0)=[{&(0x7f00000000c0)="e04d3428828f75dc1b5d09c7c04731799ef8cad11b836ec1a7c48becbf120e0c5a915d79ab70ee6f5f008f6f4f92e8a1f5f186d4ec69f4ca9154ed81d559b54383562a5397516e9fdd65471e84fafd54750e25611ac9444105f8e143d3ba0d90d11a3f252d522e85c2bfa14e91ab2e4675a97ba8b208293d3b6bc0f2ef71608819c08b7eafacb802aa8e4a12ce1b7f18aedca3f53d16e87c03722b9aebfeb04e3b064084f8c7ba2fc76e7ec3debf27cbd8877fcf7ee4bd6d0d5ca88fd7db875babb3bd9a771fa0770fed0cd8204f4f0a80a5c1db188ccf7283aa4543865073899194cd040921ab98ad2fab9e993f7a8a46e7906e1730", 0xf6}, {&(0x7f00000001c0)="c042603b4a54c3ff1f47b910797cc06da99dea5d3d2df82ea2ce874de2f1910e9064d4639efea860760c86315272ca500d65c0f87169a7eb8a0703cadba03fa6535c9b50e57c08c4e1050325bdf5d4e4a11d8da51d183d4cf3b1b44236e0709216a93adeba9ae2d2551a2628759a8369de84a0e9962f1b753b2d1841c46996a1064e5c24c0d7853e0bf093133820fae986fdd893b58f760609b814917ec4c00e32fb8ff7864c2c0904c6fcae06fb41db0e7c5852a68282307e1993c0774d404a575edec8e7a20c18ae092aa6b5f78fa13b67ef731b96e8f32e7f4489e6c9", 0xde}, {&(0x7f00000002c0)="ab6f44b5da871fc1d871d172617690633e51eb6eca8a85892ba56d1cb82a046c42cb5675d7f7c0309c3bde509735081d3a9b6c4e5e1c70f49d9bbffb069aa072398ddf9f2b562a9cb7983f6314ffa3dd6d46c9c7475cb8a0185f18e62b4b24763f8f8f2938d8f0c2af74cb311e9b5d70225a104a", 0x74}, {&(0x7f0000000340)="43a30e821d927509fb73c747dc14f88b801c3444b713fccd9bdd6981103339da9c2735a996374147f5ca43b2f7a28aadd3b4d9892f34c89631769eee0c62cd76c4e0dcfc0802b24fd707d23149f813cc315d5066ff1da12656508089f5dac23a2e65e0c6f248003abd514f126036539d70a346e5eefd1000eba6f08af72e17b59457bc32cff332fa622e5760d3a4b0a97fac2ef042e873118186798ac4cd8864c2b71587baef64e9bcfe294f9cbd0691c50e246d274c7f99822f218b7d40", 0xbe}], 0x4, &(0x7f0000000440)=[{0xc0, 0x84, 0x3, "1277f3aa09cf2e8f15bb60721688ad4b59dd2eaaabfbeb77d0240fd598a9e921f3963c51d9f085a42180c37fd87ad014d9ce09b47ec08130c7a47911fd5b9fd15da4650d3af206fdb387ffddff1fa7e6d00575d5429b590869173548218c326f410880b994b0e62358871c60874fadb5c2b51c9e8e14b5d77fb52a6fda1bf2ccc6836a1526af7bc8059af2dde7546c65adf0498644067ee69f874670afb7cf902f3a23d7ad1755558e556075"}, {0xc0, 0x29, 0x4, "8fcb89e40b4e849f174e48cbb0627c6c22a5276af553caddb8f83ac10cf04aabba62933dacb503f7a60c107e00d7f0d68d2abf651b83fbcb72651451d0d11fed84aa59ce9cbb6897d7f861f8092e8a595d8869a6cf172b5ee0f9a1202e0edc9d384e7219fb85e2a98a331d900eb7b6c96dd45d4942858666fbe83a0c6261c7d6631c2b123e39ed8345bd9c6b4ea50174af5cbd0f173caf191b963b3dac03817e2e90a2bcaf8e9a7e725835c5"}, {0xe0, 0x116, 0x1, "2c35ecfffa7838084fdd7134c8453b3fb36785fd8e3d45ecedf58f50c329a2b0d3c6cc4b3e4ddd10be3dd46a528a4b222c68e6e3c734ac89044212c522b22b579b423d4b9539123f6e5db2493f8aff248ca2bda6a802103288cc297f43a512143f171bd18ded36d8132ff33003822472f80619b4c0ca6c0a040317dd17b2f93dca56294ef68d9973db992b05f20a855863843589c4b526b10725bc5e27f13ebd99cc68837ee8ebf037453feeb5459c76c34a26c10f5001f3d2bf861de47d635be4f8f32a11ada854dc401a8b"}, {0xa0, 0x189, 0x1, "a91f67589c714098398ab8870675de27e98f557fb4af76ddaad4e241cbc8a8b231560d51acbda55d1c22a4222bbeb212f31adbc7eb56221658a2c4dfd620ed0f755a28cdf6d8eac6ffbe8ce25512670b4fa06cb511818acd1bc2d1226b1c9cf2421ef830da6706124aff2c878ec9983a215e46dd6bce8cca61a0bdcf6fbad64193f8020d996d98121b85"}, {0xf0, 0x27e6085c62e453ab, 0x2, "56c35a3d8319320e9d5470a1ed39de6ff9081c164fdf5a86196dbbb691490995c4b63a40ad7a0ef9df25c7bd4b88b1805a8060e5ce1562f4e6fe9b692db3b488e70cfc8d4239e3b7cb49994d6ca468e5161f3af040a0031ffbd05cf23e7e79e8b02229185fdc9f003b90ad7f44b3cd444a8a0568fffd5dd5364be25bc80deb03f540dc54a222907f676de85573e9b3081e5646f5d633c33b6ce8d6c10ef445a01ed6a1e2ffcb2f55494ec0caaae3499b48a0659cde08c0c7112d4f703c308ce921eb29ffed41d29ff17eb6b150151b12ce90a20acbdcecb8a65948f5c49c"}, {0xb0, 