendmsg+0x29/0x30 [ 425.460592] ? pppol2tp_getsockopt+0x940/0x940 [ 425.465181] sock_sendmsg+0xd5/0x120 [ 425.468906] ___sys_sendmsg+0x51d/0x930 [ 425.472902] ? graph_lock+0x270/0x270 [ 425.476708] ? copy_msghdr_from_user+0x580/0x580 [ 425.481475] ? get_pid_task+0xd6/0x1a0 [ 425.485374] ? find_held_lock+0x36/0x1c0 [ 425.489453] ? __might_fault+0x12b/0x1e0 [ 425.493514] ? lock_downgrade+0x900/0x900 [ 425.497674] ? perf_trace_sched_process_exec+0x860/0x860 [ 425.503164] __sys_sendmmsg+0x246/0x6d0 [ 425.507157] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 425.511495] ? __lock_is_held+0xb5/0x140 [ 425.515795] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.521336] ? check_preemption_disabled+0x48/0x280 [ 425.526473] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 425.532048] ? fput+0x130/0x1a0 [ 425.535334] ? do_syscall_64+0x9a/0x820 [ 425.539316] ? do_syscall_64+0x9a/0x820 [ 425.543311] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 425.547939] ? trace_hardirqs_on+0xbd/0x310 [ 425.552264] ? __ia32_sys_read+0xb0/0xb0 [ 425.556329] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 425.561691] ? trace_hardirqs_off_caller+0x300/0x300 [ 425.566811] __x64_sys_sendmmsg+0x9d/0x100 [ 425.571051] do_syscall_64+0x1b9/0x820 [ 425.574977] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 425.580372] ? syscall_return_slowpath+0x5e0/0x5e0 [ 425.585348] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 425.590196] ? trace_hardirqs_on_caller+0x310/0x310 [ 425.595215] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 425.600251] ? prepare_exit_to_usermode+0x291/0x3b0 [ 425.605289] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 425.610163] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 425.615353] RIP: 0033:0x457569 [ 425.618564] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 425.637492] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 425.645218] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 425.652482] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 425.659745] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 425.667554] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 425.674819] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:11 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000300900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:11 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x6488], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:11 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x7, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:11 executing program 3 (fault-call:5 fault-nth:39): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:11 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x3a], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 425.760225] FAT-fs (loop4): bogus number of reserved sectors [ 425.767767] minix_free_inode: bit 1 already cleared [ 425.780633] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:11 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x7, 0x773632599e982349) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 425.911580] FAULT_INJECTION: forcing a failure. [ 425.911580] name failslab, interval 1, probability 0, space 0, times 0 [ 425.924023] CPU: 1 PID: 20588 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 425.932602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 425.941943] Call Trace: [ 425.944537] dump_stack+0x244/0x39d [ 425.948170] ? dump_stack_print_info.cold.1+0x20/0x20 [ 425.953360] ? __x64_sys_sendmmsg+0x9d/0x100 [ 425.957781] ? do_syscall_64+0x1b9/0x820 [ 425.961882] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 425.967243] ? kasan_check_read+0x11/0x20 [ 425.971396] should_fail.cold.4+0xa/0x17 [ 425.975472] ? trace_hardirqs_on+0xbd/0x310 [ 425.979802] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 425.984910] ? __lock_acquire+0x62f/0x4c20 [ 425.989150] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.994705] ? mark_held_locks+0x130/0x130 [ 425.998956] ? find_held_lock+0x36/0x1c0 [ 426.003049] ? perf_trace_sched_process_exec+0x860/0x860 [ 426.008503] ? graph_lock+0x270/0x270 [ 426.012306] ? kfree_skb+0x1c3/0x580 [ 426.016019] ? __kfree_skb+0x20/0x20 [ 426.019733] __should_failslab+0x124/0x180 [ 426.023969] should_failslab+0x9/0x14 [ 426.027764] kmem_cache_alloc_node+0x26e/0x730 [ 426.032357] ? find_held_lock+0x36/0x1c0 [ 426.036420] __alloc_skb+0x114/0x770 [ 426.040158] ? netdev_alloc_frag+0x1f0/0x1f0 [ 426.044573] ? perf_trace_sched_process_exec+0x860/0x860 [ 426.050023] ? lock_downgrade+0x900/0x900 [ 426.054177] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.059710] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 426.065177] sock_wmalloc+0x16d/0x1f0 [ 426.068972] ? skb_set_owner_w+0x360/0x360 [ 426.073200] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 426.078762] ? _copy_from_user+0xdf/0x150 [ 426.082918] pppol2tp_sendmsg+0x23d/0x6c0 [ 426.087083] ? apparmor_socket_sendmsg+0x29/0x30 [ 426.091837] ? pppol2tp_getsockopt+0x940/0x940 [ 426.096419] sock_sendmsg+0xd5/0x120 [ 426.100142] ___sys_sendmsg+0x51d/0x930 [ 426.104147] ? graph_lock+0x270/0x270 [ 426.107961] ? copy_msghdr_from_user+0x580/0x580 [ 426.112721] ? get_pid_task+0xd6/0x1a0 [ 426.116668] ? find_held_lock+0x36/0x1c0 [ 426.120730] ? __might_fault+0x12b/0x1e0 [ 426.124799] ? lock_downgrade+0x900/0x900 [ 426.128954] ? perf_trace_sched_process_exec+0x860/0x860 [ 426.134403] __sys_sendmmsg+0x246/0x6d0 [ 426.138386] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 426.142707] ? __lock_is_held+0xb5/0x140 [ 426.146772] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.152315] ? check_preemption_disabled+0x48/0x280 [ 426.157366] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 426.162906] ? fput+0x130/0x1a0 [ 426.166181] ? do_syscall_64+0x9a/0x820 [ 426.170155] ? do_syscall_64+0x9a/0x820 [ 426.174127] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 426.178741] ? trace_hardirqs_on+0xbd/0x310 [ 426.183055] ? __ia32_sys_read+0xb0/0xb0 [ 426.187114] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.192496] ? trace_hardirqs_off_caller+0x300/0x300 [ 426.197601] __x64_sys_sendmmsg+0x9d/0x100 [ 426.201837] do_syscall_64+0x1b9/0x820 [ 426.205760] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 426.211172] ? syscall_return_slowpath+0x5e0/0x5e0 [ 426.216094] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.220932] ? trace_hardirqs_on_caller+0x310/0x310 [ 426.225960] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 426.230972] ? prepare_exit_to_usermode+0x291/0x3b0 [ 426.235990] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.240867] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.246054] RIP: 0033:0x457569 [ 426.249240] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 426.268130] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 426.275839] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 426.283118] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 426.290390] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 426.297655] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 426.304927] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:11 executing program 3 (fault-call:5 fault-nth:40): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 426.359355] FAT-fs (loop4): bogus number of reserved sectors [ 426.368733] FAT-fs (loop4): Can't find a valid FAT filesystem [ 426.398654] FAULT_INJECTION: forcing a failure. 10:04:11 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8848000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 426.398654] name failslab, interval 1, probability 0, space 0, times 0 [ 426.419601] CPU: 1 PID: 20601 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 426.428196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 426.428203] Call Trace: [ 426.428222] dump_stack+0x244/0x39d [ 426.428243] ? dump_stack_print_info.cold.1+0x20/0x20 [ 426.428263] should_fail.cold.4+0xa/0x17 [ 426.453020] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 426.458123] ? __save_stack_trace+0x8d/0xf0 [ 426.458932] MINIX-fs: file system does not have enough zmap blocks allocated. Refusing to mount. [ 426.462476] ? save_stack+0xa9/0xd0 [ 426.462490] ? save_stack+0x43/0xd0 [ 426.462507] ? find_held_lock+0x36/0x1c0 [ 426.462595] ? zap_completion_queue+0x1e8/0x580 [ 426.487263] MINIX-fs: bad superblock or unable to read bitmaps [ 426.487439] ? zap_completion_queue+0x1e8/0x580 [ 426.498032] ? perf_trace_sched_process_exec+0x860/0x860 [ 426.503496] ? check_preemption_disabled+0x48/0x280 [ 426.508517] __should_failslab+0x124/0x180 [ 426.512752] should_failslab+0x9/0x14 [ 426.516580] kmem_cache_alloc_node_trace+0x270/0x740 [ 426.521695] __kmalloc_node_track_caller+0x3c/0x70 [ 426.526640] __kmalloc_reserve.isra.38+0x41/0xe0 [ 426.531410] __alloc_skb+0x150/0x770 [ 426.535128] ? netdev_alloc_frag+0x1f0/0x1f0 [ 426.539578] ? perf_trace_sched_process_exec+0x860/0x860 [ 426.545039] ? lock_downgrade+0x900/0x900 [ 426.549206] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.554739] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 426.560194] sock_wmalloc+0x16d/0x1f0 [ 426.564005] ? skb_set_owner_w+0x360/0x360 [ 426.568251] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 426.573798] ? _copy_from_user+0xdf/0x150 [ 426.577969] pppol2tp_sendmsg+0x23d/0x6c0 [ 426.582151] ? apparmor_socket_sendmsg+0x29/0x30 [ 426.586955] ? pppol2tp_getsockopt+0x940/0x940 [ 426.591546] sock_sendmsg+0xd5/0x120 [ 426.595266] ___sys_sendmsg+0x51d/0x930 [ 426.599240] ? graph_lock+0x270/0x270 [ 426.603053] ? copy_msghdr_from_user+0x580/0x580 [ 426.607831] ? get_pid_task+0xd6/0x1a0 [ 426.611739] ? find_held_lock+0x36/0x1c0 [ 426.615810] ? __might_fault+0x12b/0x1e0 [ 426.619874] ? lock_downgrade+0x900/0x900 [ 426.624040] ? perf_trace_sched_process_exec+0x860/0x860 [ 426.629500] __sys_sendmmsg+0x246/0x6d0 [ 426.633514] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 426.637841] ? __lock_is_held+0xb5/0x140 [ 426.641918] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 426.647988] ? check_preemption_disabled+0x48/0x280 [ 426.653048] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 426.658588] ? fput+0x130/0x1a0 [ 426.661889] ? do_syscall_64+0x9a/0x820 [ 426.665908] ? do_syscall_64+0x9a/0x820 [ 426.669889] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 426.674512] ? trace_hardirqs_on+0xbd/0x310 [ 426.678835] ? __ia32_sys_read+0xb0/0xb0 [ 426.682919] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.688297] ? trace_hardirqs_off_caller+0x300/0x300 [ 426.693410] __x64_sys_sendmmsg+0x9d/0x100 [ 426.697655] do_syscall_64+0x1b9/0x820 [ 426.701548] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 426.706939] ? syscall_return_slowpath+0x5e0/0x5e0 [ 426.711873] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.716736] ? trace_hardirqs_on_caller+0x310/0x310 [ 426.721758] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 426.726783] ? prepare_exit_to_usermode+0x291/0x3b0 [ 426.731818] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.736678] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 426.741871] RIP: 0033:0x457569 10:04:12 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 426.745086] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 426.763995] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 426.771736] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 426.779025] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 426.786301] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 426.793577] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 426.800878] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:12 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:12 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) recvfrom(r0, &(0x7f0000000500)=""/44, 0x2c, 0x40000041, 0x0, 0x0) r1 = socket(0x18, 0x0, 0x1) r2 = syz_open_dev$dspn(&(0x7f0000000480)='/dev/dsp#\x00', 0x4, 0x1) write$P9_RLERRORu(r2, &(0x7f0000000580)=ANY=[@ANYBLOB="190000000701000c002f6465762f616d696469230005000000076538ac71b9141e3a5bd9f83e887f7911f23f5ea41f10115ad1355a7e93fd7d0e29c6cde82e5f7411077b8cab2ba547ecf7d3cb820bfa895a69ddb19851d77011b87b7071888a643fcefe140000010000000000e398fc4ced072c048a2ba53fe378d2d1bce00ef6"], 0x19) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) r4 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0xfffffffffffffffc, 0x42000) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000100)={0x0}) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e23, 0x6, @mcast2, 0x2}}, 0xd13f, 0xc, 0x20, "40538c4b38d3d8e0566a188b5620cef427adb5506508ad98a0c7ca56beec985ba6e1944edbc72115ea35d02d17781a612a86f65cfe1faa2bde169b4f8fee12da8f38a628bf84b9bb774831e6b24cfd7b"}, 0xd8) ioctl$DRM_IOCTL_DMA(r4, 0xc0406429, &(0x7f0000000280)={r5, 0x4, &(0x7f0000000140)=[0x1, 0x8000, 0x5fb, 0x25317126], &(0x7f00000001c0)=[0xfffffffffffffffd], 0x1, 0x3, 0x0, &(0x7f0000000200)=[0x6, 0x2, 0x10001], &(0x7f0000000240)=[0x0, 0xfffffffffffff3d8, 0x7, 0x8001, 0x10000, 0x6]}) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) fsetxattr$trusted_overlay_upper(r4, &(0x7f00000002c0)='trusted.overlay.upper\x00', &(0x7f0000000300)={0x0, 0xfb, 0x71, 0x6, 0x0, "c27d6a2e235390aec9a1d768137545b2", "14a1e304e3b2877aaeac2f3edc8219ad4e1d29212e0ad4c2df3b21313df7ad3c945c70bcdca57df123626ef1b5e1eea89f2c50456baa0b42faf50b9288eada6315c86cd2f4c3518c9c1780c650dc38a810bb3bb6b26354a81573217a"}, 0x71, 0x3) 10:04:12 executing program 3 (fault-call:5 fault-nth:41): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:12 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000700900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x3000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:12 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xf0ffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 427.009724] FAT-fs (loop5): bogus number of reserved sectors [ 427.019285] FAULT_INJECTION: forcing a failure. [ 427.019285] name failslab, interval 1, probability 0, space 0, times 0 [ 427.021583] FAT-fs (loop5): Can't find a valid FAT filesystem [ 427.030548] CPU: 1 PID: 20610 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 427.030559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.030565] Call Trace: [ 427.030587] dump_stack+0x244/0x39d [ 427.030609] ? dump_stack_print_info.cold.1+0x20/0x20 [ 427.030631] ? is_bpf_text_address+0xac/0x170 [ 427.030655] should_fail.cold.4+0xa/0x17 [ 427.074366] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 427.079475] ? rcu_read_unlock_special+0x370/0x370 [ 427.084434] ? rcu_softirq_qs+0x20/0x20 [ 427.088437] ? unwind_dump+0x190/0x190 [ 427.092341] ? kernel_text_address+0x79/0xf0 [ 427.096764] ? __lock_acquire+0x62f/0x4c20 [ 427.101003] ? __save_stack_trace+0x8d/0xf0 [ 427.105338] ? mark_held_locks+0x130/0x130 [ 427.109581] ? save_stack+0x43/0xd0 [ 427.113215] ? __kmalloc_node_track_caller+0x50/0x70 [ 427.118324] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 427.123254] ? __alloc_skb+0x150/0x770 [ 427.127158] ? sock_wmalloc+0x16d/0x1f0 [ 427.131147] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 427.135473] ? sock_sendmsg+0xd5/0x120 [ 427.139365] ? ___sys_sendmsg+0x51d/0x930 [ 427.143517] ? __sys_sendmmsg+0x246/0x6d0 [ 427.147670] ? __x64_sys_sendmmsg+0x9d/0x100 [ 427.152082] ? do_syscall_64+0x1b9/0x820 [ 427.156165] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 427.161539] __should_failslab+0x124/0x180 [ 427.165786] should_failslab+0x9/0x14 [ 427.169611] kmem_cache_alloc_node_trace+0x5a/0x740 [ 427.174644] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 427.180195] __kmalloc_node_track_caller+0x3c/0x70 [ 427.185163] __kmalloc_reserve.isra.38+0x41/0xe0 [ 427.189939] pskb_expand_head+0x230/0x10f0 [ 427.194183] ? kasan_kmalloc+0xc7/0xe0 [ 427.198090] ? skb_release_data+0x880/0x880 [ 427.202421] ? __might_fault+0x12b/0x1e0 [ 427.206491] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 427.212063] ? iov_iter_advance+0x306/0x13f0 [ 427.216478] ? lock_release+0xa10/0xa10 [ 427.220456] ? perf_trace_sched_process_exec+0x860/0x860 [ 427.225916] ? once_deferred+0xa0/0xa0 [ 427.229839] ? perf_trace_sched_process_exec+0x860/0x860 [ 427.235308] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 427.240169] l2tp_xmit_skb+0x106b/0x1670 [ 427.244240] ? l2tp_recv_common+0x1d40/0x1d40 [ 427.248737] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 427.254279] ? _copy_from_user+0xdf/0x150 [ 427.258433] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 427.262787] pppol2tp_sendmsg+0x4b1/0x6c0 [ 427.266940] ? apparmor_socket_sendmsg+0x29/0x30 [ 427.271706] ? pppol2tp_getsockopt+0x940/0x940 [ 427.276296] sock_sendmsg+0xd5/0x120 [ 427.280015] ___sys_sendmsg+0x51d/0x930 [ 427.284012] ? graph_lock+0x270/0x270 [ 427.287819] ? copy_msghdr_from_user+0x580/0x580 [ 427.292583] ? get_pid_task+0xd6/0x1a0 [ 427.296496] ? find_held_lock+0x36/0x1c0 [ 427.300583] ? __might_fault+0x12b/0x1e0 [ 427.304651] ? lock_downgrade+0x900/0x900 [ 427.308840] ? perf_trace_sched_process_exec+0x860/0x860 [ 427.314313] __sys_sendmmsg+0x246/0x6d0 [ 427.318307] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 427.322635] ? __lock_is_held+0xb5/0x140 [ 427.326725] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 427.332301] ? check_preemption_disabled+0x48/0x280 [ 427.337332] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 427.342874] ? fput+0x130/0x1a0 [ 427.346163] ? do_syscall_64+0x9a/0x820 [ 427.350134] ? do_syscall_64+0x9a/0x820 [ 427.354134] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 427.358726] ? trace_hardirqs_on+0xbd/0x310 [ 427.363047] ? __ia32_sys_read+0xb0/0xb0 [ 427.367175] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 427.372546] ? trace_hardirqs_off_caller+0x300/0x300 [ 427.377670] __x64_sys_sendmmsg+0x9d/0x100 [ 427.381937] do_syscall_64+0x1b9/0x820 [ 427.385823] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 427.391219] ? syscall_return_slowpath+0x5e0/0x5e0 [ 427.396157] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.401015] ? trace_hardirqs_on_caller+0x310/0x310 [ 427.406033] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 427.411052] ? prepare_exit_to_usermode+0x291/0x3b0 [ 427.416119] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.420993] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 427.426206] RIP: 0033:0x457569 [ 427.429399] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 427.448311] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 10:04:12 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r3, 0xc0045520, &(0x7f0000000100)=0x8) [ 427.456021] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 427.463296] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 427.470561] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 427.477825] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 427.485102] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:12 executing program 3 (fault-call:5 fault-nth:42): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 427.586483] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:13 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002042800900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 427.638279] FAULT_INJECTION: forcing a failure. [ 427.638279] name failslab, interval 1, probability 0, space 0, times 0 [ 427.651086] FAT-fs (loop5): bogus number of reserved sectors [ 427.659566] FAT-fs (loop5): Can't find a valid FAT filesystem [ 427.668046] CPU: 0 PID: 20627 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 427.676625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.685969] Call Trace: [ 427.688553] dump_stack+0x244/0x39d [ 427.692164] ? dump_stack_print_info.cold.1+0x20/0x20 [ 427.697338] ? __x64_sys_sendmmsg+0x9d/0x100 [ 427.697351] ? do_syscall_64+0x1b9/0x820 [ 427.697366] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 427.697381] ? kasan_check_read+0x11/0x20 [ 427.697406] should_fail.cold.4+0xa/0x17 [ 427.697421] ? trace_hardirqs_on+0xbd/0x310 [ 427.705891] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 427.705905] ? __lock_acquire+0x62f/0x4c20 [ 427.705921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 427.705946] ? mark_held_locks+0x130/0x130 [ 427.705963] ? find_held_lock+0x36/0x1c0 [ 427.705995] ? perf_trace_sched_process_exec+0x860/0x860 [ 427.706007] ? graph_lock+0x270/0x270 [ 427.706024] ? kfree_skb+0x1c3/0x580 [ 427.759934] ? __kfree_skb+0x20/0x20 [ 427.763672] __should_failslab+0x124/0x180 [ 427.767942] should_failslab+0x9/0x14 [ 427.771740] kmem_cache_alloc_node+0x26e/0x730 [ 427.776316] ? find_held_lock+0x36/0x1c0 [ 427.780379] __alloc_skb+0x114/0x770 [ 427.784111] ? netdev_alloc_frag+0x1f0/0x1f0 [ 427.788598] ? perf_trace_sched_process_exec+0x860/0x860 [ 427.794044] ? lock_downgrade+0x900/0x900 [ 427.798198] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 427.803756] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 427.809220] sock_wmalloc+0x16d/0x1f0 [ 427.813036] ? skb_set_owner_w+0x360/0x360 [ 427.817273] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 427.822827] ? _copy_from_user+0xdf/0x150 [ 427.826978] pppol2tp_sendmsg+0x23d/0x6c0 [ 427.831130] ? apparmor_socket_sendmsg+0x29/0x30 [ 427.835892] ? pppol2tp_getsockopt+0x940/0x940 [ 427.840469] sock_sendmsg+0xd5/0x120 [ 427.844181] ___sys_sendmsg+0x51d/0x930 [ 427.848186] ? graph_lock+0x270/0x270 [ 427.852011] ? copy_msghdr_from_user+0x580/0x580 [ 427.856795] ? get_pid_task+0xd6/0x1a0 [ 427.860716] ? find_held_lock+0x36/0x1c0 [ 427.864783] ? __might_fault+0x12b/0x1e0 [ 427.868859] ? lock_downgrade+0x900/0x900 [ 427.873017] ? perf_trace_sched_process_exec+0x860/0x860 [ 427.878471] __sys_sendmmsg+0x246/0x6d0 [ 427.882477] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 427.886852] ? __lock_is_held+0xb5/0x140 [ 427.890967] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 427.896517] ? check_preemption_disabled+0x48/0x280 [ 427.901555] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 427.907120] ? fput+0x130/0x1a0 [ 427.910448] ? do_syscall_64+0x9a/0x820 [ 427.914449] ? do_syscall_64+0x9a/0x820 [ 427.918424] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 427.923009] ? trace_hardirqs_on+0xbd/0x310 [ 427.927331] ? __ia32_sys_read+0xb0/0xb0 [ 427.931457] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 427.936837] ? trace_hardirqs_off_caller+0x300/0x300 [ 427.941942] __x64_sys_sendmmsg+0x9d/0x100 [ 427.946191] do_syscall_64+0x1b9/0x820 [ 427.950073] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 427.955435] ? syscall_return_slowpath+0x5e0/0x5e0 [ 427.960364] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.965207] ? trace_hardirqs_on_caller+0x310/0x310 [ 427.970239] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 427.975290] ? prepare_exit_to_usermode+0x291/0x3b0 [ 427.980326] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.985186] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 427.990405] RIP: 0033:0x457569 [ 427.993611] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 428.012508] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 428.020210] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 428.027512] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:04:13 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x28], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:13 executing program 3 (fault-call:5 fault-nth:43): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 428.034780] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 428.042047] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 428.049307] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 428.085786] minix_free_inode: bit 1 already cleared 10:04:13 