0x100, 0x3, "e0c38e096aed5e252f5d1659f6968dbccae8f3df91706936d6dfa8d7c6830a1280a8a157a5216168a407f9742e045065715b7a652edfc2a431f9442a497e36c222bbc6f7bff8a40f2c48ef0ed583ebc5a333f165351afed2f10b5aa5ed888bbc0bf7f73124355632f82dfa203ba55d0a71a40221ac7d5fd46b673a9232f65a55c4e967db61f5555b909baa60f46f892a958dd40388196fb9c04fd0e269ec"}], 0x4a0, 0x200008c1}, 0x1) setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x4) getsockopt$bt_hci(r1, 0x0, 0x3, &(0x7f0000000940)=""/29, &(0x7f0000000980)=0x1d) [ 369.695378] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 369.703348] FAULT_INJECTION: forcing a failure. [ 369.703348] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:18 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050200a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:18 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f70fcfe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 369.760337] CPU: 1 PID: 19694 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 369.768908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 369.778296] Call Trace: [ 369.780941] dump_stack+0x244/0x3ab [ 369.784644] ? dump_stack_print_info.cold.2+0x52/0x52 [ 369.789866] ? perf_trace_lock_acquire+0x501/0x800 [ 369.794849] should_fail.cold.4+0xa/0x17 [ 369.798974] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 369.804288] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 369.809242] ? kasan_check_read+0x11/0x20 [ 369.813405] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 369.818705] ? unwind_dump+0x190/0x190 [ 369.818736] ? is_bpf_text_address+0xd3/0x170 [ 369.818765] ? fs_reclaim_acquire+0x20/0x20 [ 369.827129] ? lock_downgrade+0x900/0x900 [ 369.827155] ? lock_release+0xa10/0xa10 [ 369.827174] ? perf_trace_sched_process_exec+0x860/0x860 [ 369.827206] ? __might_sleep+0x95/0x190 [ 369.849046] __alloc_pages_nodemask+0x34b/0xdd0 [ 369.853735] ? __x64_sys_bpf+0x303/0x510 12:15:18 executing program 5: r0 = accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @broadcast}, &(0x7f0000000040)=0x10) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000080)="d76ed795cdfd2aba24b4b87447477e19684507d0c9cb89ac3b76ec0ca7b461598b9f031548e466da41d74506a95c92d6822446b5497c52746efbbb7563ddb7f76839ba3d600fc0a6a89553656024e8b4f0f811d772ea2fd51436ff26bc820e4ebd83270f9d0c370c8e2a7506c58bbbf5e85506d50fddb81350ae92535b7f7a75845d3827973f891e752b0279f71876af23023b163489bb8737a455", 0x9b) r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 369.857816] ? do_syscall_64+0x1b9/0x820 [ 369.861899] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 369.867304] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 369.872452] ? trace_hardirqs_on+0xbd/0x310 [ 369.872479] ? kasan_unpoison_shadow+0x35/0x50 [ 369.872501] ? kasan_kmalloc+0xc7/0xe0 [ 369.881399] ? kasan_unpoison_shadow+0x35/0x50 [ 369.881430] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 369.881455] alloc_pages_current+0x173/0x350 [ 369.881483] __vmalloc_node_range+0x498/0x750 [ 369.881518] __vmalloc+0x45/0x50 12:15:18 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x40000, 0x0) ioctl$DRM_IOCTL_MARK_BUFS(r1, 0x40206417, &(0x7f0000000040)={0x6, 0x8, 0x6, 0x4, 0x16, 0x1}) [ 369.907798] ? pcpu_mem_zalloc+0x8f/0xe0 [ 369.911886] pcpu_mem_zalloc+0x8f/0xe0 [ 369.915813] pcpu_create_chunk+0x1ca/0xad0 [ 369.920172] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 369.927137] ? trace_hardirqs_on+0xbd/0x310 [ 369.931485] ? kasan_check_read+0x11/0x20 [ 369.935664] ? pcpu_alloc+0x943/0x15d0 [ 369.939586] ? trace_hardirqs_off_caller+0x300/0x300 [ 369.944718] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 369.947254] Unknown ioctl 1075864599 [ 369.949764] ? __sanitizer_cov_trace_cmp8+0x18/0x20 12:15:19 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) accept4$inet(r0, 0x0, &(0x7f0000000000), 0x800) [ 369.949801] pcpu_alloc+0x12fa/0x15d0 [ 369.949835] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 369.949852] ? fs_reclaim_acquire+0x20/0x20 [ 369.949878] ? lock_downgrade+0x900/0x900 [ 369.975655] ? trace_hardirqs_on+0xbd/0x310 [ 369.980015] ? __kmalloc_node+0x3c/0x70 [ 369.984030] ? kasan_unpoison_shadow+0x35/0x50 [ 369.988648] ? kasan_kmalloc+0xc7/0xe0 [ 369.992576] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 369.997881] ? kasan_unpoison_shadow+0x35/0x50 [ 370.002508] ? perf_trace_sched_process_exec+0x860/0x860 [ 370.008008] __alloc_percpu_gfp+0x27/0x30 [ 370.012192] array_map_alloc+0x46c/0x5f0 [ 370.016292] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 370.021647] map_create+0x3bd/0x1100 [ 370.025413] ? bpf_map_new_fd+0x70/0x70 [ 370.029434] ? __might_fault+0x12b/0x1e0 [ 370.033525] ? lock_downgrade+0x900/0x900 [ 370.037716] ? lock_release+0xa10/0xa10 [ 370.041716] ? perf_trace_sched_process_exec+0x860/0x860 [ 370.047197] ? usercopy_warn+0x110/0x110 [ 370.052100] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 370.057679] __x64_sys_bpf+0x303/0x510 [ 370.061602] ? bpf_prog_get+0x20/0x20 [ 370.065470] do_syscall_64+0x1b9/0x820 [ 370.069404] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 370.074807] ? syscall_return_slowpath+0x5e0/0x5e0 [ 370.079773] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.084626] ? trace_hardirqs_on_caller+0x310/0x310 [ 370.089658] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 370.094683] ? prepare_exit_to_usermode+0x291/0x3b0 [ 370.099725] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.104584] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 370.109785] RIP: 0033:0x457519 [ 370.112984] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 370.131883] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 370.139597] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 370.146872] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 370.154222] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 370.161494] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 370.168761] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 370.178909] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 370.185694] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:19 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2c6) 12:15:19 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) r0 = accept4$llc(0xffffffffffffff9c, 0x0, &(0x7f0000000000), 0x800) ioctl$sock_SIOCGIFCONF(r0, 0x8910, &(0x7f0000000080)=@req={0x28, &(0x7f0000000040)={'gre0\x00', @ifru_mtu=0x8}}) 12:15:19 executing program 3 (fault-call:1 fault-nth:24): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:19 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7013fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:19 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60056000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 370.361066] FAULT_INJECTION: forcing a failure. [ 370.361066] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 370.377542] CPU: 0 PID: 19730 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 