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:13 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f00000001c0)={{0xa, 0x4e24, 0x10000, @mcast1, 0x4}, {0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, [], 0x1e}, 0x8bbc}, 0x1, [0xfff, 0x1, 0x2, 0x80000000, 0x81, 0x6, 0x1, 0x4]}, 0x5c) r3 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x1, 0x2) ioctl$BLKIOOPT(r3, 0x1279, &(0x7f0000000100)) io_submit(r2, 0xfffffffffffffe36, 0x0) io_submit(r2, 0x0, &(0x7f0000000000)) 10:04:13 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 428.179067] FAULT_INJECTION: forcing a failure. [ 428.179067] name failslab, interval 1, probability 0, space 0, times 0 [ 428.222869] CPU: 0 PID: 20636 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 428.231458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 428.240803] Call Trace: [ 428.240821] dump_stack+0x244/0x39d [ 428.240837] ? dump_stack_print_info.cold.1+0x20/0x20 [ 428.240859] should_fail.cold.4+0xa/0x17 [ 428.240874] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 428.240890] ? __save_stack_trace+0x8d/0xf0 [ 428.247099] ? save_stack+0xa9/0xd0 [ 428.247113] ? save_stack+0x43/0xd0 [ 428.247130] ? find_held_lock+0x36/0x1c0 [ 428.247215] ? integrity_commit+0xb58/0x1070 [ 428.247236] ? integrity_commit+0xb58/0x1070 [ 428.285993] ? perf_trace_sched_process_exec+0x860/0x860 [ 428.291455] ? check_preemption_disabled+0x48/0x280 [ 428.296480] __should_failslab+0x124/0x180 [ 428.300729] should_failslab+0x9/0x14 [ 428.304550] kmem_cache_alloc_node_trace+0x270/0x740 [ 428.309687] __kmalloc_node_track_caller+0x3c/0x70 [ 428.314620] __kmalloc_reserve.isra.38+0x41/0xe0 [ 428.319381] __alloc_skb+0x150/0x770 [ 428.323106] ? netdev_alloc_frag+0x1f0/0x1f0 [ 428.327531] ? perf_trace_sched_process_exec+0x860/0x860 [ 428.332987] ? lock_downgrade+0x900/0x900 [ 428.337164] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 428.342705] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 428.348167] sock_wmalloc+0x16d/0x1f0 [ 428.351974] ? skb_set_owner_w+0x360/0x360 [ 428.356268] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 428.361819] ? _copy_from_user+0xdf/0x150 [ 428.366043] pppol2tp_sendmsg+0x23d/0x6c0 [ 428.370213] ? apparmor_socket_sendmsg+0x29/0x30 [ 428.374987] ? pppol2tp_getsockopt+0x940/0x940 [ 428.379572] sock_sendmsg+0xd5/0x120 [ 428.383286] ___sys_sendmsg+0x51d/0x930 [ 428.387261] ? graph_lock+0x270/0x270 [ 428.391104] ? copy_msghdr_from_user+0x580/0x580 [ 428.395895] ? get_pid_task+0xd6/0x1a0 [ 428.399781] ? find_held_lock+0x36/0x1c0 [ 428.403844] ? __might_fault+0x12b/0x1e0 [ 428.407923] ? lock_downgrade+0x900/0x900 [ 428.412083] ? perf_trace_sched_process_exec+0x860/0x860 [ 428.417561] __sys_sendmmsg+0x246/0x6d0 [ 428.421570] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 428.425904] ? __lock_is_held+0xb5/0x140 [ 428.429987] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 428.435539] ? check_preemption_disabled+0x48/0x280 [ 428.440563] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 428.446104] ? fput+0x130/0x1a0 [ 428.449381] ? do_syscall_64+0x9a/0x820 [ 428.453380] ? do_syscall_64+0x9a/0x820 [ 428.457363] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 428.461950] ? trace_hardirqs_on+0xbd/0x310 [ 428.466286] ? __ia32_sys_read+0xb0/0xb0 [ 428.470355] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 428.475719] ? trace_hardirqs_off_caller+0x300/0x300 [ 428.480828] __x64_sys_sendmmsg+0x9d/0x100 [ 428.485064] do_syscall_64+0x1b9/0x820 [ 428.488955] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 428.494336] ? syscall_return_slowpath+0x5e0/0x5e0 [ 428.499292] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 428.504143] ? trace_hardirqs_on_caller+0x310/0x310 [ 428.509171] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 428.514206] ? prepare_exit_to_usermode+0x291/0x3b0 [ 428.519226] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 428.524085] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 428.529271] RIP: 0033:0x457569 [ 428.532486] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 428.551412] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 428.559128] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 428.566429] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:04:13 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x4305000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:14 executing program 3 (fault-call:5 fault-nth:44): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 428.573700] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 428.580988] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 428.588259] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:14 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0xfffffffffffffe96, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) socketpair$inet(0x2, 0x6, 0x4, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000100)={0x0, 0x2, 0x9, 0xeaa8, 0x1000, 0x101}, &(0x7f0000000140)=0x14) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r3, 0x84, 0x78, &(0x7f00000001c0)=r4, 0x90) [ 428.661804] FAT-fs (loop4): bogus number of reserved sectors [ 428.675711] FAT-fs (loop4): Can't find a valid FAT filesystem [ 428.689011] FAULT_INJECTION: forcing a failure. [ 428.689011] name failslab, interval 1, probability 0, space 0, times 0 [ 428.699753] FAT-fs (loop5): bogus number of reserved sectors [ 428.700288] CPU: 1 PID: 20654 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 428.714587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 428.723942] Call Trace: [ 428.726537] dump_stack+0x244/0x39d [ 428.726557] ? dump_stack_print_info.cold.1+0x20/0x20 [ 428.726577] ? is_bpf_text_address+0xac/0x170 [ 428.726598] should_fail.cold.4+0xa/0x17 [ 428.739331] FAT-fs (loop5): Can't find a valid FAT filesystem [ 428.739965] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 428.754987] ? rcu_read_unlock_special+0x370/0x370 [ 428.759934] ? rcu_softirq_qs+0x20/0x20 [ 428.763952] ? unwind_dump+0x190/0x190 [ 428.767870] ? kernel_text_address+0x79/0xf0 [ 428.772305] ? __lock_acquire+0x62f/0x4c20 [ 428.776584] ? __save_stack_trace+0x8d/0xf0 [ 428.780939] ? mark_held_locks+0x130/0x130 [ 428.785184] ? save_stack+0x43/0xd0 [ 428.788824] ? __kmalloc_node_track_caller+0x50/0x70 [ 428.793943] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 428.798908] ? __alloc_skb+0x150/0x770 [ 428.802857] ? sock_wmalloc+0x16d/0x1f0 [ 428.806846] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 428.811179] ? sock_sendmsg+0xd5/0x120 [ 428.815078] ? ___sys_sendmsg+0x51d/0x930 [ 428.819238] ? __sys_sendmmsg+0x246/0x6d0 [ 428.823396] ? __x64_sys_sendmmsg+0x9d/0x100 [ 428.827831] ? do_syscall_64+0x1b9/0x820 [ 428.831918] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 428.837305] __should_failslab+0x124/0x180 [ 428.841574] should_failslab+0x9/0x14 [ 428.845389] kmem_cache_alloc_node_trace+0x5a/0x740 [ 428.850421] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 428.855978] __kmalloc_node_track_caller+0x3c/0x70 [ 428.860941] __kmalloc_reserve.isra.38+0x41/0xe0 [ 428.865717] pskb_expand_head+0x230/0x10f0 [ 428.869965] ? kasan_kmalloc+0xc7/0xe0 [ 428.873888] ? skb_release_data+0x880/0x880 [ 428.878240] ? __might_fault+0x12b/0x1e0 [ 428.882330] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 428.887893] ? iov_iter_advance+0x306/0x13f0 [ 428.892322] ? lock_release+0xa10/0xa10 [ 428.896301] ? perf_trace_sched_process_exec+0x860/0x860 [ 428.901762] ? once_deferred+0xa0/0xa0 [ 428.905676] ? perf_trace_sched_process_exec+0x860/0x860 [ 428.911165] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 428.916026] l2tp_xmit_skb+0x106b/0x1670 [ 428.920131] ? l2tp_recv_common+0x1d40/0x1d40 [ 428.924666] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 428.930215] ? _copy_from_user+0xdf/0x150 [ 428.934381] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 428.938714] pppol2tp_sendmsg+0x4b1/0x6c0 [ 428.942880] ? apparmor_socket_sendmsg+0x29/0x30 [ 428.947668] ? pppol2tp_getsockopt+0x940/0x940 [ 428.952276] sock_sendmsg+0xd5/0x120 [ 428.956002] ___sys_sendmsg+0x51d/0x930 [ 428.959992] ? graph_lock+0x270/0x270 [ 428.963808] ? copy_msghdr_from_user+0x580/0x580 [ 428.968574] ? get_pid_task+0xd6/0x1a0 [ 428.972491] ? find_held_lock+0x36/0x1c0 [ 428.976571] ? __might_fault+0x12b/0x1e0 [ 428.980643] ? lock_downgrade+0x900/0x900 [ 428.984814] ? perf_trace_sched_process_exec+0x860/0x860 [ 428.990285] __sys_sendmmsg+0x246/0x6d0 [ 428.994279] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 428.998616] ? __lock_is_held+0xb5/0x140 [ 429.002692] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 429.008239] ? check_preemption_disabled+0x48/0x280 [ 429.013277] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 429.018825] ? fput+0x130/0x1a0 [ 429.022130] ? do_syscall_64+0x9a/0x820 [ 429.026121] ? do_syscall_64+0x9a/0x820 [ 429.030112] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 429.034761] ? trace_hardirqs_on+0xbd/0x310 [ 429.039102] ? __ia32_sys_read+0xb0/0xb0 [ 429.043198] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 429.048626] ? trace_hardirqs_off_caller+0x300/0x300 [ 429.053744] __x64_sys_sendmmsg+0x9d/0x100 [ 429.057988] do_syscall_64+0x1b9/0x820 [ 429.061908] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 429.067284] ? syscall_return_slowpath+0x5e0/0x5e0 [ 429.072230] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.077084] ? trace_hardirqs_on_caller+0x310/0x310 [ 429.082165] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 429.087188] ? prepare_exit_to_usermode+0x291/0x3b0 [ 429.087210] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.087233] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 429.087245] RIP: 0033:0x457569 [ 429.087260] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 429.087268] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 429.087282] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 429.087290] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 429.087305] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 429.105541] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 10:04:14 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x88480000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:14 executing program 3 (fault-call:5 fault-nth:45): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 429.105550] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:14 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 429.268250] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 429.283705] FAT-fs (loop5): bogus number of reserved sectors [ 429.297107] FAULT_INJECTION: forcing a failure. [ 429.297107] name failslab, interval 1, probability 0, space 0, times 0 [ 429.299366] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:14 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002480a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 429.339867] FAT-fs (loop4): bogus number of reserved sectors [ 429.355740] CPU: 1 PID: 20667 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 429.358685] FAT-fs (loop4): Can't find a valid FAT filesystem [ 429.364327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.364350] Call Trace: [ 429.364374] dump_stack+0x244/0x39d [ 429.364397] ? dump_stack_print_info.cold.1+0x20/0x20 [ 429.364416] ? __x64_sys_sendmmsg+0x9d/0x100 [ 429.364441] ? do_syscall_64+0x1b9/0x820 [ 429.399536] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 429.404909] ? kasan_check_read+0x11/0x20 [ 429.409083] should_fail.cold.4+0xa/0x17 [ 429.413162] ? trace_hardirqs_on+0xbd/0x310 [ 429.417495] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 429.422607] ? __lock_acquire+0x62f/0x4c20 [ 429.426844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 429.432393] ? mark_held_locks+0x130/0x130 [ 429.436669] ? find_held_lock+0x36/0x1c0 [ 429.440752] ? perf_trace_sched_process_exec+0x860/0x860 [ 429.446214] ? graph_lock+0x270/0x270 [ 429.450050] ? kfree_skb+0x1c3/0x580 [ 429.453795] ? __kfree_skb+0x20/0x20 [ 429.457575] __should_failslab+0x124/0x180 [ 429.461820] should_failslab+0x9/0x14 [ 429.465627] kmem_cache_alloc_node+0x26e/0x730 [ 429.470214] ? find_held_lock+0x36/0x1c0 [ 429.474288] __alloc_skb+0x114/0x770 [ 429.478016] ? netdev_alloc_frag+0x1f0/0x1f0 [ 429.482437] ? perf_trace_sched_process_exec+0x860/0x860 [ 429.487941] ? lock_downgrade+0x900/0x900 [ 429.492145] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 429.497690] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 429.503176] sock_wmalloc+0x16d/0x1f0 [ 429.507005] ? skb_set_owner_w+0x360/0x360 [ 429.511248] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 429.516989] ? _copy_from_user+0xdf/0x150 [ 429.521163] pppol2tp_sendmsg+0x23d/0x6c0 [ 429.525325] ? apparmor_socket_sendmsg+0x29/0x30 [ 429.530128] ? pppol2tp_getsockopt+0x940/0x940 [ 429.534750] sock_sendmsg+0xd5/0x120 [ 429.538500] ___sys_sendmsg+0x51d/0x930 [ 429.542512] ? graph_lock+0x270/0x270 [ 429.546337] ? copy_msghdr_from_user+0x580/0x580 [ 429.551100] ? get_pid_task+0xd6/0x1a0 [ 429.554992] ? find_held_lock+0x36/0x1c0 [ 429.559077] ? __might_fault+0x12b/0x1e0 [ 429.563152] ? lock_downgrade+0x900/0x900 [ 429.567324] ? perf_trace_sched_process_exec+0x860/0x860 [ 429.572832] __sys_sendmmsg+0x246/0x6d0 [ 429.576823] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 429.581160] ? __lock_is_held+0xb5/0x140 [ 429.585237] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 429.590781] ? check_preemption_disabled+0x48/0x280 [ 429.595821] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 429.601372] ? fput+0x130/0x1a0 [ 429.604665] ? do_syscall_64+0x9a/0x820 [ 429.608649] ? do_syscall_64+0x9a/0x820 [ 429.612634] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 429.617225] ? trace_hardirqs_on+0xbd/0x310 [ 429.621552] ? __ia32_sys_read+0xb0/0xb0 [ 429.625628] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 429.631003] ? trace_hardirqs_off_caller+0x300/0x300 [ 429.636122] __x64_sys_sendmmsg+0x9d/0x100 [ 429.640373] do_syscall_64+0x1b9/0x820 [ 429.644279] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 429.650159] ? syscall_return_slowpath+0x5e0/0x5e0 [ 429.655099] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.659976] ? trace_hardirqs_on_caller+0x310/0x310 [ 429.664997] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 429.670015] ? prepare_exit_to_usermode+0x291/0x3b0 [ 429.675037] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.679924] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 429.685167] RIP: 0033:0x457569 [ 429.688383] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 429.707300] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 429.715034] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 429.722313] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 429.729580] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 10:04:15 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x89060000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:15 executing program 3 (fault-call:5 fault-nth:46): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:15 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 429.736860] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 429.744125] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 429.758017] minix_free_inode: bit 1 already cleared 10:04:15 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0xfffffd98, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 429.848892] FAULT_INJECTION: forcing a failure. [ 429.848892] name failslab, interval 1, probability 0, space 0, times 0 [ 429.881923] CPU: 1 PID: 20680 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 429.890522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.899869] Call Trace: [ 429.902478] dump_stack+0x244/0x39d [ 429.906115] ? dump_stack_print_info.cold.1+0x20/0x20 [ 429.911326] should_fail.cold.4+0xa/0x17 [ 429.915513] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 429.920649] ? __save_stack_trace+0x8d/0xf0 [ 429.924989] ? save_stack+0xa9/0xd0 [ 429.928650] ? save_stack+0x43/0xd0 [ 429.932300] ? find_held_lock+0x36/0x1c0 [ 429.936481] ? hidinput_connect+0xb798/0xe920 [ 429.941033] ? hidinput_connect+0xb798/0xe920 [ 429.945537] ? perf_trace_sched_process_exec+0x860/0x860 [ 429.950992] ? check_preemption_disabled+0x48/0x280 [ 429.956023] __should_failslab+0x124/0x180 [ 429.960327] should_failslab+0x9/0x14 [ 429.964166] kmem_cache_alloc_node_trace+0x270/0x740 [ 429.969300] __kmalloc_node_track_caller+0x3c/0x70 [ 429.974234] __kmalloc_reserve.isra.38+0x41/0xe0 [ 429.979043] __alloc_skb+0x150/0x770 [ 429.982765] ? netdev_alloc_frag+0x1f0/0x1f0 [ 429.987183] ? perf_trace_sched_process_exec+0x860/0x860 [ 429.992656] ? lock_downgrade+0x900/0x900 [ 429.996853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 430.002397] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 430.007874] sock_wmalloc+0x16d/0x1f0 [ 430.011692] ? skb_set_owner_w+0x360/0x360 [ 430.015950] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 430.021503] ? _copy_from_user+0xdf/0x150 [ 430.025670] pppol2tp_sendmsg+0x23d/0x6c0 [ 430.029821] ? apparmor_socket_sendmsg+0x29/0x30 [ 430.034579] ? pppol2tp_getsockopt+0x940/0x940 [ 430.039173] sock_sendmsg+0xd5/0x120 [ 430.042893] ___sys_sendmsg+0x51d/0x930 [ 430.046913] ? graph_lock+0x270/0x270 [ 430.050722] ? copy_msghdr_from_user+0x580/0x580 [ 430.055499] ? get_pid_task+0xd6/0x1a0 [ 430.059427] ? find_held_lock+0x36/0x1c0 [ 430.063504] ? __might_fault+0x12b/0x1e0 [ 430.067575] ? lock_downgrade+0x900/0x900 [ 430.071751] ? perf_trace_sched_process_exec+0x860/0x860 [ 430.077224] __sys_sendmmsg+0x246/0x6d0 [ 430.081215] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 430.085576] ? __lock_is_held+0xb5/0x140 [ 430.089662] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 430.095214] ? check_preemption_disabled+0x48/0x280 [ 430.100258] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 430.105812] ? fput+0x130/0x1a0 [ 430.109093] ? do_syscall_64+0x9a/0x820 [ 430.113069] ? do_syscall_64+0x9a/0x820 [ 430.117076] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 430.121675] ? trace_hardirqs_on+0xbd/0x310 [ 430.126018] ? __ia32_sys_read+0xb0/0xb0 [ 430.130100] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 430.135466] ? trace_hardirqs_off_caller+0x300/0x300 [ 430.140577] __x64_sys_sendmmsg+0x9d/0x100 [ 430.144816] do_syscall_64+0x1b9/0x820 [ 430.148724] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 430.154117] ? syscall_return_slowpath+0x5e0/0x5e0 [ 430.159087] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.163940] ? trace_hardirqs_on_caller+0x310/0x310 [ 430.168976] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 430.174011] ? prepare_exit_to_usermode+0x291/0x3b0 [ 430.179051] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.183910] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 430.189112] RIP: 0033:0x457569 [ 430.192307] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 430.211203] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 430.218919] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 430.226189] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 430.233499] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 430.240764] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 10:04:15 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x300], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 430.248034] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:15 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:15 executing program 3 (fault-call:5 fault-nth:47): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 430.369680] FAT-fs (loop5): bogus number of reserved sectors [ 430.377391] FAT-fs (loop5): Can't find a valid FAT filesystem [ 430.411102] FAULT_INJECTION: forcing a failure. [ 430.411102] name failslab, interval 1, probability 0, space 0, times 0 [ 430.422427] CPU: 1 PID: 20699 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 430.431001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.440348] Call Trace: [ 430.442968] dump_stack+0x244/0x39d [ 430.446622] ? dump_stack_print_info.cold.1+0x20/0x20 [ 430.451854] ? is_bpf_text_address+0xac/0x170 [ 430.456376] should_fail.cold.4+0xa/0x17 [ 430.460461] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 430.465591] ? rcu_read_unlock_special+0x370/0x370 [ 430.470533] ? rcu_softirq_qs+0x20/0x20 [ 430.474524] ? unwind_dump+0x190/0x190 [ 430.478420] ? kernel_text_address+0x79/0xf0 [ 430.482838] ? __lock_acquire+0x62f/0x4c20 [ 430.487074] ? __save_stack_trace+0x8d/0xf0 [ 430.491425] ? mark_held_locks+0x130/0x130 [ 430.495702] ? save_stack+0x43/0xd0 [ 430.499336] ? __kmalloc_node_track_caller+0x50/0x70 [ 430.504443] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 430.509369] ? __alloc_skb+0x150/0x770 [ 430.513291] ? sock_wmalloc+0x16d/0x1f0 [ 430.517284] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 430.521612] ? sock_sendmsg+0xd5/0x120 [ 430.525520] ? ___sys_sendmsg+0x51d/0x930 [ 430.529677] ? __sys_sendmmsg+0x246/0x6d0 [ 430.533830] ? __x64_sys_sendmmsg+0x9d/0x100 [ 430.538253] ? do_syscall_64+0x1b9/0x820 [ 430.542331] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 430.547720] __should_failslab+0x124/0x180 [ 430.551967] should_failslab+0x9/0x14 [ 430.555792] kmem_cache_alloc_node_trace+0x5a/0x740 [ 430.560836] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 430.566383] __kmalloc_node_track_caller+0x3c/0x70 [ 430.571314] __kmalloc_reserve.isra.38+0x41/0xe0 [ 430.576091] pskb_expand_head+0x230/0x10f0 [ 430.580328] ? kasan_kmalloc+0xc7/0xe0 [ 430.584223] ? skb_release_data+0x880/0x880 [ 430.588564] ? __might_fault+0x12b/0x1e0 [ 430.592629] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 430.598177] ? iov_iter_advance+0x306/0x13f0 [ 430.602601] ? lock_release+0xa10/0xa10 [ 430.606580] ? perf_trace_sched_process_exec+0x860/0x860 [ 430.612035] ? once_deferred+0xa0/0xa0 [ 430.615931] ? perf_trace_sched_process_exec+0x860/0x860 [ 430.621385] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 430.626236] l2tp_xmit_skb+0x106b/0x1670 [ 430.630323] ? l2tp_recv_common+0x1d40/0x1d40 [ 430.634824] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 430.640362] ? _copy_from_user+0xdf/0x150 [ 430.644510] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 430.649363] pppol2tp_sendmsg+0x4b1/0x6c0 [ 430.653633] ? apparmor_socket_sendmsg+0x29/0x30 [ 430.658425] ? pppol2tp_getsockopt+0x940/0x940 [ 430.663046] sock_sendmsg+0xd5/0x120 [ 430.666800] ___sys_sendmsg+0x51d/0x930 [ 430.670781] ? graph_lock+0x270/0x270 [ 430.674594] ? copy_msghdr_from_user+0x580/0x580 [ 430.679371] ? find_held_lock+0x36/0x1c0 [ 430.683466] ? __might_fault+0x12b/0x1e0 [ 430.687533] ? lock_downgrade+0x900/0x900 [ 430.691695] ? perf_trace_sched_process_exec+0x860/0x860 [ 430.697163] __sys_sendmmsg+0x246/0x6d0 [ 430.701158] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 430.705485] ? __lock_is_held+0xb5/0x140 [ 430.709571] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 430.715163] ? check_preemption_disabled+0x48/0x280 [ 430.720208] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 430.725749] ? fput+0x130/0x1a0 [ 430.729032] ? do_syscall_64+0x9a/0x820 [ 430.733035] ? do_syscall_64+0x9a/0x820 [ 430.737014] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 430.741621] ? trace_hardirqs_on+0xbd/0x310 [ 430.745945] ? __ia32_sys_read+0xb0/0xb0 [ 430.750010] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 430.755392] ? trace_hardirqs_off_caller+0x300/0x300 [ 430.760524] __x64_sys_sendmmsg+0x9d/0x100 [ 430.764768] do_syscall_64+0x1b9/0x820 [ 430.768675] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 430.774047] ? syscall_return_slowpath+0x5e0/0x5e0 [ 