370.386093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.386106] Call Trace: [ 370.398214] dump_stack+0x244/0x3ab [ 370.401882] ? dump_stack_print_info.cold.2+0x52/0x52 [ 370.407096] ? perf_trace_lock_acquire+0x501/0x800 [ 370.412036] should_fail.cold.4+0xa/0x17 [ 370.416112] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 370.421239] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 370.426178] ? kasan_check_read+0x11/0x20 [ 370.430324] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 370.435604] ? unwind_dump+0x190/0x190 [ 370.439500] ? is_bpf_text_address+0xd3/0x170 [ 370.444143] ? fs_reclaim_acquire+0x20/0x20 [ 370.448562] ? lock_downgrade+0x900/0x900 [ 370.452708] ? lock_release+0xa10/0xa10 [ 370.456680] ? perf_trace_sched_process_exec+0x860/0x860 [ 370.462143] ? __might_sleep+0x95/0x190 [ 370.466120] __alloc_pages_nodemask+0x34b/0xdd0 [ 370.470783] ? __x64_sys_bpf+0x303/0x510 [ 370.474944] ? do_syscall_64+0x1b9/0x820 [ 370.480553] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 370.485921] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 370.490948] ? trace_hardirqs_on+0xbd/0x310 [ 370.495273] ? kasan_unpoison_shadow+0x35/0x50 [ 370.499868] ? kasan_kmalloc+0xc7/0xe0 [ 370.503769] ? kasan_unpoison_shadow+0x35/0x50 [ 370.508351] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 370.513906] alloc_pages_current+0x173/0x350 [ 370.518321] __vmalloc_node_range+0x498/0x750 [ 370.522832] __vmalloc+0x45/0x50 [ 370.526301] ? pcpu_mem_zalloc+0x8f/0xe0 [ 370.530369] pcpu_mem_zalloc+0x8f/0xe0 [ 370.534272] pcpu_create_chunk+0x1ca/0xad0 [ 370.538518] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 370.545453] ? trace_hardirqs_on+0xbd/0x310 [ 370.549772] ? kasan_check_read+0x11/0x20 [ 370.553933] ? pcpu_alloc+0x943/0x15d0 [ 370.557823] ? trace_hardirqs_off_caller+0x300/0x300 [ 370.562929] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 370.567942] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 370.573070] pcpu_alloc+0x12fa/0x15d0 [ 370.576883] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 370.581636] ? fs_reclaim_acquire+0x20/0x20 [ 370.585970] ? lock_downgrade+0x900/0x900 [ 370.590122] ? trace_hardirqs_on+0xbd/0x310 [ 370.594439] ? __kmalloc_node+0x3c/0x70 [ 370.598409] ? kasan_unpoison_shadow+0x35/0x50 [ 370.602986] ? kasan_kmalloc+0xc7/0xe0 [ 370.606875] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 370.612147] ? kasan_unpoison_shadow+0x35/0x50 [ 370.616728] ? perf_trace_sched_process_exec+0x860/0x860 [ 370.622685] __alloc_percpu_gfp+0x27/0x30 [ 370.626831] array_map_alloc+0x46c/0x5f0 [ 370.630904] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 370.636179] map_create+0x3bd/0x1100 [ 370.639894] ? bpf_map_new_fd+0x70/0x70 [ 370.643870] ? __might_fault+0x12b/0x1e0 [ 370.648269] ? lock_downgrade+0x900/0x900 [ 370.652447] ? lock_release+0xa10/0xa10 [ 370.656416] ? perf_trace_sched_process_exec+0x860/0x860 [ 370.661864] ? usercopy_warn+0x110/0x110 [ 370.665942] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 370.671487] __x64_sys_bpf+0x303/0x510 [ 370.675378] ? bpf_prog_get+0x20/0x20 [ 370.679195] do_syscall_64+0x1b9/0x820 [ 370.683075] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 370.688450] ? syscall_return_slowpath+0x5e0/0x5e0 [ 370.693423] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.698260] ? trace_hardirqs_on_caller+0x310/0x310 [ 370.703272] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 370.708284] ? prepare_exit_to_usermode+0x291/0x3b0 [ 