430.778995] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.783851] ? trace_hardirqs_on_caller+0x310/0x310 [ 430.788921] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 430.793940] ? prepare_exit_to_usermode+0x291/0x3b0 [ 430.798963] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.803853] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 430.809071] RIP: 0033:0x457569 [ 430.812284] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 430.831185] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 430.838894] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 430.846182] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 430.853452] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 10:04:16 executing program 1: r0 = accept$unix(0xffffffffffffff9c, &(0x7f00000001c0), &(0x7f0000000240)=0x6e) signalfd(r0, &(0x7f0000000280)={0x6}, 0x8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) r4 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x400000, 0x0) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x8041, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r4, 0x8004e500, &(0x7f0000000140)=r5) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) 10:04:16 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8847], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 430.860721] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 430.867995] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 430.907564] FAT-fs (loop5): bogus number of reserved sectors [ 430.913388] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:16 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x4888], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:16 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 431.130543] FAT-fs (loop5): bogus number of reserved sectors [ 431.145612] FAT-fs (loop5): Can't find a valid FAT filesystem [ 431.215674] FAT-fs (loop5): bogus number of reserved sectors [ 431.221627] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:20 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000c00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:20 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f73f6", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:20 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x0, 0x200400) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000100)={0x0, 0x3}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000001c0)={r2, @in6={{0xa, 0x4e23, 0xaa4f, @mcast1, 0x2}}}, 0x84) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r3 = socket(0x18, 0xfffffffffffffffd, 0x10000) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r4, 0x0, 0x0) io_submit(r4, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000080), 0x121}]) 10:04:20 executing program 3 (fault-call:5 fault-nth:48): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:20 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8100000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:20 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f73ff", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 434.720391] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 434.775474] minix_free_inode: bit 1 already cleared [ 434.788089] FAULT_INJECTION: forcing a failure. [ 434.788089] name failslab, interval 1, probability 0, space 0, times 0 [ 434.808467] CPU: 0 PID: 20731 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 434.817053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 434.826411] Call Trace: [ 434.829032] dump_stack+0x244/0x39d [ 434.832670] ? dump_stack_print_info.cold.1+0x20/0x20 [ 434.837865] ? __x64_sys_sendmmsg+0x9d/0x100 [ 434.842299] ? do_syscall_64+0x1b9/0x820 [ 434.846381] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 434.851763] ? kasan_check_read+0x11/0x20 [ 434.855931] should_fail.cold.4+0xa/0x17 [ 434.859994] ? trace_hardirqs_on+0xbd/0x310 [ 434.864319] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 434.869434] ? __lock_acquire+0x62f/0x4c20 [ 434.873674] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 434.879247] ? mark_held_locks+0x130/0x130 [ 434.883517] ? find_held_lock+0x36/0x1c0 [ 434.887611] ? perf_trace_sched_process_exec+0x860/0x860 [ 434.893062] ? graph_lock+0x270/0x270 [ 434.896891] ? kfree_skb+0x1c3/0x580 [ 434.900655] ? __kfree_skb+0x20/0x20 [ 434.904444] __should_failslab+0x124/0x180 [ 434.908687] should_failslab+0x9/0x14 [ 434.912491] kmem_cache_alloc_node+0x26e/0x730 [ 434.917070] ? find_held_lock+0x36/0x1c0 [ 434.921165] __alloc_skb+0x114/0x770 [ 434.924905] ? netdev_alloc_frag+0x1f0/0x1f0 [ 434.929338] ? perf_trace_sched_process_exec+0x860/0x860 [ 434.934830] ? lock_downgrade+0x900/0x900 [ 434.938990] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 434.944588] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 434.950082] sock_wmalloc+0x16d/0x1f0 [ 434.953980] ? skb_set_owner_w+0x360/0x360 [ 434.958225] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 434.963794] ? _copy_from_user+0xdf/0x150 [ 434.967954] pppol2tp_sendmsg+0x23d/0x6c0 [ 434.972113] ? apparmor_socket_sendmsg+0x29/0x30 [ 434.976884] ? pppol2tp_getsockopt+0x940/0x940 [ 434.981488] sock_sendmsg+0xd5/0x120 [ 434.985265] ___sys_sendmsg+0x51d/0x930 [ 434.989287] ? graph_lock+0x270/0x270 [ 434.993127] ? copy_msghdr_from_user+0x580/0x580 [ 434.997910] ? get_pid_task+0xd6/0x1a0 [ 435.001805] ? find_held_lock+0x36/0x1c0 [ 435.005890] ? __might_fault+0x12b/0x1e0 [ 435.009968] ? lock_downgrade+0x900/0x900 [ 435.014134] ? perf_trace_sched_process_exec+0x860/0x860 [ 435.019603] __sys_sendmmsg+0x246/0x6d0 [ 435.023583] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 435.027909] ? __lock_is_held+0xb5/0x140 [ 435.031976] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 435.037516] ? check_preemption_disabled+0x48/0x280 [ 435.042547] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 435.048086] ? fput+0x130/0x1a0 [ 435.051370] ? do_syscall_64+0x9a/0x820 [ 435.055377] ? do_syscall_64+0x9a/0x820 [ 435.059402] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 435.064025] ? trace_hardirqs_on+0xbd/0x310 [ 435.068348] ? __ia32_sys_read+0xb0/0xb0 [ 435.072425] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.077800] ? trace_hardirqs_off_caller+0x300/0x300 [ 435.082911] __x64_sys_sendmmsg+0x9d/0x100 [ 435.087177] do_syscall_64+0x1b9/0x820 [ 435.091103] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 435.096495] ? syscall_return_slowpath+0x5e0/0x5e0 [ 435.101462] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 435.106319] ? trace_hardirqs_on_caller+0x310/0x310 [ 435.111348] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 435.116430] ? prepare_exit_to_usermode+0x291/0x3b0 [ 435.121464] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 435.126327] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.131518] RIP: 0033:0x457569 [ 435.134760] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 435.153662] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 435.161398] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 435.168692] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:04:20 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xd00000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 435.175971] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 435.183248] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 435.190525] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:20 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x3, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:20 executing program 3 (fault-call:5 fault-nth:49): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:20 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x7000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 435.383059] FAULT_INJECTION: forcing a failure. [ 435.383059] name failslab, interval 1, probability 0, space 0, times 0 [ 435.395135] CPU: 1 PID: 20744 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 435.403740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 435.413100] Call Trace: [ 435.415714] dump_stack+0x244/0x39d [ 435.419379] ? dump_stack_print_info.cold.1+0x20/0x20 [ 435.424592] should_fail.cold.4+0xa/0x17 [ 435.428673] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 435.433819] ? __save_stack_trace+0x8d/0xf0 [ 435.438194] ? save_stack+0xa9/0xd0 [ 435.441835] ? save_stack+0x43/0xd0 [ 435.445482] ? find_held_lock+0x36/0x1c0 [ 435.449619] ? pci_enable_pcie_error_reporting+0x178/0x180 [ 435.455271] ? pci_enable_pcie_error_reporting+0x178/0x180 [ 435.460928] ? perf_trace_sched_process_exec+0x860/0x860 [ 435.466396] ? check_preemption_disabled+0x48/0x280 [ 435.471451] __should_failslab+0x124/0x180 [ 435.475704] should_failslab+0x9/0x14 [ 435.479543] kmem_cache_alloc_node_trace+0x270/0x740 [ 435.484669] __kmalloc_node_track_caller+0x3c/0x70 [ 435.489611] __kmalloc_reserve.isra.38+0x41/0xe0 [ 435.494381] __alloc_skb+0x150/0x770 [ 435.498112] ? netdev_alloc_frag+0x1f0/0x1f0 [ 435.502543] ? perf_trace_sched_process_exec+0x860/0x860 [ 435.508005] ? lock_downgrade+0x900/0x900 [ 435.512185] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 435.517862] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 435.523350] sock_wmalloc+0x16d/0x1f0 [ 435.527170] ? skb_set_owner_w+0x360/0x360 [ 435.531417] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 435.536965] ? _copy_from_user+0xdf/0x150 [ 435.541134] pppol2tp_sendmsg+0x23d/0x6c0 [ 435.545327] ? apparmor_socket_sendmsg+0x29/0x30 [ 435.550099] ? pppol2tp_getsockopt+0x940/0x940 [ 435.554695] sock_sendmsg+0xd5/0x120 [ 435.558420] ___sys_sendmsg+0x51d/0x930 [ 435.562407] ? graph_lock+0x270/0x270 [ 435.566221] ? copy_msghdr_from_user+0x580/0x580 [ 435.570989] ? get_pid_task+0xd6/0x1a0 [ 435.574889] ? find_held_lock+0x36/0x1c0 [ 435.578970] ? __might_fault+0x12b/0x1e0 [ 435.583037] ? lock_downgrade+0x900/0x900 [ 435.587237] ? perf_trace_sched_process_exec+0x860/0x860 [ 435.592703] __sys_sendmmsg+0x246/0x6d0 [ 435.596697] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 435.601044] ? __lock_is_held+0xb5/0x140 [ 435.605134] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 435.610688] ? check_preemption_disabled+0x48/0x280 [ 435.615735] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 435.621294] ? fput+0x130/0x1a0 [ 435.624579] ? do_syscall_64+0x9a/0x820 [ 435.628562] ? do_syscall_64+0x9a/0x820 [ 435.632544] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 435.637139] ? trace_hardirqs_on+0xbd/0x310 [ 435.641477] ? __ia32_sys_read+0xb0/0xb0 [ 435.645546] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.650921] ? trace_hardirqs_off_caller+0x300/0x300 [ 435.656034] __x64_sys_sendmmsg+0x9d/0x100 [ 435.660278] do_syscall_64+0x1b9/0x820 [ 435.664178] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 435.669551] ? syscall_return_slowpath+0x5e0/0x5e0 [ 435.674509] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 435.679361] ? trace_hardirqs_on_caller+0x310/0x310 [ 435.684404] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 435.689432] ? prepare_exit_to_usermode+0x291/0x3b0 [ 435.694476] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 435.699353] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.704548] RIP: 0033:0x457569 [ 435.707745] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 435.726655] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 10:04:21 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\a', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:21 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 435.734377] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 435.741650] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 435.748927] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 435.756195] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 435.763461] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 435.865330] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:21 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002005500900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:21 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xf000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:21 executing program 3 (fault-call:5 fault-nth:50): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:21 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) r0 = socket(0x18, 0x0, 0x1) io_submit(0x0, 0x0, 0x0) io_submit(0x0, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000080), 0x121}]) [ 435.932270] FAT-fs (loop4): bogus number of reserved sectors [ 435.938703] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:21 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:21 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8864], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 435.986302] minix_free_inode: bit 1 already cleared 10:04:21 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x2, 0x4000) accept4$inet(r1, &(0x7f0000000100)={0x2, 0x0, @local}, &(0x7f0000000140)=0x10, 0x80800) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) [ 436.043343] FAULT_INJECTION: forcing a failure. [ 436.043343] name failslab, interval 1, probability 0, space 0, times 0 [ 436.054667] CPU: 0 PID: 20770 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 436.063251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 436.072609] Call Trace: [ 436.075212] dump_stack+0x244/0x39d [ 436.078840] ? dump_stack_print_info.cold.1+0x20/0x20 [ 436.084048] ? is_bpf_text_address+0xac/0x170 [ 436.088558] should_fail.cold.4+0xa/0x17 [ 436.092647] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 436.097777] ? rcu_read_unlock_special+0x370/0x370 [ 436.102701] ? rcu_softirq_qs+0x20/0x20 [ 436.106691] ? unwind_dump+0x190/0x190 [ 436.110605] ? kernel_text_address+0x79/0xf0 [ 436.115022] ? __lock_acquire+0x62f/0x4c20 [ 436.119278] ? __save_stack_trace+0x8d/0xf0 [ 436.123617] ? mark_held_locks+0x130/0x130 [ 436.127856] ? save_stack+0x43/0xd0 [ 436.131526] ? __kmalloc_node_track_caller+0x50/0x70 [ 436.136658] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 436.141583] ? __alloc_skb+0x150/0x770 [ 436.145512] ? sock_wmalloc+0x16d/0x1f0 [ 436.149488] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 436.153820] ? sock_sendmsg+0xd5/0x120 [ 436.157705] ? ___sys_sendmsg+0x51d/0x930 [ 436.161848] ? __sys_sendmmsg+0x246/0x6d0 [ 436.165989] ? __x64_sys_sendmmsg+0x9d/0x100 [ 436.170395] ? do_syscall_64+0x1b9/0x820 [ 436.174494] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 436.179867] __should_failslab+0x124/0x180 [ 436.184134] should_failslab+0x9/0x14 [ 436.187944] kmem_cache_alloc_node_trace+0x5a/0x740 [ 436.192963] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 436.198518] __kmalloc_node_track_caller+0x3c/0x70 [ 436.203448] __kmalloc_reserve.isra.38+0x41/0xe0 [ 436.208206] pskb_expand_head+0x230/0x10f0 [ 436.212456] ? kasan_kmalloc+0xc7/0xe0 [ 436.216352] ? skb_release_data+0x880/0x880 [ 436.220691] ? __might_fault+0x12b/0x1e0 [ 436.224748] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 436.230314] ? iov_iter_advance+0x306/0x13f0 [ 436.234751] ? lock_release+0xa10/0xa10 [ 436.238719] ? perf_trace_sched_process_exec+0x860/0x860 [ 436.244174] ? once_deferred+0xa0/0xa0 [ 436.248060] ? perf_trace_sched_process_exec+0x860/0x860 [ 436.253508] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 436.258388] l2tp_xmit_skb+0x106b/0x1670 [ 436.262476] ? l2tp_recv_common+0x1d40/0x1d40 [ 436.266976] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 436.272520] ? _copy_from_user+0xdf/0x150 [ 436.276692] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 436.281019] pppol2tp_sendmsg+0x4b1/0x6c0 [ 436.285187] ? apparmor_socket_sendmsg+0x29/0x30 [ 436.289960] ? pppol2tp_getsockopt+0x940/0x940 [ 436.294541] sock_sendmsg+0xd5/0x120 [ 436.298273] ___sys_sendmsg+0x51d/0x930 [ 436.302245] ? graph_lock+0x270/0x270 [ 436.306080] ? copy_msghdr_from_user+0x580/0x580 [ 436.310834] ? get_pid_task+0xd6/0x1a0 [ 436.314724] ? find_held_lock+0x36/0x1c0 [ 436.318795] ? __might_fault+0x12b/0x1e0 [ 436.322873] ? lock_downgrade+0x900/0x900 [ 436.327096] ? perf_trace_sched_process_exec+0x860/0x860 [ 436.332576] __sys_sendmmsg+0x246/0x6d0 [ 436.336593] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 436.340914] ? __lock_is_held+0xb5/0x140 [ 436.344993] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 436.350549] ? check_preemption_disabled+0x48/0x280 [ 436.355607] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 436.361154] ? fput+0x130/0x1a0 [ 436.364469] ? do_syscall_64+0x9a/0x820 [ 436.368484] ? do_syscall_64+0x9a/0x820 [ 436.372470] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 436.377081] ? trace_hardirqs_on+0xbd/0x310 [ 436.381401] ? __ia32_sys_read+0xb0/0xb0 [ 436.385471] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 436.390854] ? trace_hardirqs_off_caller+0x300/0x300 [ 436.395964] __x64_sys_sendmmsg+0x9d/0x100 [ 436.400221] do_syscall_64+0x1b9/0x820 [ 436.404112] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 436.409482] ? syscall_return_slowpath+0x5e0/0x5e0 [ 436.414432] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 436.419311] ? trace_hardirqs_on_caller+0x310/0x310 [ 436.424334] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 436.429375] ? prepare_exit_to_usermode+0x291/0x3b0 [ 436.434426] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 436.439296] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 436.444480] RIP: 0033:0x457569 [ 436.447669] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 436.466579] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 436.474279] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 436.481558] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:04:21 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 436.488835] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 436.496104] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 436.503374] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:21 executing program 3 (fault-call:5 fault-nth:51): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:22 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x3a00], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 436.622295] FAT-fs (loop4): bogus number of reserved sectors [ 436.628998] FAT-fs (loop4): Can't find a valid FAT filesystem [ 436.635631] FAT-fs (loop5): bogus number of reserved sectors [ 436.641657] FAT-fs (loop5): Can't find a valid FAT filesystem [ 436.672553] FAULT_INJECTION: forcing a failure. [ 436.672553] name failslab, interval 1, probability 0, space 0, times 0 [ 436.684368] CPU: 0 PID: 20786 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 436.692980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 436.702338] Call Trace: [ 436.704937] dump_stack+0x244/0x39d [ 436.708579] ? dump_stack_print_info.cold.1+0x20/0x20 [ 436.713864] ? graph_lock+0x270/0x270 [ 436.717680] should_fail.cold.4+0xa/0x17 [ 436.721770] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 436.726895] ? __lock_acquire+0x62f/0x4c20 [ 436.731135] ? find_held_lock+0x36/0x1c0 [ 436.735237] ? mark_held_locks+0x130/0x130 [ 436.739487] ? find_held_lock+0x36/0x1c0 [ 436.743581] ? __switch_to_asm+0x34/0x70 [ 436.747655] ? perf_trace_sched_process_exec+0x860/0x860 [ 436.753114] ? preempt_notifier_register+0x200/0x200 [ 436.758247] ? __switch_to_asm+0x34/0x70 [ 436.762318] ? __switch_to_asm+0x34/0x70 [ 436.766403] ? __switch_to_asm+0x40/0x70 [ 436.770483] __should_failslab+0x124/0x180 [ 436.774732] should_failslab+0x9/0x14 [ 436.778555] kmem_cache_alloc_node+0x26e/0x730 [ 436.783152] ? __schedule+0x8d7/0x21d0 [ 436.787058] __alloc_skb+0x114/0x770 [ 436.790794] ? netdev_alloc_frag+0x1f0/0x1f0 [ 436.795212] ? perf_trace_sched_process_exec+0x860/0x860 [ 436.800670] ? lock_downgrade+0x900/0x900 [ 436.804843] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 436.810391] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 436.815897] sock_wmalloc+0x16d/0x1f0 [ 436.819709] ? skb_set_owner_w+0x360/0x360 [ 436.823952] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 436.829498] ? _copy_from_user+0xdf/0x150 [ 436.833662] pppol2tp_sendmsg+0x23d/0x6c0 [ 436.837818] ? apparmor_socket_sendmsg+0x29/0x30 [ 436.842588] ? pppol2tp_getsockopt+0x940/0x940 [ 436.847190] sock_sendmsg+0xd5/0x120 [ 436.850914] ___sys_sendmsg+0x51d/0x930 [ 436.854901] ? graph_lock+0x270/0x270 [ 436.858720] ? copy_msghdr_from_user+0x580/0x580 [ 436.863486] ? get_pid_task+0xd6/0x1a0 [ 436.867392] ? find_held_lock+0x36/0x1c0 [ 436.871478] ? __might_fault+0x12b/0x1e0 [ 436.875555] ? lock_downgrade+0x900/0x900 [ 436.879735] ? perf_trace_sched_process_exec+0x860/0x860 [ 436.885209] __sys_sendmmsg+0x246/0x6d0 [ 436.889206] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 436.893537] ? __lock_is_held+0xb5/0x140 [ 436.897614] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 436.903170] ? check_preemption_disabled+0x48/0x280 [ 436.908210] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 436.913758] ? fput+0x130/0x1a0 [ 436.917047] ? do_syscall_64+0x9a/0x820 [ 436.921042] ? do_syscall_64+0x9a/0x820 [ 436.925028] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 436.929624] ? trace_hardirqs_on+0xbd/0x310 [ 436.933954] ? __ia32_sys_read+0xb0/0xb0 [ 436.938056] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 436.943440] ? trace_hardirqs_off_caller+0x300/0x300 [ 436.948561] __x64_sys_sendmmsg+0x9d/0x100 [ 436.952815] do_syscall_64+0x1b9/0x820 [ 436.956729] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 436.962108] ? syscall_return_slowpath+0x5e0/0x5e0 [ 436.967058] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 436.971924] ? trace_hardirqs_on_caller+0x310/0x310 [ 436.977019] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 436.982058] ? prepare_exit_to_usermode+0x291/0x3b0 [ 436.987090] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 436.991951] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 436.997158] RIP: 0033:0x457569 [ 437.000362] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 437.019270] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 437.026988] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 437.034260] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 437.041538] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 437.048811] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 437.056083] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:22 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x800000357, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) r3 = fcntl$getown(r0, 0x9) ptrace$cont(0x7, r3, 0x6, 0x20) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 437.069755] FAT-fs (loop4): bogus number of reserved sectors [ 437.078721] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:22 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x58], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 437.135486] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:22 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002030a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:22 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:22 executing program 3 (fault-call:5 fault-nth:52): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:22 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:22 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:22 executing program 1: r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0xffffffffffff0001, 0x200000) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000100)={'nat\x00'}, &(0x7f00000001c0)=0x78) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) [ 437.246381] minix_free_inode: bit 1 already cleared [ 437.290070] FAULT_INJECTION: forcing a failure. [ 437.290070] name failslab, interval 1, probability 0, space 0, times 0 [ 437.321472] CPU: 0 PID: 20802 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 437.330058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 437.339438] Call Trace: [ 437.342043] dump_stack+0x244/0x39d [ 437.345695] ? dump_stack_print_info.cold.1+0x20/0x20 [ 437.350900] should_fail.cold.4+0xa/0x17 [ 437.354966] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 437.360084] ? __save_stack_trace+0x8d/0xf0 [ 437.364429] ? save_stack+0xa9/0xd0 [ 437.368059] ? save_stack+0x43/0xd0 [ 437.371696] ? find_held_lock+0x36/0x1c0 [ 437.375780] ? perf_trace_sched_process_exec+0x860/0x860 [ 437.381253] ? check_preemption_disabled+0x48/0x280 [ 437.386279] __should_failslab+0x124/0x180 [ 437.390534] should_failslab+0x9/0x14 [ 437.394354] kmem_cache_alloc_node_trace+0x270/0x740 [ 437.399487] __kmalloc_node_track_caller+0x3c/0x70 [ 437.404445] __kmalloc_reserve.isra.38+0x41/0xe0 [ 437.409230] __alloc_skb+0x150/0x770 [ 437.412967] ? netdev_alloc_frag+0x1f0/0x1f0 [ 437.417379] ? perf_trace_sched_process_exec+0x860/0x860 [ 437.422836] ? lock_downgrade+0x900/0x900 [ 437.427002] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 437.432565] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 437.438046] sock_wmalloc+0x16d/0x1f0 [ 437.441917] ? skb_set_owner_w+0x360/0x360 [ 437.446214] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 437.451760] ? _copy_from_user+0xdf/0x150 [ 437.455949] pppol2tp_sendmsg+0x23d/0x6c0 [ 437.460135] ? apparmor_socket_sendmsg+0x29/0x30 [ 437.464899] ? pppol2tp_getsockopt+0x940/0x940 [ 437.469513] sock_sendmsg+0xd5/0x120 [ 437.473227] ___sys_sendmsg+0x51d/0x930 [ 437.477198] ? graph_lock+0x270/0x270 [ 437.481052] ? copy_msghdr_from_user+0x580/0x580 [ 437.485813] ? get_pid_task+0xd6/0x1a0 [ 437.489738] ? find_held_lock+0x36/0x1c0 [ 437.493836] ? __might_fault+0x12b/0x1e0 [ 437.497915] ? lock_downgrade+0x900/0x900 [ 437.502088] ? perf_trace_sched_process_exec+0x860/0x860 [ 437.507560] __sys_sendmmsg+0x246/0x6d0 [ 437.511588] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 437.516125] ? __lock_is_held+0xb5/0x140 [ 437.520216] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 437.525763] ? check_preemption_disabled+0x48/0x280 [ 437.530818] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 437.536353] ? fput+0x130/0x1a0 [ 437.539630] ? do_syscall_64+0x9a/0x820 [ 437.543604] ? do_syscall_64+0x9a/0x820 [ 437.547579] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 437.552190] ? trace_hardirqs_on+0xbd/0x310 [ 437.556511] ? __ia32_sys_read+0xb0/0xb0 [ 437.560662] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 437.566025] ? trace_hardirqs_off_caller+0x300/0x300 [ 437.571168] __x64_sys_sendmmsg+0x9d/0x100 [ 437.575427] do_syscall_64+0x1b9/0x820 [ 437.579314] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 437.584682] ? syscall_return_slowpath+0x5e0/0x5e0 [ 437.589610] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 437.594488] ? trace_hardirqs_on_caller+0x310/0x310 [ 437.599513] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 437.604530] ? prepare_exit_to_usermode+0x291/0x3b0 [ 437.609567] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 437.614424] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 437.619612] RIP: 0033:0x457569 [ 437.622803] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:04:23 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x88caffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 437.641713] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 437.649423] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 437.656689] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 437.663982] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 437.671265] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 437.678553] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:23 executing program 3 (fault-call:5 fault-nth:53): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 437.725930] FAT-fs (loop5): bogus number of reserved sectors [ 437.736799] FAT-fs (loop4): bogus number of reserved sectors [ 437.745036] FAT-fs (loop5): Can't find a valid FAT filesystem [ 437.756790] FAT-fs (loop4): Can't find a valid FAT filesystem [ 437.795143] FAULT_INJECTION: forcing a failure. [ 437.795143] name failslab, interval 1, probability 0, space 0, times 0 [ 437.806503] CPU: 0 PID: 20819 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 437.815089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 437.824438] Call Trace: [ 437.827074] dump_stack+0x244/0x39d [ 437.830721] ? dump_stack_print_info.cold.1+0x20/0x20 [ 437.835927] ? is_bpf_text_address+0xac/0x170 [ 437.840436] should_fail.cold.4+0xa/0x17 [ 437.844511] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 437.849611] ? rcu_read_unlock_special+0x370/0x370 [ 437.854537] ? rcu_softirq_qs+0x20/0x20 [ 437.858521] ? unwind_dump+0x190/0x190 [ 437.862463] ? kernel_text_address+0x79/0xf0 [ 437.866874] ? __lock_acquire+0x62f/0x4c20 [ 437.871107] ? __save_stack_trace+0x8d/0xf0 [ 437.875497] ? mark_held_locks+0x130/0x130 [ 437.879732] ? save_stack+0x43/0xd0 [ 437.883358] ? __kmalloc_node_track_caller+0x50/0x70 [ 437.888456] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 437.893426] ? __alloc_skb+0x150/0x770 [ 437.897325] ? sock_wmalloc+0x16d/0x1f0 [ 437.901301] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 437.905631] ? sock_sendmsg+0xd5/0x120 [ 437.909529] ? ___sys_sendmsg+0x51d/0x930 [ 437.913836] ? __sys_sendmmsg+0x246/0x6d0 [ 437.917979] ? __x64_sys_sendmmsg+0x9d/0x100 [ 437.922382] ? do_syscall_64+0x1b9/0x820 [ 437.926485] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 437.931984] ? i915_sample+0x808/0xb10 [ 437.935896] __should_failslab+0x124/0x180 [ 437.940169] should_failslab+0x9/0x14 [ 437.943988] kmem_cache_alloc_node_trace+0x5a/0x740 [ 437.949007] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 437.954545] __kmalloc_node_track_caller+0x3c/0x70 [ 437.959478] __kmalloc_reserve.isra.38+0x41/0xe0 [ 437.964235] pskb_expand_head+0x230/0x10f0 [ 437.968481] ? kasan_kmalloc+0xc7/0xe0 [ 437.972377] ? skb_release_data+0x880/0x880 [ 437.976731] ? __might_fault+0x12b/0x1e0 [ 437.980791] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 437.986359] ? iov_iter_advance+0x306/0x13f0 [ 437.990766] ? lock_release+0xa10/0xa10 [ 437.994739] ? perf_trace_sched_process_exec+0x860/0x860 [ 438.000188] ? once_deferred+0xa0/0xa0 [ 438.004072] ? perf_trace_sched_process_exec+0x860/0x860 [ 438.009528] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 438.014390] l2tp_xmit_skb+0x106b/0x1670 [ 438.018461] ? l2tp_recv_common+0x1d40/0x1d40 [ 438.022953] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 438.028527] ? _copy_from_user+0xdf/0x150 [ 438.032678] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 438.037002] pppol2tp_sendmsg+0x4b1/0x6c0 [ 438.041177] ? apparmor_socket_sendmsg+0x29/0x30 [ 438.045936] ? pppol2tp_getsockopt+0x940/0x940 [ 438.050693] sock_sendmsg+0xd5/0x120 [ 438.054414] ___sys_sendmsg+0x51d/0x930 [ 438.058419] ? graph_lock+0x270/0x270 [ 438.062234] ? copy_msghdr_from_user+0x580/0x580 [ 438.067007] ? get_pid_task+0xd6/0x1a0 [ 438.070900] ? find_held_lock+0x36/0x1c0 [ 438.075016] ? __might_fault+0x12b/0x1e0 [ 438.079081] ? lock_downgrade+0x900/0x900 [ 438.083248] ? perf_trace_sched_process_exec+0x860/0x860 [ 438.088742] __sys_sendmmsg+0x246/0x6d0 [ 438.092735] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 438.097075] ? __lock_is_held+0xb5/0x140 [ 438.101141] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 438.106685] ? check_preemption_disabled+0x48/0x280 [ 438.111724] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 438.117290] ? fput+0x130/0x1a0 [ 438.120586] ? do_syscall_64+0x9a/0x820 [ 438.124564] ? do_syscall_64+0x9a/0x820 [ 438.128539] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 438.133159] ? trace_hardirqs_on+0xbd/0x310 [ 438.137481] ? __ia32_sys_read+0xb0/0xb0 [ 438.141556] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 10:04:23 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x5800], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 438.146922] ? trace_hardirqs_off_caller+0x300/0x300 [ 438.152058] __x64_sys_sendmmsg+0x9d/0x100 [ 438.156295] do_syscall_64+0x1b9/0x820 [ 438.160198] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 438.165581] ? syscall_return_slowpath+0x5e0/0x5e0 [ 438.170519] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 438.175382] ? trace_hardirqs_on_caller+0x310/0x310 [ 438.175399] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 438.175424] ? prepare_exit_to_usermode+0x291/0x3b0 [ 438.175446] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 438.175469] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 438.175482] RIP: 0033:0x457569 [ 438.175500] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 438.185502] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 438.185515] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 438.185523] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:04:23 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x200000, 0x0) ioctl$DRM_IOCTL_AGP_ENABLE(r2, 0x40086432, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_RESET(r2, 0x2403, 0x1f) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:23 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f73c0", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 438.185531] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 438.185540] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 438.185548] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:23 executing program 3 (fault-call:5 fault-nth:54): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 438.421571] FAULT_INJECTION: forcing a failure. [ 438.421571] name failslab, interval 1, probability 0, space 0, times 0 [ 438.447564] CPU: 0 PID: 20836 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 438.456167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 438.465530] Call Trace: [ 438.468180] dump_stack+0x244/0x39d [ 438.471887] ? dump_stack_print_info.cold.1+0x20/0x20 [ 438.477082] ? __x64_sys_sendmmsg+0x9d/0x100 [ 438.481492] ? do_syscall_64+0x1b9/0x820 [ 438.485557] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 438.490928] ? kasan_check_read+0x11/0x20 [ 438.495097] should_fail.cold.4+0xa/0x17 [ 438.499176] ? trace_hardirqs_on+0xbd/0x310 [ 438.503521] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 438.508645] ? __lock_acquire+0x62f/0x4c20 [ 438.512893] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 438.518445] ? mark_held_locks+0x130/0x130 [ 438.522687] ? find_held_lock+0x36/0x1c0 [ 438.526856] ? acpi_device_get_match_data+0x58/0xc0 [ 438.531886] ? perf_trace_sched_process_exec+0x860/0x860 [ 438.537359] ? graph_lock+0x270/0x270 [ 438.541182] ? kfree_skb+0x1c3/0x580 [ 438.544916] ? __kfree_skb+0x20/0x20 [ 438.548648] __should_failslab+0x124/0x180 [ 438.552886] should_failslab+0x9/0x14 [ 438.556695] kmem_cache_alloc_node+0x26e/0x730 [ 438.561286] ? find_held_lock+0x36/0x1c0 [ 438.565359] __alloc_skb+0x114/0x770 [ 438.569080] ? netdev_alloc_frag+0x1f0/0x1f0 [ 438.573500] ? perf_trace_sched_process_exec+0x860/0x860 [ 438.578986] ? lock_downgrade+0x900/0x900 [ 438.583160] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 438.588707] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 438.594191] sock_wmalloc+0x16d/0x1f0 [ 438.598011] ? skb_set_owner_w+0x360/0x360 [ 438.602244] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 438.607782] ? _copy_from_user+0xdf/0x150 [ 438.611956] pppol2tp_sendmsg+0x23d/0x6c0 [ 438.616130] ? apparmor_socket_sendmsg+0x29/0x30 [ 438.620899] ? pppol2tp_getsockopt+0x940/0x940 [ 438.625485] sock_sendmsg+0xd5/0x120 [ 438.629202] ___sys_sendmsg+0x51d/0x930 [ 438.633185] ? graph_lock+0x270/0x270 [ 438.636991] ? copy_msghdr_from_user+0x580/0x580 [ 438.641750] ? get_pid_task+0xd6/0x1a0 [ 438.645773] ? find_held_lock+0x36/0x1c0 [ 438.649851] ? __might_fault+0x12b/0x1e0 [ 438.653922] ? lock_downgrade+0x900/0x900 [ 438.658078] ? perf_trace_sched_process_exec+0x860/0x860 [ 438.663552] __sys_sendmmsg+0x246/0x6d0 [ 438.667596] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 438.671976] ? __lock_is_held+0xb5/0x140 [ 438.676046] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 438.681617] ? check_preemption_disabled+0x48/0x280 [ 438.686642] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 438.692196] ? fput+0x130/0x1a0 [ 438.695507] ? do_syscall_64+0x9a/0x820 [ 438.699531] ? do_syscall_64+0x9a/0x820 [ 438.703510] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 438.708094] ? trace_hardirqs_on+0xbd/0x310 [ 438.712420] ? __ia32_sys_read+0xb0/0xb0 [ 438.716481] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 438.721923] ? trace_hardirqs_off_caller+0x300/0x300 [ 438.727058] __x64_sys_sendmmsg+0x9d/0x100 [ 438.731309] do_syscall_64+0x1b9/0x820 [ 438.735205] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 438.740581] ? syscall_return_slowpath+0x5e0/0x5e0 [ 438.745522] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 438.750380] ? trace_hardirqs_on_caller+0x310/0x310 [ 438.755398] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 438.760440] ? prepare_exit_to_usermode+0x291/0x3b0 [ 438.765509] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 438.770449] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 438.775668] RIP: 0033:0x457569 [ 438.778858] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 438.797770] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 438.805472] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 438.812736] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 438.819996] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 438.827258] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 438.834536] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:24 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xffffdd86], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:24 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x9, 0x10, r0, 0x0) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) r3 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x20, 0x4001) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ff0000/0xe000)=nil, 0xe000}, 0x2}) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:24 executing program 3 (fault-call:5 fault-nth:55): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:24 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002060a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:24 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7303", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 438.991017] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 439.057698] FAT-fs (loop4): bogus number of reserved sectors [ 439.063756] FAT-fs (loop4): Can't find a valid FAT filesystem [ 439.074232] FAULT_INJECTION: forcing a failure. [ 439.074232] name failslab, interval 1, probability 0, space 0, times 0 [ 439.105752] minix_free_inode: bit 1 already cleared [ 439.111583] CPU: 1 PID: 20850 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 439.120190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 439.129537] Call Trace: [ 439.132126] dump_stack+0x244/0x39d [ 439.135785] ? dump_stack_print_info.cold.1+0x20/0x20 [ 439.140980] should_fail.cold.4+0xa/0x17 [ 439.145039] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 439.150154] ? __save_stack_trace+0x8d/0xf0 [ 439.154504] ? save_stack+0xa9/0xd0 [ 439.158142] ? save_stack+0x43/0xd0 [ 439.161797] ? find_held_lock+0x36/0x1c0 [ 439.165883] ? perf_trace_sched_process_exec+0x860/0x860 [ 439.171375] ? check_preemption_disabled+0x48/0x280 [ 439.176442] __should_failslab+0x124/0x180 [ 439.180688] should_failslab+0x9/0x14 [ 439.184531] kmem_cache_alloc_node_trace+0x270/0x740 [ 439.189645] __kmalloc_node_track_caller+0x3c/0x70 [ 439.194596] __kmalloc_reserve.isra.38+0x41/0xe0 [ 439.199381] __alloc_skb+0x150/0x770 [ 439.203097] ? netdev_alloc_frag+0x1f0/0x1f0 [ 439.207504] ? perf_trace_sched_process_exec+0x860/0x860 [ 439.212968] ? lock_downgrade+0x900/0x900 [ 439.217140] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 439.222739] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 439.228216] sock_wmalloc+0x16d/0x1f0 [ 439.232032] ? skb_set_owner_w+0x360/0x360 [ 439.236287] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 439.241823] ? _copy_from_user+0xdf/0x150 [ 439.245976] pppol2tp_sendmsg+0x23d/0x6c0 [ 439.250121] ? apparmor_socket_sendmsg+0x29/0x30 [ 439.254880] ? pppol2tp_getsockopt+0x940/0x940 [ 439.259479] sock_sendmsg+0xd5/0x120 [ 439.263190] ___sys_sendmsg+0x51d/0x930 [ 439.267182] ? graph_lock+0x270/0x270 [ 439.271015] ? copy_msghdr_from_user+0x580/0x580 [ 439.275795] ? get_pid_task+0xd6/0x1a0 [ 439.279707] ? find_held_lock+0x36/0x1c0 [ 439.283773] ? __might_fault+0x12b/0x1e0 [ 439.287828] ? lock_downgrade+0x900/0x900 [ 439.291991] ? perf_trace_sched_process_exec+0x860/0x860 [ 439.297447] __sys_sendmmsg+0x246/0x6d0 [ 439.301443] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 439.305764] ? __lock_is_held+0xb5/0x140 [ 439.309826] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 439.315374] ? check_preemption_disabled+0x48/0x280 [ 439.320426] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 439.325962] ? fput+0x130/0x1a0 [ 439.329238] ? do_syscall_64+0x9a/0x820 [ 439.333337] ? do_syscall_64+0x9a/0x820 [ 439.337314] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 439.341938] ? trace_hardirqs_on+0xbd/0x310 [ 439.346263] ? __ia32_sys_read+0xb0/0xb0 [ 439.350347] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 439.355726] ? trace_hardirqs_off_caller+0x300/0x300 [ 439.360831] __x64_sys_sendmmsg+0x9d/0x100 [ 439.365069] do_syscall_64+0x1b9/0x820 [ 439.368987] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 439.374365] ? syscall_return_slowpath+0x5e0/0x5e0 [ 439.379299] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 439.384136] ? trace_hardirqs_on_caller+0x310/0x310 [ 439.389163] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 439.394186] ? prepare_exit_to_usermode+0x291/0x3b0 [ 439.399204] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 439.404050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 439.409248] RIP: 0033:0x457569 [ 439.412435] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 439.431331] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 439.439033] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 439.446308] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:04:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8864000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:24 executing program 3 (fault-call:5 fault-nth:56): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 439.453602] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 439.460883] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 439.468160] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:24 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_dev$cec(&(0x7f00000002c0)='/dev/cec#\x00', 0x1, 0x2) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000300)={0x0}) ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000340)={0x0, r2, 0xcb0}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r3 = socket(0x18, 0x0, 0x1) io_setup(0xe1, &(0x7f00000001c0)=0x0) r5 = semget$private(0x0, 0x2, 0x200) semctl$SEM_STAT(r5, 0x2, 0x12, &(0x7f0000000040)=""/47) io_submit(r4, 0x26b, 0x0) r6 = syz_open_dev$mice(&(0x7f0000000380)='/dev/input/mice\x00', 0x0, 0x40000000000000) ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f0000000240)=ANY=[@ANYBLOB="020000000000000000500100000000004400000000000000", @ANYPTR=&(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="f07a4753b18e7bc100500000000000002d00000000000000", @ANYPTR=&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00']) openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x100, 0x0) io_submit(r4, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000080), 0x121}]) 10:04:24 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:24 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xd000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:25 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 439.698512] FAULT_INJECTION: forcing a failure. [ 439.698512] name failslab, interval 1, probability 0, space 0, times 0 [ 439.709862] CPU: 0 PID: 20868 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 439.709871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 439.709876] Call Trace: [ 439.709896] dump_stack+0x244/0x39d [ 439.709916] ? dump_stack_print_info.cold.1+0x20/0x20 [ 439.709937] ? is_bpf_text_address+0xac/0x170 [ 439.709970] should_fail.cold.4+0xa/0x17 [ 439.709988] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 439.710001] ? rcu_read_unlock_special+0x370/0x370 [ 439.710015] ? rcu_softirq_qs+0x20/0x20 [ 439.743796] ? unwind_dump+0x190/0x190 [ 439.743819] ? kernel_text_address+0x79/0xf0 [ 439.743852] ? __lock_acquire+0x62f/0x4c20 [ 439.743869] ? __save_stack_trace+0x8d/0xf0 [ 439.761976] ? mark_held_locks+0x130/0x130 [ 439.761993] ? save_stack+0x43/0xd0 [ 439.762006] ? __kmalloc_node_track_caller+0x50/0x70 [ 439.762037] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 439.774551] ? __alloc_skb+0x150/0x770 [ 439.774565] ? sock_wmalloc+0x16d/0x1f0 [ 439.774592] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 439.774603] ? sock_sendmsg+0xd5/0x120 [ 439.774614] ? ___sys_sendmsg+0x51d/0x930 [ 439.774639] ? __sys_sendmmsg+0x246/0x6d0 [ 439.774655] ? __x64_sys_sendmmsg+0x9d/0x100 [ 439.825489] ? do_syscall_64+0x1b9/0x820 [ 439.829564] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 439.834994] ? ata_dev_printk+0xc8/0x2c0 [ 439.839060] __should_failslab+0x124/0x180 [ 439.843294] should_failslab+0x9/0x14 [ 439.847094] kmem_cache_alloc_node_trace+0x5a/0x740 [ 439.852115] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 439.857656] __kmalloc_node_track_caller+0x3c/0x70 [ 439.862583] __kmalloc_reserve.isra.38+0x41/0xe0 [ 439.867356] pskb_expand_head+0x230/0x10f0 [ 439.871613] ? kasan_kmalloc+0xc7/0xe0 [ 439.875528] ? skb_release_data+0x880/0x880 [ 439.879882] ? __might_fault+0x12b/0x1e0 [ 439.883973] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 439.889520] ? iov_iter_advance+0x306/0x13f0 [ 439.893927] ? lock_release+0xa10/0xa10 10:04:25 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x88a8ffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 439.897928] ? perf_trace_sched_process_exec+0x860/0x860 [ 439.903424] ? once_deferred+0xa0/0xa0 [ 439.907316] ? perf_trace_sched_process_exec+0x860/0x860 [ 439.912852] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 439.917711] l2tp_xmit_skb+0x106b/0x1670 [ 439.921780] ? l2tp_recv_common+0x1d40/0x1d40 [ 439.926322] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 439.931860] ? _copy_from_user+0xdf/0x150 [ 439.936008] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 439.940345] pppol2tp_sendmsg+0x4b1/0x6c0 [ 439.944494] ? apparmor_socket_sendmsg+0x29/0x30 [ 439.949259] ? pppol2tp_getsockopt+0x940/0x940 [ 439.953840] sock_sendmsg+0xd5/0x120 [ 439.957554] ___sys_sendmsg+0x51d/0x930 [ 439.961536] ? graph_lock+0x270/0x270 [ 439.965337] ? copy_msghdr_from_user+0x580/0x580 [ 439.970103] ? get_pid_task+0xd6/0x1a0 [ 439.974021] ? find_held_lock+0x36/0x1c0 [ 439.978082] ? __might_fault+0x12b/0x1e0 [ 439.982157] ? lock_downgrade+0x900/0x900 [ 439.986345] ? perf_trace_sched_process_exec+0x860/0x860 [ 439.991811] __sys_sendmmsg+0x246/0x6d0 [ 439.995789] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 440.000143] ? retint_kernel+0x2d/0x2d [ 440.004052] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 