370.713300] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.718153] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 370.723343] RIP: 0033:0x457519 [ 370.726538] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 370.745441] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 370.753247] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:19 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(0xffffffffffffffff, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r3, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:19 executing program 5: r0 = socket$inet(0x10, 0x3, 0x3d8c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 370.760510] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 370.767771] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 370.775035] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 370.782386] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:19 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7003fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:19 executing program 3 (fault-call:1 fault-nth:25): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 370.839817] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 370.854498] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:19 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050060a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:19 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x21bd, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000100)=0x1, 0x4) r1 = accept4(0xffffffffffffff9c, 0x0, &(0x7f0000000000), 0x80800) ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f0000000040)) r2 = socket$inet(0x10, 0x3, 0xc) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1, 0x0, 0xffffff57}, 0x0) ioctl$PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000080)=0xf2a) shutdown(r0, 0x0) [ 370.918721] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 370.934964] IPv6: NLM_F_CREATE should be specified when creating new route [ 370.957675] FAULT_INJECTION: forcing a failure. [ 370.957675] name failslab, interval 1, probability 0, space 0, times 0 [ 370.973446] CPU: 0 PID: 19754 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 370.981974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.991424] Call Trace: [ 370.991453] dump_stack+0x244/0x3ab [ 370.991484] ? dump_stack_print_info.cold.2+0x52/0x52 [ 371.002960] should_fail.cold.4+0xa/0x17 [ 371.007032] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 371.012256] ? fs_reclaim_acquire+0x20/0x20 [ 371.016576] ? lock_downgrade+0x900/0x900 [ 371.020727] ? perf_trace_sched_process_exec+0x860/0x860 [ 371.026180] ? __might_sleep+0x95/0x190 [ 371.030169] ? fs_reclaim_acquire+0x20/0x20 [ 371.034486] ? lock_downgrade+0x900/0x900 [ 371.038740] ? perf_trace_sched_process_exec+0x860/0x860 [ 371.044188] ? vmap_page_range_noflush+0x7fb/0xa80 [ 371.049115] __should_failslab+0x124/0x180 [ 371.053347] should_failslab+0x9/0x14 [ 371.057140] kmem_cache_alloc_node_trace+0x270/0x740 [ 371.062260] ? __insert_vmap_area+0x550/0x550 [ 371.066852] __get_vm_area_node+0x130/0x3a0 [ 371.071285] __vmalloc_node_range+0xc4/0x750 [ 371.075695] ? pcpu_mem_zalloc+0x8f/0xe0 [ 371.079766] __vmalloc+0x45/0x50 [ 371.083130] ? pcpu_mem_zalloc+0x8f/0xe0 [ 371.087188] pcpu_mem_zalloc+0x8f/0xe0 [ 371.091091] pcpu_create_chunk+0x23b/0xad0 [ 371.095339] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 371.102271] ? trace_hardirqs_on+0xbd/0x310 [ 371.106592] ? kasan_check_read+0x11/0x20 [ 371.110732] ? pcpu_alloc+0x943/0x15d0 [ 371.114617] ? trace_hardirqs_off_caller+0x300/0x300 [ 