440.009600] ? fput+0x130/0x1a0 [ 440.012878] ? do_syscall_64+0x9a/0x820 [ 440.016850] ? do_syscall_64+0x9a/0x820 [ 440.020821] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 440.025407] ? trace_hardirqs_on+0xbd/0x310 [ 440.029789] ? __ia32_sys_read+0xb0/0xb0 [ 440.033877] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 440.039238] ? trace_hardirqs_off_caller+0x300/0x300 [ 440.044343] __x64_sys_sendmmsg+0x9d/0x100 [ 440.048607] do_syscall_64+0x1b9/0x820 [ 440.052507] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 440.057871] ? syscall_return_slowpath+0x5e0/0x5e0 [ 440.062797] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 440.067700] ? trace_hardirqs_on_caller+0x310/0x310 [ 440.072719] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 440.077757] ? prepare_exit_to_usermode+0x291/0x3b0 [ 440.082772] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 440.087698] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 440.092883] RIP: 0033:0x457569 [ 440.096096] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 440.114988] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 440.122690] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 440.129969] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 440.137232] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 440.144497] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 440.151775] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:25 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x1, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0xffffffffffffffff, r1, &(0x7f0000000080), 0x0, 0x4}]) 10:04:25 executing program 3 (fault-call:5 fault-nth:57): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:25 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8dffffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 440.229953] FAT-fs (loop5): bogus number of reserved sectors [ 440.248801] FAT-fs (loop5): Can't find a valid FAT filesystem [ 440.334843] FAT-fs (loop5): bogus number of reserved sectors [ 440.354770] FAULT_INJECTION: forcing a failure. [ 440.354770] name failslab, interval 1, probability 0, space 0, times 0 [ 440.355403] FAT-fs (loop5): Can't find a valid FAT filesystem [ 440.375869] CPU: 1 PID: 20891 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 440.384479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 440.393822] Call Trace: [ 440.396425] dump_stack+0x244/0x39d [ 440.400082] ? dump_stack_print_info.cold.1+0x20/0x20 [ 440.405268] ? __x64_sys_sendmmsg+0x9d/0x100 [ 440.409688] ? do_syscall_64+0x1b9/0x820 [ 440.413740] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 440.419096] ? kasan_check_read+0x11/0x20 [ 440.423236] should_fail.cold.4+0xa/0x17 [ 440.427304] ? trace_hardirqs_on+0xbd/0x310 [ 440.431620] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 440.436715] ? __lock_acquire+0x62f/0x4c20 [ 440.440938] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 440.446486] ? mark_held_locks+0x130/0x130 [ 440.450731] ? find_held_lock+0x36/0x1c0 [ 440.454817] ? perf_trace_sched_process_exec+0x860/0x860 [ 440.460284] ? graph_lock+0x270/0x270 [ 440.464089] ? kfree_skb+0x1c3/0x580 [ 440.467795] ? __kfree_skb+0x20/0x20 [ 440.471517] __should_failslab+0x124/0x180 [ 440.475763] should_failslab+0x9/0x14 [ 440.479565] kmem_cache_alloc_node+0x26e/0x730 [ 440.484176] ? find_held_lock+0x36/0x1c0 [ 440.488261] __alloc_skb+0x114/0x770 [ 440.491972] ? netdev_alloc_frag+0x1f0/0x1f0 [ 440.496377] ? perf_trace_sched_process_exec+0x860/0x860 [ 440.501820] ? lock_downgrade+0x900/0x900 [ 440.505985] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 440.511531] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 440.516996] sock_wmalloc+0x16d/0x1f0 [ 440.520829] ? skb_set_owner_w+0x360/0x360 [ 440.525065] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 440.530610] ? _copy_from_user+0xdf/0x150 [ 440.534761] pppol2tp_sendmsg+0x23d/0x6c0 [ 440.538906] ? apparmor_socket_sendmsg+0x29/0x30 [ 440.543675] ? pppol2tp_getsockopt+0x940/0x940 [ 440.548252] sock_sendmsg+0xd5/0x120 [ 440.551956] ___sys_sendmsg+0x51d/0x930 [ 440.555923] ? graph_lock+0x270/0x270 [ 440.559731] ? copy_msghdr_from_user+0x580/0x580 [ 440.564496] ? get_pid_task+0xd6/0x1a0 [ 440.568390] ? find_held_lock+0x36/0x1c0 [ 440.572451] ? __might_fault+0x12b/0x1e0 [ 440.576507] ? lock_downgrade+0x900/0x900 [ 440.580671] ? perf_trace_sched_process_exec+0x860/0x860 [ 440.586124] __sys_sendmmsg+0x246/0x6d0 [ 440.590101] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 440.594414] ? __lock_is_held+0xb5/0x140 [ 440.598471] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 440.604014] ? check_preemption_disabled+0x48/0x280 [ 440.609031] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 440.614556] ? fput+0x130/0x1a0 [ 440.617825] ? do_syscall_64+0x9a/0x820 [ 440.621790] ? do_syscall_64+0x9a/0x820 [ 440.625770] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 440.630355] ? trace_hardirqs_on+0xbd/0x310 [ 440.634680] ? __ia32_sys_read+0xb0/0xb0 [ 440.638749] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 440.644116] ? trace_hardirqs_off_caller+0x300/0x300 [ 440.649715] __x64_sys_sendmmsg+0x9d/0x100 [ 440.653990] do_syscall_64+0x1b9/0x820 [ 440.657870] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 440.663238] ? syscall_return_slowpath+0x5e0/0x5e0 [ 440.668716] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 440.673557] ? trace_hardirqs_on_caller+0x310/0x310 [ 440.678569] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 440.683594] ? prepare_exit_to_usermode+0x291/0x3b0 [ 440.688612] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 440.693453] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 440.698650] RIP: 0033:0x457569 [ 440.701850] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 440.720783] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 440.728536] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 440.735830] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 440.743094] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 440.750352] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 440.757610] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:26 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002043900900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:26 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdose', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:26 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000240)={0xf000, 0x4000, 0xfffffffffffffffd, 0x6, 0x5}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r3 = dup2(r0, r0) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f0000000040)={0x0, 0x2a, "5e65cb42bbec19eaf6f05d6ca8f1a20a90102fc759beac7840a7ae4dc192164abf0a611140f75cee5a24"}, &(0x7f0000000100)=0x32) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000140)={r4, 0x4}, &(0x7f00000001c0)=0x8) r5 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r6, 0x0, 0x0) io_submit(r6, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r5, &(0x7f0000000080), 0x121}]) setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f0000000280)=0x9, 0x4) 10:04:26 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x200000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:26 executing program 3 (fault-call:5 fault-nth:58): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:26 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 441.054543] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 441.133274] FAULT_INJECTION: forcing a failure. [ 441.133274] name failslab, interval 1, probability 0, space 0, times 0 [ 441.155474] minix_free_inode: bit 1 already cleared [ 441.170657] CPU: 1 PID: 20903 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 441.179251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 441.188622] Call Trace: [ 441.191244] dump_stack+0x244/0x39d [ 441.194896] ? dump_stack_print_info.cold.1+0x20/0x20 [ 441.200112] should_fail.cold.4+0xa/0x17 [ 441.204202] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 441.209350] ? __save_stack_trace+0x8d/0xf0 [ 441.213696] ? save_stack+0xa9/0xd0 [ 441.217335] ? save_stack+0x43/0xd0 [ 441.220977] ? find_held_lock+0x36/0x1c0 [ 441.225060] ? perf_trace_sched_process_exec+0x860/0x860 [ 441.230531] ? check_preemption_disabled+0x48/0x280 [ 441.235571] __should_failslab+0x124/0x180 [ 441.239828] should_failslab+0x9/0x14 [ 441.243657] kmem_cache_alloc_node_trace+0x270/0x740 [ 441.248777] __kmalloc_node_track_caller+0x3c/0x70 [ 441.253737] __kmalloc_reserve.isra.38+0x41/0xe0 [ 441.258548] __alloc_skb+0x150/0x770 [ 441.262275] ? netdev_alloc_frag+0x1f0/0x1f0 [ 441.266699] ? perf_trace_sched_process_exec+0x860/0x860 [ 441.272162] ? lock_downgrade+0x900/0x900 [ 441.276353] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 441.281906] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 441.287392] sock_wmalloc+0x16d/0x1f0 [ 441.291202] ? skb_set_owner_w+0x360/0x360 [ 441.295442] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 441.300986] ? _copy_from_user+0xdf/0x150 [ 441.305157] pppol2tp_sendmsg+0x23d/0x6c0 [ 441.309333] ? apparmor_socket_sendmsg+0x29/0x30 [ 441.314095] ? pppol2tp_getsockopt+0x940/0x940 [ 441.318678] sock_sendmsg+0xd5/0x120 [ 441.322407] ___sys_sendmsg+0x51d/0x930 [ 441.326381] ? graph_lock+0x270/0x270 [ 441.330188] ? copy_msghdr_from_user+0x580/0x580 [ 441.334947] ? get_pid_task+0xd6/0x1a0 [ 441.338840] ? find_held_lock+0x36/0x1c0 [ 441.342927] ? __might_fault+0x12b/0x1e0 [ 441.346997] ? lock_downgrade+0x900/0x900 [ 441.351163] ? perf_trace_sched_process_exec+0x860/0x860 [ 441.356651] __sys_sendmmsg+0x246/0x6d0 [ 441.360632] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 441.364954] ? __lock_is_held+0xb5/0x140 [ 441.369021] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 441.374574] ? check_preemption_disabled+0x48/0x280 [ 441.379600] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 441.385137] ? fput+0x130/0x1a0 [ 441.388420] ? do_syscall_64+0x9a/0x820 [ 441.392416] ? do_syscall_64+0x9a/0x820 [ 441.396433] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 441.401031] ? trace_hardirqs_on+0xbd/0x310 [ 441.405350] ? __ia32_sys_read+0xb0/0xb0 [ 441.409443] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 441.414866] ? trace_hardirqs_off_caller+0x300/0x300 [ 441.419992] __x64_sys_sendmmsg+0x9d/0x100 [ 441.424251] do_syscall_64+0x1b9/0x820 [ 441.428180] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 441.433547] ? syscall_return_slowpath+0x5e0/0x5e0 [ 441.438496] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 441.443383] ? trace_hardirqs_on_caller+0x310/0x310 [ 441.448428] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 441.453464] ? prepare_exit_to_usermode+0x291/0x3b0 [ 441.458487] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 441.463334] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 441.468527] RIP: 0033:0x457569 10:04:26 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xfffff000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:26 executing program 3 (fault-call:5 fault-nth:59): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 441.471715] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 441.490644] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 441.498352] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 441.505619] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 441.512885] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 441.520301] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 441.527566] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:26 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x800001a, 0x5, 0x2) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:27 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x28000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 441.656697] FAT-fs (loop5): bogus number of reserved sectors [ 441.680408] FAT-fs (loop5): Can't find a valid FAT filesystem [ 441.721201] FAULT_INJECTION: forcing a failure. [ 441.721201] name failslab, interval 1, probability 0, space 0, times 0 [ 441.732427] CPU: 1 PID: 20919 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 441.740995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 441.750368] Call Trace: [ 441.752959] dump_stack+0x244/0x39d [ 441.756602] ? dump_stack_print_info.cold.1+0x20/0x20 [ 441.761811] ? is_bpf_text_address+0xac/0x170 [ 441.766318] should_fail.cold.4+0xa/0x17 [ 441.770388] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 441.775520] ? rcu_read_unlock_special+0x370/0x370 [ 441.780474] ? rcu_softirq_qs+0x20/0x20 [ 441.784460] ? unwind_dump+0x190/0x190 [ 441.788359] ? kernel_text_address+0x79/0xf0 [ 441.792772] ? __lock_acquire+0x62f/0x4c20 [ 441.797010] ? __save_stack_trace+0x8d/0xf0 [ 441.801362] ? mark_held_locks+0x130/0x130 [ 441.805616] ? save_stack+0x43/0xd0 [ 441.809274] ? __kmalloc_node_track_caller+0x50/0x70 [ 441.814378] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 441.819317] ? __alloc_skb+0x150/0x770 [ 441.823221] ? sock_wmalloc+0x16d/0x1f0 [ 441.827236] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 441.831575] ? sock_sendmsg+0xd5/0x120 [ 441.835480] ? ___sys_sendmsg+0x51d/0x930 [ 441.839645] ? __sys_sendmmsg+0x246/0x6d0 [ 441.843821] ? __x64_sys_sendmmsg+0x9d/0x100 [ 441.848230] ? do_syscall_64+0x1b9/0x820 [ 441.852306] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 441.857773] ? newary+0x8a8/0xb40 [ 441.861247] __should_failslab+0x124/0x180 [ 441.865505] should_failslab+0x9/0x14 [ 441.869339] kmem_cache_alloc_node_trace+0x5a/0x740 [ 441.874368] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 441.879923] __kmalloc_node_track_caller+0x3c/0x70 [ 441.884870] __kmalloc_reserve.isra.38+0x41/0xe0 [ 441.889635] pskb_expand_head+0x230/0x10f0 [ 441.893904] ? kasan_kmalloc+0xc7/0xe0 [ 441.897825] ? skb_release_data+0x880/0x880 [ 441.902171] ? __might_fault+0x12b/0x1e0 [ 441.906247] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 441.911793] ? iov_iter_advance+0x306/0x13f0 [ 441.916229] ? lock_release+0xa10/0xa10 [ 441.920208] ? perf_trace_sched_process_exec+0x860/0x860 [ 441.925673] ? once_deferred+0xa0/0xa0 [ 441.929560] ? perf_trace_sched_process_exec+0x860/0x860 [ 441.935021] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 441.939874] l2tp_xmit_skb+0x106b/0x1670 [ 441.943952] ? l2tp_recv_common+0x1d40/0x1d40 [ 441.948464] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 441.954002] ? _copy_from_user+0xdf/0x150 [ 441.958157] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 441.962515] pppol2tp_sendmsg+0x4b1/0x6c0 [ 441.966725] ? apparmor_socket_sendmsg+0x29/0x30 [ 441.971540] ? pppol2tp_getsockopt+0x940/0x940 [ 441.976128] sock_sendmsg+0xd5/0x120 [ 441.979859] ___sys_sendmsg+0x51d/0x930 [ 441.983834] ? graph_lock+0x270/0x270 [ 441.987644] ? copy_msghdr_from_user+0x580/0x580 [ 441.992400] ? get_pid_task+0xd6/0x1a0 [ 441.996306] ? find_held_lock+0x36/0x1c0 [ 442.000375] ? __might_fault+0x12b/0x1e0 [ 442.004458] ? lock_downgrade+0x900/0x900 [ 442.008614] ? perf_trace_sched_process_exec+0x860/0x860 [ 442.014090] __sys_sendmmsg+0x246/0x6d0 [ 442.018076] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 442.022398] ? __lock_is_held+0xb5/0x140 [ 442.026503] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 442.032074] ? check_preemption_disabled+0x48/0x280 [ 442.037115] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 442.037130] ? fput+0x130/0x1a0 [ 442.037169] ? do_syscall_64+0x9a/0x820 [ 442.037184] ? do_syscall_64+0x9a/0x820 [ 442.037200] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 442.037217] ? trace_hardirqs_on+0xbd/0x310 [ 442.037234] ? __ia32_sys_read+0xb0/0xb0 [ 442.046032] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 442.046048] ? trace_hardirqs_off_caller+0x300/0x300 [ 442.046067] __x64_sys_sendmmsg+0x9d/0x100 [ 442.046084] do_syscall_64+0x1b9/0x820 [ 442.046098] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 442.046114] ? syscall_return_slowpath+0x5e0/0x5e0 [ 442.046126] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 442.046144] ? trace_hardirqs_on_caller+0x310/0x310 [ 442.105755] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 442.110791] ? prepare_exit_to_usermode+0x291/0x3b0 [ 442.115822] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 442.120708] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 442.125902] RIP: 0033:0x457569 [ 442.129101] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 442.148001] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 442.155719] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 442.163008] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 10:04:27 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 442.170278] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 442.177547] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 442.184833] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:27 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0xa, 0x4, 0x6) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) setsockopt$inet6_dccp_buf(r1, 0x21, 0xe, &(0x7f0000000280)="5e9d9c05f34d0f479c0aa8df653f2b910fe964c492c73f9117dc2cec11658fa939d251e149efd4d516f3b2dd3fd51eae42d2b7ee4fb3df828836ebcaa7bd0f62470f32c5828f1d69bc04ddf40eed5b73a70aaf5eb766d89980cdf1c7d48322032f090f9b24dcdf418d3673b54bb651f05bcb08e8e73bee7683d154661b75f7efb5d8fa9df2bdbd43f2a881244273d1a866c73635c431b98f1f281b4b8f3cc6e046f95a91cc7515192584586f7d05b37072b736c458fd74c8800dc75200", 0xbd) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f00000001c0)={0x0, 0x8, 0x30, 0xf2b, 0x1, 0x5, 0x6, 0xff, {0x0, @in={{0x2, 0x4e20, @multicast1}}, 0x1, 0x29583d13, 0x1, 0x3, 0x1ff}}, &(0x7f0000000040)=0xb0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'bridge_slave_0\x00', &(0x7f0000000340)=@ethtool_flash={0x33, 0x8ba7, "2df80a465ea2f688118573e9c070f8af4c776dac684d63cb7f2922816d560db635d2d0a247a386abbdded050e7201274603a94e07705f3d49cc378d2a57e162bee9b693537602054b105a331d00fc3cac189657705ed585097d726a31d33970c0294ad47ffec8b8154bae3612574824b013ba840418deaf6344bed6ae7f4de5e"}}) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000100)={r3, 0x10001}, 0x8) [ 442.340950] MINIX-fs: bad superblock 10:04:27 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002043700900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:27 executing program 3 (fault-call:5 fault-nth:60): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:27 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:27 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x3], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 442.429327] FAT-fs (loop4): bogus number of reserved sectors [ 442.453022] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:27 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x608], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 442.525930] FAT-fs (loop5): bogus number of reserved sectors [ 442.531892] FAT-fs (loop5): Can't find a valid FAT filesystem [ 442.545414] FAT-fs (loop4): bogus number of reserved sectors [ 442.551234] FAT-fs (loop4): Can't find a valid FAT filesystem [ 442.552972] FAULT_INJECTION: forcing a failure. [ 442.552972] name failslab, interval 1, probability 0, space 0, times 0 [ 442.593020] CPU: 0 PID: 20945 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 442.601605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 442.610970] Call Trace: [ 442.613556] dump_stack+0x244/0x39d [ 442.617204] ? dump_stack_print_info.cold.1+0x20/0x20 [ 442.622400] ? __x64_sys_sendmmsg+0x9d/0x100 [ 442.626821] ? do_syscall_64+0x1b9/0x820 [ 442.630876] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 442.636234] ? kasan_check_read+0x11/0x20 [ 442.640451] should_fail.cold.4+0xa/0x17 [ 442.644564] ? trace_hardirqs_on+0xbd/0x310 [ 442.648881] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 442.654068] ? __lock_acquire+0x62f/0x4c20 [ 442.658305] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 442.663848] ? mark_held_locks+0x130/0x130 [ 442.668097] ? find_held_lock+0x36/0x1c0 [ 442.672208] ? perf_trace_sched_process_exec+0x860/0x860 [ 442.677657] ? graph_lock+0x270/0x270 [ 442.681452] ? kfree_skb+0x1c3/0x580 [ 442.685182] ? __kfree_skb+0x20/0x20 [ 442.688898] __should_failslab+0x124/0x180 [ 442.693156] should_failslab+0x9/0x14 [ 442.696969] kmem_cache_alloc_node+0x26e/0x730 [ 442.701544] ? find_held_lock+0x36/0x1c0 [ 442.705622] __alloc_skb+0x114/0x770 [ 442.709359] ? netdev_alloc_frag+0x1f0/0x1f0 [ 442.713795] ? perf_trace_sched_process_exec+0x860/0x860 [ 442.719238] ? lock_downgrade+0x900/0x900 [ 442.723387] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 442.728943] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 442.734430] sock_wmalloc+0x16d/0x1f0 [ 442.738241] ? skb_set_owner_w+0x360/0x360 [ 442.742482] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 442.748026] ? _copy_from_user+0xdf/0x150 [ 442.752197] pppol2tp_sendmsg+0x23d/0x6c0 [ 442.756392] ? apparmor_socket_sendmsg+0x29/0x30 [ 442.761143] ? pppol2tp_getsockopt+0x940/0x940 [ 442.765739] sock_sendmsg+0xd5/0x120 [ 442.769448] ___sys_sendmsg+0x51d/0x930 [ 442.773442] ? graph_lock+0x270/0x270 [ 442.777250] ? copy_msghdr_from_user+0x580/0x580 [ 442.782004] ? get_pid_task+0xd6/0x1a0 [ 442.785883] ? find_held_lock+0x36/0x1c0 [ 442.789976] ? __might_fault+0x12b/0x1e0 [ 442.794027] ? lock_downgrade+0x900/0x900 [ 442.798195] ? perf_trace_sched_process_exec+0x860/0x860 [ 442.803656] __sys_sendmmsg+0x246/0x6d0 [ 442.807645] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 442.811959] ? __lock_is_held+0xb5/0x140 [ 442.816015] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 442.821540] ? check_preemption_disabled+0x48/0x280 [ 442.826553] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 442.832083] ? fput+0x130/0x1a0 [ 442.835383] ? do_syscall_64+0x9a/0x820 [ 442.839370] ? do_syscall_64+0x9a/0x820 [ 442.843336] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 442.847912] ? trace_hardirqs_on+0xbd/0x310 [ 442.852260] ? __ia32_sys_read+0xb0/0xb0 [ 442.856350] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 442.861727] ? trace_hardirqs_off_caller+0x300/0x300 [ 442.866843] __x64_sys_sendmmsg+0x9d/0x100 [ 442.871077] do_syscall_64+0x1b9/0x820 [ 442.874978] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 442.880340] ? syscall_return_slowpath+0x5e0/0x5e0 [ 442.885319] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 442.890177] ? trace_hardirqs_on_caller+0x310/0x310 [ 442.895197] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 442.900215] ? prepare_exit_to_usermode+0x291/0x3b0 [ 442.905241] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 442.910094] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 442.915298] RIP: 0033:0x457569 [ 442.918491] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 442.937386] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 442.945106] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 442.952398] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 442.959700] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 442.966982] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 442.974247] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:28 executing program 1: socketpair$unix(0x1, 0x40000000000005, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x8140, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x80000001}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000001c0)={r2, 0x2, 0x4}, &(0x7f0000000200)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r3 = socket(0x18, 0x2, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r4, 0x0, 0x0) io_submit(r4, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000080), 0x121}]) [ 443.019493] FAT-fs (loop5): bogus number of reserved sectors [ 443.034317] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:28 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x3a00000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:28 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:28 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:28 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x3a000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:28 executing program 3 (fault-call:5 fault-nth:61): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:28 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_open_dev$ndb(&(0x7f0000000140)='/dev/nbd#\x00', 0x0, 0x60002) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) pwrite64(r0, &(0x7f0000000100)="e68ba481b54ef81578e7ac6ac16aff6368ef9928d42305e62ed9", 0x1a, 0x0) io_submit(r2, 0xfffffeac, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 443.268490] FAT-fs (loop5): bogus number of reserved sectors [ 443.305380] FAT-fs (loop5): Can't find a valid FAT filesystem [ 443.354079] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 443.376931] FAT-fs (loop5): bogus number of reserved sectors [ 443.385199] FAT-fs (loop5): Can't find a valid FAT filesystem [ 443.406053] FAULT_INJECTION: forcing a failure. [ 443.406053] name failslab, interval 1, probability 0, space 0, times 0 [ 443.423461] CPU: 1 PID: 20977 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 443.432042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 443.441410] Call Trace: [ 443.444043] dump_stack+0x244/0x39d [ 443.447671] ? dump_stack_print_info.cold.1+0x20/0x20 [ 443.452866] should_fail.cold.4+0xa/0x17 [ 443.456932] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 443.462062] ? __save_stack_trace+0x8d/0xf0 [ 443.466407] ? save_stack+0xa9/0xd0 [ 443.470034] ? save_stack+0x43/0xd0 [ 443.473660] ? find_held_lock+0x36/0x1c0 [ 443.477773] ? f2fs_convert_inline_page+0x2bf8/0x34f0 [ 443.482992] ? f2fs_convert_inline_page+0x2bf8/0x34f0 [ 443.488198] ? perf_trace_sched_process_exec+0x860/0x860 [ 443.493648] ? check_preemption_disabled+0x48/0x280 [ 443.498669] __should_failslab+0x124/0x180 [ 443.502906] should_failslab+0x9/0x14 [ 443.506728] kmem_cache_alloc_node_trace+0x270/0x740 [ 443.511838] __kmalloc_node_track_caller+0x3c/0x70 [ 443.516907] __kmalloc_reserve.isra.38+0x41/0xe0 [ 443.521687] __alloc_skb+0x150/0x770 [ 443.525510] ? netdev_alloc_frag+0x1f0/0x1f0 [ 443.529926] ? perf_trace_sched_process_exec+0x860/0x860 [ 443.535374] ? lock_downgrade+0x900/0x900 [ 443.539544] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 443.545096] ? refcount_inc_not_zero_checked+0x1e5/0x2f0 [ 443.550553] sock_wmalloc+0x16d/0x1f0 [ 443.554372] ? skb_set_owner_w+0x360/0x360 [ 443.558610] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 443.564146] ? _copy_from_user+0xdf/0x150 [ 443.568314] pppol2tp_sendmsg+0x23d/0x6c0 [ 443.572501] ? apparmor_socket_sendmsg+0x29/0x30 [ 443.577275] ? pppol2tp_getsockopt+0x940/0x940 [ 443.581854] sock_sendmsg+0xd5/0x120 [ 443.585562] ___sys_sendmsg+0x51d/0x930 [ 443.589553] ? graph_lock+0x270/0x270 [ 443.593370] ? copy_msghdr_from_user+0x580/0x580 [ 443.598138] ? get_pid_task+0xd6/0x1a0 [ 443.602050] ? find_held_lock+0x36/0x1c0 [ 443.606111] ? __might_fault+0x12b/0x1e0 [ 443.610176] ? lock_downgrade+0x900/0x900 [ 443.614337] ? perf_trace_sched_process_exec+0x860/0x860 [ 443.619795] __sys_sendmmsg+0x246/0x6d0 [ 443.623778] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 443.628103] ? __lock_is_held+0xb5/0x140 [ 443.632180] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 443.637714] ? check_preemption_disabled+0x48/0x280 [ 443.642740] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 443.648291] ? fput+0x130/0x1a0 [ 443.651570] ? do_syscall_64+0x9a/0x820 [ 443.655540] ? do_syscall_64+0x9a/0x820 [ 443.659527] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 443.664119] ? trace_hardirqs_on+0xbd/0x310 [ 443.668465] ? __ia32_sys_read+0xb0/0xb0 [ 443.672543] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 443.677903] ? trace_hardirqs_off_caller+0x300/0x300 [ 443.683033] __x64_sys_sendmmsg+0x9d/0x100 [ 443.687265] do_syscall_64+0x1b9/0x820 [ 443.691187] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 443.696566] ? syscall_return_slowpath+0x5e0/0x5e0 [ 443.701489] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 443.706327] ? trace_hardirqs_on_caller+0x310/0x310 [ 443.711361] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 443.716395] ? prepare_exit_to_usermode+0x291/0x3b0 [ 443.721412] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 443.726268] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 443.731460] RIP: 0033:0x457569 [ 443.734654] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 10:04:29 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002740a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8dffffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:29 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) r2 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x800, 0x841) ioctl$VT_WAITACTIVE(r2, 0x5607) ioctl$EVIOCSFF(r2, 0x40304580, &(0x7f0000000080)={0x57, 0x0, 0x400, {0x100000001, 0x80000000}, {0x1, 0xa00000}, @cond=[{0x80000001, 0x8, 0xffff, 0xb35e, 0x800, 0x80}, {0x3, 0x4, 0x8001, 0x0, 0x8, 0x20}]}) ioctl$UI_SET_ABSBIT(r2, 0x40045567, 0x4) io_submit(0x0, 0x0, 0x0) write$nbd(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="67446698000000000400030003000000cdbf15e28dbf22d644923e005a09fc3558926a0056c5960efb35ac7c6597"], 0x2e) io_submit(0x0, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) [ 443.753552] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 443.761271] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 443.768534] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 443.775825] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 443.783087] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 443.790352] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 10:04:29 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:29 executing program 3 (fault-call:5 fault-nth:62): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) [ 443.825859] minix_free_inode: bit 1 already cleared 10:04:29 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) recvfrom$llc(r1, &(0x7f00000001c0)=""/133, 0x85, 0x10020, 0x0, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x351500, 0x0) ioctl$BLKROTATIONAL(r2, 0x127e, &(0x7f0000000100)) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x88640000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 443.922573] FAT-fs (loop4): bogus number of reserved sectors [ 443.941239] FAT-fs (loop4): Can't find a valid FAT filesystem [ 443.957847] FAULT_INJECTION: forcing a failure. [ 443.957847] name failslab, interval 1, probability 0, space 0, times 0 10:04:29 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xf5ffffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 443.969186] CPU: 1 PID: 20991 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 443.969198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 443.987102] Call Trace: [ 443.989690] dump_stack+0x244/0x39d [ 443.993319] ? dump_stack_print_info.cold.1+0x20/0x20 [ 443.998518] ? is_bpf_text_address+0xac/0x170 [ 444.003032] should_fail.cold.4+0xa/0x17 [ 444.003049] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 444.003062] ? rcu_read_unlock_special+0x370/0x370 [ 444.003074] ? rcu_softirq_qs+0x20/0x20 [ 444.003086] ? unwind_dump+0x190/0x190 [ 444.003108] ? kernel_text_address+0x79/0xf0 [ 444.029489] ? __lock_acquire+0x62f/0x4c20 [ 444.033728] ? __save_stack_trace+0x8d/0xf0 [ 444.038063] ? mark_held_locks+0x130/0x130 [ 444.042305] ? save_stack+0x43/0xd0 [ 444.045939] ? __kmalloc_node_track_caller+0x50/0x70 [ 444.051054] ? __kmalloc_reserve.isra.38+0x41/0xe0 [ 444.055979] ? __alloc_skb+0x150/0x770 [ 444.059882] ? sock_wmalloc+0x16d/0x1f0 [ 444.063872] ? pppol2tp_sendmsg+0x23d/0x6c0 [ 444.068224] ? sock_sendmsg+0xd5/0x120 [ 444.072115] ? ___sys_sendmsg+0x51d/0x930 [ 444.076262] ? __sys_sendmmsg+0x246/0x6d0 [ 444.080431] ? __x64_sys_sendmmsg+0x9d/0x100 [ 444.084884] ? do_syscall_64+0x1b9/0x820 [ 444.088951] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 444.094328] ? follow_devmap_pud+0x278/0x510 [ 444.098757] __should_failslab+0x124/0x180 [ 444.103012] should_failslab+0x9/0x14 [ 444.106878] kmem_cache_alloc_node_trace+0x5a/0x740 [ 444.111908] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 444.117494] __kmalloc_node_track_caller+0x3c/0x70 [ 444.122426] __kmalloc_reserve.isra.38+0x41/0xe0 [ 444.127214] pskb_expand_head+0x230/0x10f0 [ 444.131473] ? kasan_kmalloc+0xc7/0xe0 [ 444.135378] ? skb_release_data+0x880/0x880 [ 444.139713] ? __might_fault+0x12b/0x1e0 [ 444.143787] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 444.149347] ? iov_iter_advance+0x306/0x13f0 [ 444.153794] ? lock_release+0xa10/0xa10 [ 444.157766] ? perf_trace_sched_process_exec+0x860/0x860 [ 444.163216] ? once_deferred+0xa0/0xa0 [ 444.167101] ? perf_trace_sched_process_exec+0x860/0x860 [ 444.172575] ? _copy_to_iter_mcsafe+0x1680/0x1680 [ 444.177424] l2tp_xmit_skb+0x106b/0x1670 [ 444.181489] ? l2tp_recv_common+0x1d40/0x1d40 [ 444.185981] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 444.191514] ? _copy_from_user+0xdf/0x150 [ 444.195663] ? pppol2tp_sendmsg+0x45d/0x6c0 [ 444.199995] pppol2tp_sendmsg+0x4b1/0x6c0 [ 444.204140] ? apparmor_socket_sendmsg+0x29/0x30 [ 444.208944] ? pppol2tp_getsockopt+0x940/0x940 [ 444.213539] sock_sendmsg+0xd5/0x120 [ 444.217282] ___sys_sendmsg+0x51d/0x930 [ 444.221255] ? graph_lock+0x270/0x270 [ 444.225059] ? copy_msghdr_from_user+0x580/0x580 [ 444.229841] ? get_pid_task+0xd6/0x1a0 [ 444.233739] ? find_held_lock+0x36/0x1c0 [ 444.237851] ? __might_fault+0x12b/0x1e0 [ 444.241919] ? lock_downgrade+0x900/0x900 [ 444.246080] ? perf_trace_sched_process_exec+0x860/0x860 [ 444.251539] __sys_sendmmsg+0x246/0x6d0 [ 444.255520] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 444.259843] ? __lock_is_held+0xb5/0x140 [ 444.263930] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 444.269497] ? check_preemption_disabled+0x48/0x280 [ 444.274591] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 444.280132] ? fput+0x130/0x1a0 [ 444.283428] ? do_syscall_64+0x9a/0x820 [ 444.287408] ? do_syscall_64+0x9a/0x820 [ 444.291382] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 444.295961] ? trace_hardirqs_on+0xbd/0x310 [ 444.300288] ? __ia32_sys_read+0xb0/0xb0 [ 444.304486] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 444.309882] ? trace_hardirqs_off_caller+0x300/0x300 [ 444.314996] __x64_sys_sendmmsg+0x9d/0x100 [ 444.319236] do_syscall_64+0x1b9/0x820 [ 444.323134] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 444.328542] ? syscall_return_slowpath+0x5e0/0x5e0 [ 444.333501] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 444.338355] ? trace_hardirqs_on_caller+0x310/0x310 [ 444.343385] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 444.348408] ? prepare_exit_to_usermode+0x291/0x3b0 [ 444.353430] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 444.358303] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 444.363500] RIP: 0033:0x457569 [ 444.366689] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 444.385585] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 444.393290] RAX: ffffffffffffffda RBX: 00007f3946eb9c90 RCX: 0000000000457569 [ 444.400557] RDX: 00000000000000a9 RSI: 0000000020005fc0 RDI: 0000000000000004 [ 444.407860] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 444.415125] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 444.422426] R13: 00000000004c3c33 R14: 00000000004d63e8 R15: 0000000000000005 [ 444.450565] FAT-fs (loop5): bogus number of reserved sectors [ 444.465359] FAT-fs (loop5): Can't find a valid FAT filesystem [ 444.527032] FAT-fs (loop4): bogus number of reserved sectors [ 444.535516] FAT-fs (loop4): Can't find a valid FAT filesystem [ 444.544889] FAT-fs (loop5): bogus number of reserved sectors [ 444.557729] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:30 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:30 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)) perf_event_open(&(0x7f0000000100)={0x5, 0x70, 0x4fb6e826, 0x80000001, 0xb3, 0x3, 0x0, 0x4, 0x4000, 0x2, 0x6, 0x4, 0x2, 0x80000001, 0x101, 0xf581, 0x1, 0x8, 0xa476741, 0x40, 0x3e, 0x7, 0x84, 0x400, 0x41, 0x0, 0x6f, 0xc4, 0x5, 0x80000000, 0x3, 0x1, 0x11edbcc, 0x6e5c, 0x101, 0x0, 0x1, 0x2f2, 0x0, 0x2, 0x7, @perf_bp={&(0x7f0000000040), 0x1}, 0x2, 0x9, 0xfff, 0x8, 0xff, 0x3, 0x1}, 0xffffffffffffffff, 0x8, 0xffffffffffffff9c, 0x1) openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x8000, 0x0) syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0x100000000, 0x200) syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x1, 0x8000) perf_event_open(&(0x7f0000000280)={0x5, 0x70, 0xc9e, 0x0, 0x2, 0xcd5b, 0x0, 0x2, 0x4000, 0x4, 0x3ff, 0x8, 0xd60, 0x5dc, 0x4, 0x800005, 0x7, 0x61a, 0xd2, 0xffb0, 0x1, 0x8001, 0x8, 0x71, 0x3, 0x5c3, 0x5, 0x5e, 0x8fa, 0x4, 0xfffffffffffffffa, 0x6, 0x6cc5, 0x3, 0xb0, 0x69f, 0x80, 0x0, 0x0, 0xaa17, 0x0, @perf_config_ext={0x2f1, 0x100}, 0x1000, 0x3, 0x4, 0x7, 0x6, 0x6, 0xe0ac}, 0x0, 0x7, 0xffffffffffffff9c, 0x3) memfd_create(&(0x7f0000000300)='\x00', 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vga_arbiter\x00', 0x8201, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0xffffffffffffffff) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:30 executing program 3 (fault-call:5 fault-nth:63): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:30 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x800e], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 444.782931] FAT-fs (loop4): bogus number of reserved sectors [ 444.789628] FAT-fs (loop4): Can't find a valid FAT filesystem [ 444.881806] FAT-fs (loop4): bogus number of reserved sectors [ 444.904187] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:36 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002230a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x4788], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:36 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) fcntl$setflags(r0, 0x2, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) r4 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x200) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r4, &(0x7f00000001c0)="e9b765039b51aeaa82ddb8a211a4bd62314acaab25ab5d0a3a14e62e8336f82654a2ca34913c4294ec5104ead7ad48c19fad7ff41699d9a73d4eae20f331ca3b9d4364fe7884250a05e8fa37081ce1f3120aa2998971c40b064e3f68b8ce1cb60c0e77feb88bba3b87796cfd43f9ba8b55f6083ce06ed889f96bc359e1f2c0b3b2ec580d0ccfd30c92a58f6f82b4476f0504ad6baa78b51c6a5cb2494ca1268b37002a744e3dfb", &(0x7f0000000100)=""/123}, 0x18) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) 10:04:36 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x0) 10:04:36 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 450.978788] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 451.035528] minix_free_inode: bit 1 already cleared [ 451.055649] FAT-fs (loop5): bogus number of reserved sectors [ 451.075506] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x543], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 451.137151] FAT-fs (loop4): bogus number of reserved sectors [ 451.144448] FAT-fs (loop4): Can't find a valid FAT filesystem [ 451.159371] FAT-fs (loop5): bogus number of reserved sectors 10:04:36 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getpeername$unix(r0, &(0x7f0000000100), &(0x7f0000000040)=0x6e) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) readv(r1, &(0x7f0000001840)=[{&(0x7f00000001c0)=""/255, 0xff}, {&(0x7f00000002c0)=""/139, 0x8b}, {&(0x7f0000000380)=""/166, 0xa6}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/148, 0x94}, {&(0x7f0000001500)=""/205, 0xcd}, {&(0x7f0000001600)=""/189, 0xbd}, {&(0x7f00000016c0)=""/219, 0xdb}, {&(0x7f00000017c0)=""/82, 0x52}], 0x9) io_submit(r2, 0x0, 0x0) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000001900)='/dev/vga_arbiter\x00', 0x400000, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f0000001980)={&(0x7f0000001940)=[0x20, 0x7, 0x8, 0x1, 0x1400000000000000, 0x7], 0x6, 0xfffffffffffffffd, 0x0, 0x3, 0x40, 0x1, {0xfffffffffffffffd, 0xec92000000000000, 0x1ff, 0xffffffff, 0x80000000, 0xffffffffffffff7d, 0x1, 0x1, 0xff, 0x33, 0x1000, 0x5, 0x3, 0x2, "0fa69e952c2b998b6e16ac18ab17ed53b8c154b51f28b50424a88abcb7cd577c"}}) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:36 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x5, 0x0) [ 451.183543] FAT-fs (loop5): Can't find a valid FAT filesystem [ 451.232890] FAT-fs (loop4): bogus number of reserved sectors [ 451.241476] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:36 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x600000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:36 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos`', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:36 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdosi', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:39 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002110a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:39 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x8, 0x0) 10:04:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x600], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:39 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) uselib(&(0x7f0000000040)='./file0\x00') io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0x121}]) 10:04:39 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\b', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:39 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 454.014982] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x300000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:39 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x1a, 0x0) [ 454.073249] FAT-fs (loop4): bogus number of reserved sectors [ 454.095528] minix_free_inode: bit 1 already cleared [ 454.105551] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:39 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080), 0xfd3d}]) [ 454.185569] FAT-fs (loop4): bogus number of reserved sectors [ 454.191417] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:39 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x88caffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:39 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xf, 0x0) 10:04:39 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f73ff", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:40 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:40 executing program 1: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x80000, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000040)) openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vsock\x00', 0x4c4002, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r3, 0x0, 0x0) io_submit(r3, 0x2, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000080), 0x121}]) 10:04:40 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f73f9", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:40 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x2800], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:40 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x16, 0x0) 10:04:40 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f730e", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 455.594687] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:41 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x2800000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:41 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x17, 0x0) [ 455.695491] minix_free_inode: bit 1 already cleared 10:04:41 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) syz_emit_ethernet(0x26, &(0x7f0000000100)={@remote, @broadcast, [{[{0x9100, 0x8, 0x7f, 0x3}], {0x8100, 0xbdf, 0x8, 0x1}}], {@can={0xc, {{0x2, 0x80000001, 0x7, 0x5}, 0x1, 0x1, 0x0, 0x0, "0b793c90514d537d"}}}}, &(0x7f0000000140)={0x0, 0x3, [0x5eb, 0xec9, 0xc11, 0xacc]}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket(0x18, 0x0, 0x1) io_setup(0x1, &(0x7f0000000080)=0x0) io_submit(r2, 0x0, 0x0) io_submit(r2, 0x1, &(0x7f0000000000)=[&(0x7f00000000c0)={0x906601, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000040)}]) creat(&(0x7f0000000040)='./file0\x00', 0x0) 10:04:41 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:41 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x1e, 0x0) 10:04:41 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x1000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 456.066219] FAT-fs (loop5): bogus number of reserved sectors [ 456.072098] FAT-fs (loop5): Can't find a valid FAT filesystem [ 456.126969] MINIX-fs: bad superblock 10:04:41 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000500900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:41 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:41 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x21, 0x0) 10:04:41 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xd00], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:41 executing program 1: creat(&(0x7f0000000340)='./bus\x00', 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f0000000580)={0x0, 0xfb, 0xcfc, 0x0, 0x59c, "fa128a41866ab3bd6647d5cab988c67a", "c81aee304f0ee0a11aefd3932951e93819f221addd0d24cbc0fa10d7975abd281e4f8b7fa57b948154d40fe7fbdba27a4df12ffdb655eee71928260efeb37a49a5efcd7979fb297e1b49a7a21431aa6bf17898d05a8a64ba69c29339a59d7d127d7a40a4af972eae1029a49b4b36e2ae4428857ba8fe8246195ee90af45fc75303b1a506410702f856e5cce319c6278827d45dbecd1d420146f6a037b4e2eabca9e1938a9f37070e37833ad14a215ede7e2b8c5721343562368030e9c2b39879fbc85721c0d82c81e3b2e95dbac8ac11cf94752b5483650c709eec5b66f2153d692aa1d018a4dc6017d660917d65b481c8770854303912dcfb57acdb7405d96c9033aef39819f373d4d276b0dd78da9335c203f6b08642e4d661af62842ddb094d7b1bfa8c6dd6313b43e79518008dc7897e771d748c80a3833f17fb3b442b17985529e76abea0c8ae47f14efd8e4538933be631aa0843268d764e8c50455dcc3260fbb0af3963a19c0b5dbbcb849dfb41635389b8780741d1158faf40364bd312ddd918626440b8f92cc6a968828b0c19c233d34074001177fef42eb7e6afd3850570ec9bbf0ff5671d50a335f5533017f509090ff5445004422d58eb4a3e14c3934f3a8a105e0f0084147c4fda650307a7e08921504b5b911db898689c69c5305c1115177a0ff2c6b02305a5bcfc3ddd2a8f0bbc9542f9ff05987694131eba10033a13ea36bb2cfb7289098f09bd12744a3634c7e050d60db1cfe75a5424bfcafd21c516a9cf32bc6dcb500a4d2f540bad4f2cc852bf18bda427988623e3bfbbdbccaefcbd2a18a9bdb6be9f3557b5581ec0dca4d105759367cfb7c82d140e52816b36408baa5e15600a78de397d77bf540ed9bdd304249bace2f51689adbc4acde2f8044dfa5c15e0fd8a8be3b098c542da8f6d504b59e1203ac45ce3cb30fbe63cadce6af31c5b1ea0095f6251a14b1dd6cb77007a79b8fa57f640b208d0aa5799b9a03ea4557aa9de798fcef8823c480ff8380d57786de98f08dc162d68b4acad21912348a1415d00d25e9025919a8d1ade335a7c56e866e7d7e89079a51e70b52f43c4a4797d39d7e297f3f29de59c5b5b481f99f2ad2c5c4cbd2882b9dbcb6bf70df4623388f60e89b00765f354402876487cb63fd1a9c931431f8a987fac7e67d0a4b2d7ef1d36a4fe3aa5ac37c42ffce80e99266f56992ac378a2e7e8071258f69845d9480a17ad30a2c04ad155771cbc826f80c0c5c38fa5b943cbf3da4e9a4694053f688342fbf5a450373ac1ea568585f07e9b2cdc38cfb6fa49edee2a454d0d19f9a1d26e3853a21b5e6ce218e6b612908093a9aaf14ebd2f840147cd8504dba2178416b6227adeae4933fee15132a87f756b09591fafdaa10b601561715c78c551a43493f88a6822472be780ee969235c09f358cb7b90d63aa960a7ab69e4250e37339091ccc3cc0909b2779c5248715a9bcab92c22dd507b53034d7e66ca72e9976c2a9ab26222b8a60bb558d47584ff350418f77261acd964f66553ff1586e7ceff5ae6eed405c68c20eb83bfd129db2dd8794cab81cf4b6af72d81933a43b9599f95f2833818b16321f3cd939476e528a17f1720155628b47f31b8ec68bb52bed8b15cddcd40e4e78420616ed06adc3e38f1bc81fd9630c120770e714af9d993c51eb7b6e266c5267aecacf165383ad61708a366568b16ee0d81858726071a5e19e21882bcc34eed810208b5908ff3ec4670ccdac289af81716f6e59e2c0495566893e4026072664e3ba5cfc2a8d2a671dff9efdb56991e2e67954f5889ae90de403feb190baeafc86cd5f2b719bc08deca2f49cfd40c6be834e11903c8dd8f529a242191255844fe3f2d0ff3c41f9c8306cb85c1548be0370edde6b090fa91515114ed074bab67246a45889a6dae57e2d6cc97fe67e67ad8783dfcffa18c1aebb46a2bbdaab9da530bce2139cc96e9c1f6461d51b63a66e29e1649cd9b7bf74899a0a2796748b6cb7069640a7cca87d5b7bc58ec676c8dfaf7a9d6ba9fdd9ce119341903c5859bd1410358f5add60cefd57baff3100e55597906c1675c2ccbb7781ebad926b282c458f4d4dbe2e0316aa42dc7426e9727c926aa67205f4767c107630171fc5fd5ba026d7c6a8faa9fc232a0639afca960557880f2dddca27379df174d92f7b40500464e4b61e80a423a89318da9488fb0f696f2dacd5931411e95edaa287d1e406ac98513c2833e4898abbad3fb3231b8595fb18988b915c4d116fe56eee49bb7c8b7fc7378e55099c7dd08cdfb6bf642729e21e4cbea512290ecf299d3bff881a2523d6284144a48c67e779701c560e90f2af13bc868660dab6aa16c3f7c409b21372b5ea21d8fcc39d810c7bd47fd981d21b05abc79f9ba7c8325aa9849cf2f9cb332a6e95852bb2475e3ed36f77b350da95b37fd31436f064ffeaf307f27407495534008d5aeb7e3a9ea200f3cb1fa75dfe6bb60910ecebc80710a9b50bc1069cf3c976dcd222af7ddd082dbd50971dc2be9812c0729e6f1adad0f89074e110e20479745608903e403167db5446694dd189fc1abd38eebe05c125d5add3768c116214ce2cd97f5a82a6299d2c376355761af2440c61895b02c8fbc346d997ff3ff2e74325b6086a3ca06daac8702ca1f5d0655fd27762eda06c922d9aa1bbfaf4891d8fd88f22fedbf35c26de02be0b5836c412b61a49de3ea9f08bd59095e293c3ae4ffe704ea1376f063c1cb5c77a9fe1edcee9caee01d4dc5181368af220362aa4ac76bd0db90491b24117ec4a8a7d9af324875733d6f8ea0a198efd1ce40dbca9403941a04654c6c4f656be509de8adf21dc83ccf751844c648758f27d6bdf44f1372b19e38579d95e7108deb70813a6f7374b6903432bf7d3486170dab2e084df2f021419bc6c5ca11f975ca88b15e1aef3722c417c02bef0a368c62aedd2ed7aa38c04f9900e2354cbf205008f6c7d41ab2a3559fd0c2cd39631983137c4dd19b4ea65dbc751902ab9ddceeef773f10c50d4cfd966ba1799d1608c03106ea8683e0769b0b70c94726b695b1155a1225e322fc911c4da6a5e3f8c2195a93b972ec46aa93c489dbe9b3bef1163bedbc6c29e14abd50011ccde485d82242ea67297c23f3675be261bc18309ab21c025467634198e60c783e2eee40a0067fae53c334792bd39bbe626a167f8d9e0f8311693fc6aa2c56f07b9accba60607410ae9813f6b4f05cf614b09ab85f10f9e1b39016b30e59667ab2372a841387a6b3aba904f89068e7927182dcac3967d840e18811072721b69ba1c8d2047d8d03edf55e983a22a10ea6623cd2c55633c09d48d4d0cb15bc1790218bfa588026fcfcc03eb0fce542c37cd8f08a8a0a3755c21460921ddd157897560193108efdc0e3f0b376ddad8b3dc7d37cddd37f56a1bb02f543bccf3490cc969ee50a2d11c2877ed052cca25723c27743c21b6c278f6585fd7f4ddff5969d85af209d46e0562ed4ff81dfe9a4ea007ec78664b27a18235fb6fbe396d107b8748f46b9ec85a6a51fe44fe27487b20fd4650cf10eab5ea66276795eb2fa1235befe4fb7056031c3216157a0154b53c5f6b7b77281eb00660e7d71ded4c6c5295795e725aa7f5724866016d3b0c76df82d035f16ce9df531a6d0205c2c7761c1ac9b01d9c92d7594fa21c162b76d868d50982f90651b75b1d00316d4f9a7c9436cbaa261fd2ce1c4ec5c5792595e13b52618ac783400a8276c33b3678d298582ea0d769197b5656e100750b36f78dc3e51680b18eb07af2f0edffaa991b54b69a6ddb36a462e33c092bd3e140c68457301e35e056a26088a6b9992f6124227e68fb0b6dbae7fa3dd37214c25ab8c6abf90213cfd7c3667954f9a0cdecd70109b8a0bed9f24e380f2a9d3a7728e9251c10fab45ec7b01efc8db03073c8380d568a5b85ddf0a594f08294ebd23e28783ee1f62ad30dd315dee3f5b42926d755c7093eb4d8f94d4d5679f7a91654630b936e56fd681d7c681bb8be9b1afb9cd4fac271b43ff1d3e3c5904eb495c3fc835d43bc30a9f77d8a0870e29f86b8f1e6e02182d528000d92c2449e3f9dbc5569dde03f7630182f71ea554f31f65ebbfc8d5ec509cbfffdab453c0713c53d074bc0715c6b9b0097ff646e6211e87e516048e07337c78a5eee5947da70a1d5aa06bbd968993099e06cb7c95737853d013f8670efc3bde3c5722c8c91c867848e5bef0e70a4ab1130441b84dd94f194b1413b0b13341bbfb4d2a5848c667aa5a0b37e41857df5cf5d6ae83f7fd8066a72f6ef85fe4b572fe3d895e992ddfb983a7435cac77d3b9f699cec505988c9d198915098d3fffe411235022ddb13b2c475785cb482a4ffff9bcf8252e8b6e38465df93db63c29c3177e6ba19fcbdc26377bdd2401340c529a6be4aecf8e39fc5641fdf4c27b7a100fa99bd1f865da1da6e2d464c9cf9fe47b014f3a91cbc2dea29a8ff573fb1d1d80ea1b95157bc6c02d59b7e5d94b676b5df51c6b33e0cd58db323658a2279072dd7f14f068a793c5f56b93652626c3d1841ba0c597947c03b513f3c86848fb80267fcba7c8ed05c1a1e3d92e7fab746fdee47e9f0c8c841391ce78990e5dabd266787251cfae9cae9227527528bc5c2cc39a6c29383360095f9"}, 0xcfc, 0x0) [ 456.258549] FAT-fs (loop5): bogus number of reserved sectors [ 456.277105] FAT-fs (loop4): bogus number of reserved sectors [ 456.289548] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:41 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8100], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:41 executing program 1: 10:04:41 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x6, 0x0) 10:04:41 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 456.301724] MINIX-fs: file system does not have enough zmap blocks allocated. Refusing to mount. [ 456.301861] FAT-fs (loop4): Can't find a valid FAT filesystem [ 456.331621] MINIX-fs: bad superblock or unable to read bitmaps 10:04:41 executing program 1: 10:04:41 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x11, 0x0) 10:04:41 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x700], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:41 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002600a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 456.563250] FAT-fs (loop4): bogus number of reserved sectors [ 456.569533] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:42 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:42 executing program 1: 10:04:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xe80], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:42 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xc, 0x0) [ 456.629239] FAT-fs (loop5): bogus number of reserved sectors [ 456.636344] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:42 executing program 1: 10:04:42 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xd, 0x0) [ 456.720395] FAT-fs (loop5): bogus number of reserved sectors [ 456.741477] FAT-fs (loop5): Can't find a valid FAT filesystem [ 456.741746] FAT-fs (loop4): bogus number of reserved sectors 10:04:42 executing program 1: [ 456.781261] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:42 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f73ff", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:42 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8847000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:42 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") getpid() setpgid(0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) setsockopt$inet6_MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, 0x0, 0x0) 10:04:42 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x22, 0x0) [ 456.852760] FAT-fs (loop4): bogus number of reserved sectors [ 456.883690] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:47 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002070a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:47 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:47 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8906000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:47 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x13, 0x0) 10:04:47 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:47 executing program 1: [ 462.051509] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:47 executing program 1: [ 462.125542] minix_free_inode: bit 1 already cleared [ 462.138551] FAT-fs (loop5): bogus number of reserved sectors 10:04:47 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x7, 0x0) 10:04:47 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xf0], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 462.172763] FAT-fs (loop4): bogus number of reserved sectors [ 462.201829] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:47 executing program 1: 10:04:47 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x800e0000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 462.228255] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:47 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x19, 0x0) [ 462.347566] FAT-fs (loop4): bogus number of reserved sectors [ 462.353403] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:48 executing program 1: 10:04:48 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:48 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x806], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:48 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:48 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:48 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x12, 0x0) [ 463.159736] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:48 executing program 1: [ 463.273806] FAT-fs (loop4): bogus number of reserved sectors [ 463.285577] minix_free_inode: bit 1 already cleared [ 463.291125] FAT-fs (loop5): bogus number of reserved sectors [ 463.312882] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:48 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8848], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:48 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x1c, 0x0) [ 463.313004] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:48 executing program 1: 10:04:48 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xffffa888], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:48 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x9, 0x0) 10:04:48 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 463.497333] FAT-fs (loop4): bogus number of reserved sectors [ 463.503298] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:48 executing program 1: 10:04:48 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x14, 0x0) 10:04:48 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f73c0", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:49 executing program 1: 10:04:49 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x800000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:49 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x2, 0x0) 10:04:49 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos`', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:49 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos&', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:49 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e00225ff00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 463.851387] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 463.945425] minix_free_inode: bit 1 already cleared 10:04:49 executing program 1: 10:04:49 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x3, 0x0) 10:04:49 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x8000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:49 executing program 1: 10:04:49 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x1d, 0x0) 10:04:49 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x800e000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:49 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdosn', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:49 executing program 1: 10:04:49 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:49 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x4, 0x0) 10:04:49 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x88a8ffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 464.403533] FAT-fs (loop4): bogus number of reserved sectors [ 464.421321] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:51 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002043600900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:51 executing program 1: 10:04:51 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xe, 0x0) 10:04:51 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdosi', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:51 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xd], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:51 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 466.571915] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 466.635896] minix_free_inode: bit 1 already cleared 10:04:52 executing program 1: 10:04:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0xfffffff5], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:52 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x15, 0x0) 10:04:52 executing program 1: 10:04:52 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:52 executing program 1: [ 467.116141] FAT-fs (loop5): bogus number of reserved sectors [ 467.128975] FAT-fs (loop5): Can't find a valid FAT filesystem [ 467.199351] FAT-fs (loop5): bogus number of reserved sectors [ 467.205187] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:52 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002001400900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x806000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:52 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x18, 0x0) 10:04:52 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:52 executing program 1: 10:04:52 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 467.404458] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:52 executing program 1: [ 467.485497] minix_free_inode: bit 1 already cleared [ 467.505389] FAT-fs (loop4): bogus number of reserved sectors [ 467.507769] FAT-fs (loop5): bogus number of reserved sectors [ 467.511299] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:52 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x8864000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:52 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x23, 0x0) [ 467.545584] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:52 executing program 1: [ 467.645681] FAT-fs (loop4): bogus number of reserved sectors [ 467.655326] FAT-fs (loop4): Can't find a valid FAT filesystem [ 467.677054] FAT-fs (loop5): bogus number of reserved sectors [ 467.683048] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:53 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:53 executing program 1: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fchown(r0, 0x0, 0x0) fsync(r0) [ 467.852838] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:53 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000600900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:53 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:53 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x88a8ffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:53 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x10, 0x0) 10:04:53 executing program 1: clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000100)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000780)="696f005bfc57169babee54ed16e39e7a8fe4b90016f266e3f63c443b3fc5040006bb5cd4bd7c7373b3d4d470a0cb5617aadbfb64c5e4983c25d024a9f3c489cc438f9e6de16364672bf70ad3bc27c924384f5586d4a51c6420a4e356e4e5ff7e284ee69a86f67264667d24b6f6502eb380104d262f889f390101ccaff805816603f65ba309000000000000004a80004e16b70c9649a2f9f6900fc77267a03436ba91a7f50c747f58236e5fa35ce74bb8da57ae4acad3aec3660ea6671da9f55e8211dfc5a17b8d3b1865e97da694c88f4920f772f196bdf299fc0b233d60654271ce981015") pread64(r0, 0x0, 0xfe52, 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lseek(r0, 0x0, 0x1) write$P9_RMKDIR(r0, 0x0, 0x0) open$dir(&(0x7f00000000c0)='./file0\x00', 0x27e, 0x0) 10:04:53 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x2], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:53 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa, 0x0) [ 468.015397] minix_free_inode: bit 1 already cleared 10:04:53 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdosf', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 468.102958] FAT-fs (loop5): bogus number of reserved sectors [ 468.122860] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:53 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xb, 0x0) 10:04:53 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0xfffffffffffff000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 468.161257] MINIX-fs: file system does not have enough zmap blocks allocated. Refusing to mount. [ 468.185311] MINIX-fs: bad superblock or unable to read bitmaps 10:04:53 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002090a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:53 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000300)=0x1fd, 0x4) sendto$inet6(r0, &(0x7f0000000300), 0x0, 0x0, 0x0, 0x0) [ 468.274853] FAT-fs (loop5): bogus number of reserved sectors [ 468.293965] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:53 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x1b, 0x0) 10:04:53 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\n', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:53 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x4888], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:53 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\t', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:53 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCLINUX4(r1, 0x541c, 0x0) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000180)={0x0, 0x0, 0x0, 0xffffffffffffffff}) write(r0, &(0x7f0000c34fff), 0xffffff0b) ioctl$FIONREAD(0xffffffffffffffff, 0x541b, 0x0) openat$selinux_attr(0xffffffffffffff9c, 0x0, 0x2, 0x0) 10:04:53 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0xfffffdef) 10:04:54 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0xffffdd86], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:54 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x700000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:54 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x6000000000000000) 10:04:54 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 468.987184] FAT-fs (loop4): bogus number of reserved sectors [ 469.014015] FAT-fs (loop4): Can't find a valid FAT filesystem [ 469.099206] FAT-fs (loop4): bogus number of reserved sectors [ 469.106071] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:54 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000e00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:54 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:54 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x8dffffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 469.561234] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:54 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x200000000000000) 10:04:54 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f73ff", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:54 executing program 1: keyctl$restrict_keyring(0x1d, 0x0, &(0x7f0000000180)='trusted\x00', 0x0) r0 = getpid() sched_setattr(r0, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r1 = creat(&(0x7f0000000340)='./bus\x00', 0x0) io_setup(0x7e4, &(0x7f0000000200)=0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7}]) fsync(r1) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000580)={0x0, 0xfb, 0xcfc, 0x0, 0x59c, "fa128a41866ab3bd6647d5cab988c67a", "c81aee304f0ee0a11aefd3932951e93819f221addd0d24cbc0fa10d7975abd281e4f8b7fa57b948154d40fe7fbdba27a4df12ffdb655eee71928260efeb37a49a5efcd7979fb297e1b49a7a21431aa6bf17898d05a8a64ba69c29339a59d7d127d7a40a4af972eae1029a49b4b36e2ae4428857ba8fe8246195ee90af45fc75303b1a506410702f856e5cce319c6278827d45dbecd1d420146f6a037b4e2eabca9e1938a9f37070e37833ad14a215ede7e2b8c5721343562368030e9c2b39879fbc85721c0d82c81e3b2e95dbac8ac11cf94752b5483650c709eec5b66f2153d692aa1d018a4dc6017d660917d65b481c8770854303912dcfb57acdb7405d96c9033aef39819f373d4d276b0dd78da9335c203f6b08642e4d661af62842ddb094d7b1bfa8c6dd6313b43e79518008dc7897e771d748c80a3833f17fb3b442b17985529e76abea0c8ae47f14efd8e4538933be631aa0843268d764e8c50455dcc3260fbb0af3963a19c0b5dbbcb849dfb41635389b8780741d1158faf40364bd312ddd918626440b8f92cc6a968828b0c19c233d34074001177fef42eb7e6afd3850570ec9bbf0ff5671d50a335f5533017f509090ff5445004422d58eb4a3e14c3934f3a8a105e0f0084147c4fda650307a7e08921504b5b911db898689c69c5305c1115177a0ff2c6b02305a5bcfc3ddd2a8f0bbc9542f9ff05987694131eba10033a13ea36bb2cfb7289098f09bd12744a3634c7e050d60db1cfe75a5424bfcafd21c516a9cf32bc6dcb500a4d2f540bad4f2cc852bf18bda427988623e3bfbbdbccaefcbd2a18a9bdb6be9f3557b5581ec0dca4d105759367cfb7c82d140e52816b36408baa5e15600a78de397d77bf540ed9bdd304249bace2f51689adbc4acde2f8044dfa5c15e0fd8a8be3b098c542da8f6d504b59e1203ac45ce3cb30fbe63cadce6af31c5b1ea0095f6251a14b1dd6cb77007a79b8fa57f640b208d0aa5799b9a03ea4557aa9de798fcef8823c480ff8380d57786de98f08dc162d68b4acad21912348a1415d00d25e9025919a8d1ade335a7c56e866e7d7e89079a51e70b52f43c4a4797d39d7e297f3f29de59c5b5b481f99f2ad2c5c4cbd2882b9dbcb6bf70df4623388f60e89b00765f354402876487cb63fd1a9c931431f8a987fac7e67d0a4b2d7ef1d36a4fe3aa5ac37c42ffce80e99266f56992ac378a2e7e8071258f69845d9480a17ad30a2c04ad155771cbc826f80c0c5c38fa5b943cbf3da4e9a4694053f688342fbf5a450373ac1ea568585f07e9b2cdc38cfb6fa49edee2a454d0d19f9a1d26e3853a21b5e6ce218e6b612908093a9aaf14ebd2f840147cd8504dba2178416b6227adeae4933fee15132a87f756b09591fafdaa10b601561715c78c551a43493f88a6822472be780ee969235c09f358cb7b90d63aa960a7ab69e4250e37339091ccc3cc0909b2779c5248715a9bcab92c22dd507b53034d7e66ca72e9976c2a9ab26222b8a60bb558d47584ff350418f77261acd964f66553ff1586e7ceff5ae6eed405c68c20eb83bfd129db2dd8794cab81cf4b6af72d81933a43b9599f95f2833818b16321f3cd939476e528a17f1720155628b47f31b8ec68bb52bed8b15cddcd40e4e78420616ed06adc3e38f1bc81fd9630c120770e714af9d993c51eb7b6e266c5267aecacf165383ad61708a366568b16ee0d81858726071a5e19e21882bcc34eed810208b5908ff3ec4670ccdac289af81716f6e59e2c0495566893e4026072664e3ba5cfc2a8d2a671dff9efdb56991e2e67954f5889ae90de403feb190baeafc86cd5f2b719bc08deca2f49cfd40c6be834e11903c8dd8f529a242191255844fe3f2d0ff3c41f9c8306cb85c1548be0370edde6b090fa91515114ed074bab67246a45889a6dae57e2d6cc97fe67e67ad8783dfcffa18c1aebb46a2bbdaab9da530bce2139cc96e9c1f6461d51b63a66e29e1649cd9b7bf74899a0a2796748b6cb7069640a7cca87d5b7bc58ec676c8dfaf7a9d6ba9fdd9ce119341903c5859bd1410358f5add60cefd57baff3100e55597906c1675c2ccbb7781ebad926b282c458f4d4dbe2e0316aa42dc7426e9727c926aa67205f4767c107630171fc5fd5ba026d7c6a8faa9fc232a0639afca960557880f2dddca27379df174d92f7b40500464e4b61e80a423a89318da9488fb0f696f2dacd5931411e95edaa287d1e406ac98513c2833e4898abbad3fb3231b8595fb18988b915c4d116fe56eee49bb7c8b7fc7378e55099c7dd08cdfb6bf642729e21e4cbea512290ecf299d3bff881a2523d6284144a48c67e779701c560e90f2af13bc868660dab6aa16c3f7c409b21372b5ea21d8fcc39d810c7bd47fd981d21b05abc79f9ba7c8325aa9849cf2f9cb332a6e95852bb2475e3ed36f77b350da95b37fd31436f064ffeaf307f27407495534008d5aeb7e3a9ea200f3cb1fa75dfe6bb60910ecebc80710a9b50bc1069cf3c976dcd222af7ddd082dbd50971dc2be9812c0729e6f1adad0f89074e110e20479745608903e403167db5446694dd189fc1abd38eebe05c125d5add3768c116214ce2cd97f5a82a6299d2c376355761af2440c61895b02c8fbc346d997ff3ff2e74325b6086a3ca06daac8702ca1f5d0655fd27762eda06c922d9aa1bbfaf4891d8fd88f22fedbf35c26de02be0b5836c412b61a49de3ea9f08bd59095e293c3ae4ffe704ea1376f063c1cb5c77a9fe1edcee9caee01d4dc5181368af220362aa4ac76bd0db90491b24117ec4a8a7d9af324875733d6f8ea0a198efd1ce40dbca9403941a04654c6c4f656be509de8adf21dc83ccf751844c648758f27d6bdf44f1372b19e38579d95e7108deb70813a6f7374b6903432bf7d3486170dab2e084df2f021419bc6c5ca11f975ca88b15e1aef3722c417c02bef0a368c62aedd2ed7aa38c04f9900e2354cbf205008f6c7d41ab2a3559fd0c2cd39631983137c4dd19b4ea65dbc751902ab9ddceeef773f10c50d4cfd966ba1799d1608c03106ea8683e0769b0b70c94726b695b1155a1225e322fc911c4da6a5e3f8c2195a93b972ec46aa93c489dbe9b3bef1163bedbc6c29e14abd50011ccde485d82242ea67297c23f3675be261bc18309ab21c025467634198e60c783e2eee40a0067fae53c334792bd39bbe626a167f8d9e0f8311693fc6aa2c56f07b9accba60607410ae9813f6b4f05cf614b09ab85f10f9e1b39016b30e59667ab2372a841387a6b3aba904f89068e7927182dcac3967d840e18811072721b69ba1c8d2047d8d03edf55e983a22a10ea6623cd2c55633c09d48d4d0cb15bc1790218bfa588026fcfcc03eb0fce542c37cd8f08a8a0a3755c21460921ddd157897560193108efdc0e3f0b376ddad8b3dc7d37cddd37f56a1bb02f543bccf3490cc969ee50a2d11c2877ed052cca25723c27743c21b6c278f6585fd7f4ddff5969d85af209d46e0562ed4ff81dfe9a4ea007ec78664b27a18235fb6fbe396d107b8748f46b9ec85a6a51fe44fe27487b20fd4650cf10eab5ea66276795eb2fa1235befe4fb7056031c3216157a0154b53c5f6b7b77281eb00660e7d71ded4c6c5295795e725aa7f5724866016d3b0c76df82d035f16ce9df531a6d0205c2c7761c1ac9b01d9c92d7594fa21c162b76d868d50982f90651b75b1d00316d4f9a7c9436cbaa261fd2ce1c4ec5c5792595e13b52618ac783400a8276c33b3678d298582ea0d769197b5656e100750b36f78dc3e51680b18eb07af2f0edffaa991b54b69a6ddb36a462e33c092bd3e140c68457301e35e056a26088a6b9992f6124227e68fb0b6dbae7fa3dd37214c25ab8c6abf90213cfd7c3667954f9a0cdecd70109b8a0bed9f24e380f2a9d3a7728e9251c10fab45ec7b01efc8db03073c8380d568a5b85ddf0a594f08294ebd23e28783ee1f62ad30dd315dee3f5b42926d755c7093eb4d8f94d4d5679f7a91654630b936e56fd681d7c681bb8be9b1afb9cd4fac271b43ff1d3e3c5904eb495c3fc835d43bc30a9f77d8a0870e29f86b8f1e6e02182d528000d92c2449e3f9dbc5569dde03f7630182f71ea554f31f65ebbfc8d5ec509cbfffdab453c0713c53d074bc0715c6b9b0097ff646e6211e87e516048e07337c78a5eee5947da70a1d5aa06bbd968993099e06cb7c95737853d013f8670efc3bde3c5722c8c91c867848e5bef0e70a4ab1130441b84dd94f194b1413b0b13341bbfb4d2a5848c667aa5a0b37e41857df5cf5d6ae83f7fd8066a72f6ef85fe4b572fe3d895e992ddfb983a7435cac77d3b9f699cec505988c9d198915098d3fffe411235022ddb13b2c475785cb482a4ffff9bcf8252e8b6e38465df93db63c29c3177e6ba19fcbdc26377bdd2401340c529a6be4aecf8e39fc5641fdf4c27b7a100fa99bd1f865da1da6e2d464c9cf9fe47b014f3a91cbc2dea29a8ff573fb1d1d80ea1b95157bc6c02d59b7e5d94b676b5df51c6b33e0cd58db323658a2279072dd7f14f068a793c5f56b93652626c3d1841ba0c597947c03b513f3c86848fb80267fcba7c8ed05c1a1e3d92e7fab746fdee47e9f0c8c841391ce78990e5dabd266787251cfae9cae9227527528bc5c2cc39a6c29383360095f9"}, 