371.119717] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 371.124726] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 371.129746] pcpu_alloc+0x12fa/0x15d0 [ 371.133557] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 371.138316] ? fs_reclaim_acquire+0x20/0x20 [ 371.142639] ? lock_downgrade+0x900/0x900 [ 371.146800] ? trace_hardirqs_on+0xbd/0x310 [ 371.151118] ? __kmalloc_node+0x3c/0x70 [ 371.155089] ? kasan_unpoison_shadow+0x35/0x50 [ 371.159666] ? kasan_kmalloc+0xc7/0xe0 [ 371.163553] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 371.168824] ? kasan_unpoison_shadow+0x35/0x50 [ 371.173404] ? perf_trace_sched_process_exec+0x860/0x860 [ 371.178857] __alloc_percpu_gfp+0x27/0x30 [ 371.183004] array_map_alloc+0x46c/0x5f0 [ 371.187064] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 371.192341] map_create+0x3bd/0x1100 [ 371.196056] ? bpf_map_new_fd+0x70/0x70 [ 371.200030] ? __might_fault+0x12b/0x1e0 [ 371.204083] ? lock_downgrade+0x900/0x900 [ 371.208336] ? lock_release+0xa10/0xa10 [ 371.212312] ? perf_trace_sched_process_exec+0x860/0x860 [ 371.217761] ? usercopy_warn+0x110/0x110 [ 371.221840] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 371.227377] __x64_sys_bpf+0x303/0x510 [ 371.231270] ? bpf_prog_get+0x20/0x20 [ 371.235090] do_syscall_64+0x1b9/0x820 [ 371.238972] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 371.244332] ? syscall_return_slowpath+0x5e0/0x5e0 [ 371.249269] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.254115] ? trace_hardirqs_on_caller+0x310/0x310 [ 371.259129] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 371.264139] ? prepare_exit_to_usermode+0x291/0x3b0 [ 371.269154] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.273998] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.279180] RIP: 0033:0x457519 [ 371.282369] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 371.301267] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 371.309077] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 371.316339] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 12:15:20 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x2}], 0x1}, 0x0) setxattr$trusted_overlay_redirect(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f00000000c0)='./file0\x00', 0x8, 0x1) [ 371.323601] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 371.330958] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 371.338231] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 371.365615] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 371.372198] IPv6: NLM_F_CREATE should be set when creating new route [ 371.378761] IPv6: NLM_F_CREATE should be set when creating new route [ 371.385261] IPv6: NLM_F_CREATE should be set when creating new route 12:15:20 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x47) 12:15:20 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7004fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:20 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:20 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0) write$cgroup_type(r1, &(0x7f0000000040)='threaded\x00', 0x9) 12:15:20 executing program 3 (fault-call:1 fault-nth:26): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:20 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050a00a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 371.496003] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 371.496583] FAULT_INJECTION: forcing a failure. [ 371.496583] name failslab, interval 1, probability 0, space 0, times 0 [ 371.535815] CPU: 