0xcfc, 0x0) 10:04:55 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0xfffff000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 469.675766] minix_free_inode: bit 1 already cleared [ 469.726715] FAT-fs (loop5): bogus number of reserved sectors [ 469.732529] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:55 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x60000000) 10:04:55 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x8dffffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:55 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:55 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 469.899263] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:55 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002002500900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 469.997923] FAT-fs (loop5): bogus number of reserved sectors [ 470.029447] FAT-fs (loop5): Can't find a valid FAT filesystem [ 470.038945] FAT-fs (loop4): bogus number of reserved sectors 10:04:55 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x89060000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:55 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0xf5ffffff) [ 470.052705] FAT-fs (loop4): Can't find a valid FAT filesystem [ 470.065495] minix_free_inode: bit 1 already cleared 10:04:55 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdosh', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 470.195528] FAT-fs (loop4): bogus number of reserved sectors [ 470.201352] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:55 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x1000000) 10:04:55 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x5800], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 470.311060] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 470.455553] minix_free_inode: bit 1 already cleared 10:04:56 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x1000000) 10:04:56 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:56 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x80350000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:56 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002043500900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:56 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos(', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:56 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x100000000000000) 10:04:56 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0xf0ffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 470.861913] FAT-fs (loop4): bogus number of reserved sectors [ 470.875545] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:56 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0xa800000000000000) 10:04:56 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x6000000000000000) 10:04:56 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 470.990087] FAT-fs (loop4): bogus number of reserved sectors [ 471.021637] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:56 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0xf0], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:56 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 471.129286] FAT-fs (loop5): bogus number of reserved sectors [ 471.158512] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:56 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x300000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 471.254786] FAT-fs (loop5): bogus number of reserved sectors [ 471.265986] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:56 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x3f00000000000000) 10:04:56 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 471.409721] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:56 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e0020a0a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:56 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0x1c, 0x0) 10:04:56 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x8060000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:56 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdosk', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 471.493415] FAT-fs (loop5): bogus number of reserved sectors [ 471.531060] FAT-fs (loop5): Can't find a valid FAT filesystem [ 471.537402] minix_free_inode: bit 1 already cleared 10:04:56 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0xf5ffffff00000000) 10:04:56 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x300], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:56 executing program 1: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:57 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:57 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x608], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 471.816283] MINIX-fs: bad superblock [ 471.828691] FAT-fs (loop5): bogus number of reserved sectors 10:04:57 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:57 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x2000000) [ 471.865756] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:57 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x6488], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 472.024745] FAT-fs (loop5): bogus number of reserved sectors [ 472.053770] FAT-fs (loop5): Can't find a valid FAT filesystem [ 472.125450] FAT-fs (loop4): bogus number of reserved sectors [ 472.158716] FAT-fs (loop4): Can't find a valid FAT filesystem [ 472.237553] FAT-fs (loop4): bogus number of reserved sectors [ 472.243378] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:58 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e0026c0a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:58 executing program 1: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:58 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:04:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x3a00000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:04:58 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x4) 10:04:58 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 472.616434] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:04:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x3a000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 472.705669] FAT-fs (loop5): bogus number of reserved sectors [ 472.725469] minix_free_inode: bit 1 already cleared [ 472.733112] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:58 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x10) [ 472.811276] MINIX-fs: bad superblock [ 472.815329] FAT-fs (loop4): bogus number of reserved sectors [ 472.821194] FAT-fs (loop4): Can't find a valid FAT filesystem 10:04:58 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x7000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 472.920229] FAT-fs (loop5): bogus number of reserved sectors [ 472.931952] FAT-fs (loop5): Can't find a valid FAT filesystem 10:04:58 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x800000000000000) 10:04:58 executing program 1: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:04:58 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdosl', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 473.116219] FAT-fs (loop4): bogus number of reserved sectors [ 473.122049] FAT-fs (loop4): Can't find a valid FAT filesystem [ 473.279224] MINIX-fs: bad superblock 10:05:04 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002000b00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:05:04 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0xf5ffffff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:05:04 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f73ff", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:05:04 executing program 1: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:05:04 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x3f000000) 10:05:04 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 479.363122] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 479.425559] minix_free_inode: bit 1 already cleared 10:05:04 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x2800], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 479.475404] FAT-fs (loop5): bogus number of reserved sectors [ 479.484099] MINIX-fs: bad superblock [ 479.495389] FAT-fs (loop5): Can't find a valid FAT filesystem 10:05:04 executing program 1: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:05:04 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x11) [ 479.655960] FAT-fs (loop5): bogus number of reserved sectors [ 479.661796] FAT-fs (loop5): Can't find a valid FAT filesystem 10:05:05 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x800e], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:05:05 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:05:05 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 479.827250] MINIX-fs: bad superblock [ 479.947713] FAT-fs (loop4): bogus number of reserved sectors [ 479.955427] FAT-fs (loop5): bogus number of reserved sectors [ 479.976193] FAT-fs (loop4): Can't find a valid FAT filesystem [ 479.982399] FAT-fs (loop5): Can't find a valid FAT filesystem [ 480.173780] FAT-fs (loop5): bogus number of reserved sectors [ 480.181155] FAT-fs (loop5): Can't find a valid FAT filesystem [ 480.188961] FAT-fs (loop4): bogus number of reserved sectors [ 480.205628] FAT-fs (loop4): Can't find a valid FAT filesystem 10:05:05 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e00200f500900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:05:05 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x4000000000000) 10:05:05 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x8], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:05:05 executing program 1: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:05:05 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:05:05 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos#', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 480.374974] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:05:05 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x800e000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 480.485454] minix_free_inode: bit 1 already cleared [ 480.502005] FAT-fs (loop5): bogus number of reserved sectors [ 480.516375] FAT-fs (loop5): Can't find a valid FAT filesystem 10:05:05 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x8000000) [ 480.565717] MINIX-fs: bad superblock 10:05:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x88480000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:05:06 executing program 1: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 480.717570] FAT-fs (loop5): bogus number of reserved sectors [ 480.748022] FAT-fs (loop5): Can't find a valid FAT filesystem 10:05:06 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x4000000) 10:05:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x8000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 480.837606] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:05:06 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002080a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:05:06 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:05:06 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:05:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x88640000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:05:06 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x2000) [ 480.932458] MINIX-fs: bad superblock 10:05:06 executing program 1: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:05:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x4305], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 480.993349] FAT-fs (loop4): bogus number of reserved sectors [ 480.999438] FAT-fs (loop4): Can't find a valid FAT filesystem [ 481.015434] minix_free_inode: bit 1 already cleared 10:05:06 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x3f00) [ 481.068808] FAT-fs (loop5): bogus number of reserved sectors [ 481.074754] FAT-fs (loop5): Can't find a valid FAT filesystem 10:05:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0xffffca88], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 481.186235] FAT-fs (loop5): bogus number of reserved sectors [ 481.186668] FAT-fs (loop4): bogus number of reserved sectors [ 481.193694] FAT-fs (loop5): Can't find a valid FAT filesystem [ 481.198108] MINIX-fs: bad superblock [ 481.223561] FAT-fs (loop4): Can't find a valid FAT filesystem 10:05:06 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:05:06 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:05:06 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0xf5ffffff00000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 481.454793] FAT-fs (loop5): bogus number of reserved sectors [ 481.478160] FAT-fs (loop5): Can't find a valid FAT filesystem [ 481.580268] FAT-fs (loop5): bogus number of reserved sectors [ 481.587709] FAT-fs (loop5): Can't find a valid FAT filesystem 10:05:07 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002040a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:05:07 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x8) 10:05:07 executing program 1: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:05:07 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x600000000000000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:05:07 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7310", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:05:07 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 481.828787] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 481.905646] minix_free_inode: bit 1 already cleared 10:05:07 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0xf000], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:05:07 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) [ 481.936522] MINIX-fs: bad superblock [ 481.944360] FAT-fs (loop5): bogus number of reserved sectors [ 481.966633] FAT-fs (loop5): Can't find a valid FAT filesystem 10:05:07 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0x1100000000000000) 10:05:07 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f7304", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:05:07 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x543], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:05:07 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) [ 482.220235] MINIX-fs: bad superblock [ 482.418732] FAT-fs (loop4): bogus number of reserved sectors [ 482.435387] FAT-fs (loop4): Can't find a valid FAT filesystem [ 482.543459] FAT-fs (loop4): bogus number of reserved sectors [ 482.560101] FAT-fs (loop4): Can't find a valid FAT filesystem [ 482.591426] MINIX-fs: mounting unchecked file system, running fsck is recommended 10:05:08 executing program 0: mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002680a00900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:05:08 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x800000000000000a}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4, 0x0, 0x2b}, 0x0, @in6=@local, 0x0, 0x4}}, 0xe8) sendmmsg(r1, &(0x7f0000005fc0), 0xa9, 0xeffdffff00000000) 10:05:08 executing program 1: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$minix(&(0x7f00000000c0)='minix\x00', &(0x7f0000000080)='./file0\x00', 0x6c000000, 0x1, &(0x7f0000000240)=[{&(0x7f0000000100)="600084e002020000900cda40ff1ad5c98f13", 0x12, 0x400}], 0x0, 0x0) 10:05:08 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x4788], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) 10:05:08 executing program 5: syz_mount_image$msdos(&(0x7f0000000200)="6d73646f73ff", &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:05:08 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$msdos(&(0x7f0000000200)='msdos\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 10:05:08 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x66, &(0x7f0000000080)={@link_local, @empty=[0x3580, 0x0, 0x0, 0x0, 0x3], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, 0x0) [ 482.755490] MINIX-fs: bad superblock [ 482.759407] minix_free_inode: bit 1 already cleared [ 482.802590] WARNING: CPU: 1 PID: 21915 at kernel/jump_label.c:157 static_key_enable_cpuslocked+0x356/0x4e0 [ 482.812734] Kernel panic - not syncing: panic_on_warn set ... [ 482.818622] CPU: 1 PID: 21915 Comm: syz-executor3 Not tainted 4.20.0-rc1-next-20181109+ #110 [ 482.827221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 482.836578] Call Trace: [ 482.839167] dump_stack+0x244/0x39d [ 482.842815] ? dump_stack_print_info.cold.1+0x20/0x20 [ 482.848107] panic+0x2ad/0x55c [ 482.851320] ? add_taint.cold.5+0x16/0x16 [ 482.855493] ? __warn.cold.8+0x5/0x45 [ 482.859311] ? static_key_enable_cpuslocked+0x356/0x4e0 [ 482.864676] __warn.cold.8+0x20/0x45 [ 482.868407] ? rcu_softirq_qs+0x20/0x20 [ 482.872384] ? static_key_enable_cpuslocked+0x356/0x4e0 [ 482.877750] report_bug+0x254/0x2d0 [ 482.881474] do_error_trap+0x11b/0x200 [ 482.885367] do_invalid_op+0x36/0x40 [ 482.889079] ? static_key_enable_cpuslocked+0x356/0x4e0 [ 482.894448] invalid_op+0x14/0x20 [ 482.897906] RIP: 0010:static_key_enable_cpuslocked+0x356/0x4e0 [ 482.903883] Code: 89 e6 bf 01 00 00 00 48 b8 00 00 00 00 00 fc ff df 41 c6 04 06 f8 e8 79 df e3 ff 41 83 fc 01 0f 84 06 ff ff ff e8 5a de e3 ff <0f> 0b e9 fa fe ff ff e8 4e de e3 ff 4d 8d 75 c0 be 04 00 00 00 4c [ 482.922785] RSP: 0018:ffff8801b2c874c0 EFLAGS: 00010216 [ 482.928146] RAX: 0000000000040000 RBX: 1ffff10036590e99 RCX: ffffc9000be19000 [ 482.935431] RDX: 0000000000000228 RSI: ffffffff819bca56 RDI: 0000000000000005 [ 482.942701] RBP: ffff8801b2c87650 R08: ffff88017ca7c240 R09: fffffbfff17885c4 [ 482.949973] R10: fffffbfff17885c4 R11: ffffffff8bc42e23 R12: 0000000000000000 [ 482.957244] R13: ffff8801b2c87628 R14: 1ffff10036590ea5 R15: dffffc0000000000 [ 482.964529] ? static_key_enable_cpuslocked+0x356/0x4e0 [ 482.969897] ? jump_label_update+0x3d0/0x3d0 [ 482.974303] ? __lock_is_held+0xb5/0x140 [ 482.978371] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 482.983933] ? check_preemption_disabled+0x48/0x280 [ 482.988993] ? __lock_is_held+0xb5/0x140 [ 482.993097] ? rcu_read_lock_sched_held+0x14f/0x180 [ 482.998122] static_key_enable+0x1a/0x30 [ 483.002254] udpv6_encap_enable+0x15/0x20 [ 483.006440] setup_udp_tunnel_sock+0x429/0x680 [ 483.011028] ? check_preemption_disabled+0x48/0x280 [ 483.016048] ? udp_tunnel_xmit_skb+0x320/0x320 [ 483.020631] ? l2tp_tunnel_register+0x79c/0x1260 [ 483.025388] ? __local_bh_enable_ip+0x160/0x260 [ 483.030078] l2tp_tunnel_register+0xf4e/0x1260 [ 483.034716] ? l2tp_session_delete+0xd0/0xd0 [ 483.039127] ? __lockdep_init_map+0x105/0x590 [ 483.043629] ? l2tp_tunnel_create+0x586/0x6e0 [ 483.048128] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 483.053667] ? l2tp_session_free+0x290/0x290 [ 483.058083] ? l2tp_tunnel_delete+0x50/0x50 [ 483.062411] ? refcount_dec_checked+0x70/0x70 [ 483.066921] ? lock_sock_nested+0x9a/0x120 [ 483.071157] ? __local_bh_enable_ip+0x160/0x260 [ 483.075829] pppol2tp_connect+0x144a/0x2d80 [ 483.080141] ? __fget+0x4d1/0x740 [ 483.083608] ? graph_lock+0x270/0x270 [ 483.087440] ? pppol2tp_seq_start+0x3a0/0x3a0 [ 483.091939] ? perf_trace_sched_process_exec+0x860/0x860 [ 483.097448] ? __might_fault+0x12b/0x1e0 [ 483.101555] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 483.107110] ? aa_label_sk_perm+0x91/0x100 [ 483.111356] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 483.116302] ? aa_sk_perm+0x22b/0x8e0 [ 483.120108] ? usercopy_warn+0x110/0x110 [ 483.124172] ? aa_af_perm+0x5a0/0x5a0 [ 483.128001] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 483.133542] ? security_socket_connect+0x94/0xc0 [ 483.138320] __sys_connect+0x37d/0x4c0 [ 483.142231] ? __ia32_sys_accept+0xb0/0xb0 [ 483.146484] ? kasan_check_read+0x11/0x20 [ 483.150641] ? _copy_to_user+0xc8/0x110 [ 483.154622] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 483.160200] ? put_timespec64+0x10f/0x1b0 [ 483.164386] ? do_syscall_64+0x9a/0x820 [ 483.168364] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 483.172954] ? trace_hardirqs_on+0xbd/0x310 [ 483.177286] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 483.182829] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 483.188231] ? trace_hardirqs_off_caller+0x300/0x300 [ 483.193358] __x64_sys_connect+0x73/0xb0 [ 483.197424] do_syscall_64+0x1b9/0x820 [ 483.201310] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 483.206687] ? syscall_return_slowpath+0x5e0/0x5e0 [ 483.211615] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 483.216461] ? trace_hardirqs_on_caller+0x310/0x310 [ 483.221494] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 483.226514] ? prepare_exit_to_usermode+0x291/0x3b0 [ 483.231541] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 483.236391] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 483.241592] RIP: 0033:0x457569 [ 483.244798] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 483.263698] RSP: 002b:00007f3946eb9c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 483.271421] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569 [ 483.278705] RDX: 0000000000000026 RSI: 0000000020000180 RDI: 0000000000000006 [ 483.285972] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 483.293241] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3946eba6d4 [ 483.300509] R13: 00000000004bdb2a R14: 00000000004ccf38 R15: 00000000ffffffff [ 483.309098] Kernel Offset: disabled [ 483.312878] Rebooting in 86400 seconds..