0 PID: 19773 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 371.544358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 371.553726] Call Trace: [ 371.556331] dump_stack+0x244/0x3ab [ 371.559966] ? dump_stack_print_info.cold.2+0x52/0x52 [ 371.565157] should_fail.cold.4+0xa/0x17 [ 371.569217] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 371.574331] ? is_bpf_text_address+0xd3/0x170 [ 371.578835] ? __kernel_text_address+0xd/0x40 [ 371.584285] ? unwind_get_return_address+0x61/0xa0 [ 371.589210] ? __save_stack_trace+0x8d/0xf0 [ 371.593545] ? fs_reclaim_acquire+0x20/0x20 [ 371.597876] ? lock_downgrade+0x900/0x900 [ 371.602034] ? perf_trace_sched_process_exec+0x860/0x860 [ 371.607494] ? __might_sleep+0x95/0x190 [ 371.611466] __should_failslab+0x124/0x180 [ 371.615802] should_failslab+0x9/0x14 [ 371.619610] kmem_cache_alloc_node_trace+0x270/0x740 [ 371.624718] alloc_vmap_area+0x145/0xa70 [ 371.628835] ? kasan_unpoison_shadow+0x35/0x50 [ 371.633429] ? purge_vmap_area_lazy+0x40/0x40 [ 371.637919] ? __insert_vmap_area+0x550/0x550 [ 371.642412] __get_vm_area_node+0x181/0x3a0 [ 371.646728] __vmalloc_node_range+0xc4/0x750 [ 371.651130] ? pcpu_mem_zalloc+0x8f/0xe0 [ 371.655200] __vmalloc+0x45/0x50 [ 371.658564] ? pcpu_mem_zalloc+0x8f/0xe0 [ 371.662616] pcpu_mem_zalloc+0x8f/0xe0 [ 371.666501] pcpu_create_chunk+0x23b/0xad0 [ 371.670735] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 371.677654] ? trace_hardirqs_on+0xbd/0x310 [ 371.681975] ? kasan_check_read+0x11/0x20 [ 371.686125] ? pcpu_alloc+0x943/0x15d0 [ 371.690004] ? trace_hardirqs_off_caller+0x300/0x300 [ 371.695114] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 371.700118] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 371.705166] pcpu_alloc+0x12fa/0x15d0 [ 371.708979] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 371.713725] ? fs_reclaim_acquire+0x20/0x20 [ 371.718041] ? lock_downgrade+0x900/0x900 [ 371.722189] ? trace_hardirqs_on+0xbd/0x310 [ 371.726506] ? __kmalloc_node+0x3c/0x70 [ 371.730475] ? kasan_unpoison_shadow+0x35/0x50 [ 371.735049] ? kasan_kmalloc+0xc7/0xe0 [ 371.738933] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 371.744207] ? kasan_unpoison_shadow+0x35/0x50 [ 371.748789] ? perf_trace_sched_process_exec+0x860/0x860 [ 371.754238] __alloc_percpu_gfp+0x27/0x30 [ 371.758394] array_map_alloc+0x46c/0x5f0 [ 371.762467] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 371.767745] map_create+0x3bd/0x1100 [ 371.771472] ? bpf_map_new_fd+0x70/0x70 [ 371.775445] ? __might_fault+0x12b/0x1e0 [ 371.779497] ? lock_downgrade+0x900/0x900 [ 371.783649] ? lock_release+0xa10/0xa10 [ 371.787619] ? perf_trace_sched_process_exec+0x860/0x860 [ 371.793064] ? usercopy_warn+0x110/0x110 [ 371.797130] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 371.802662] __x64_sys_bpf+0x303/0x510 [ 371.806543] ? bpf_prog_get+0x20/0x20 [ 371.810366] do_syscall_64+0x1b9/0x820 [ 371.814251] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 371.819607] ? syscall_return_slowpath+0x5e0/0x5e0 [ 371.824532] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.829383] ? trace_hardirqs_on_caller+0x310/0x310 [ 371.834403] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 371.839415] ? prepare_exit_to_usermode+0x291/0x3b0 [ 371.844427] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.849277] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.854456] RIP: 0033:0x457519 [ 371.857639] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 371.876620] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 371.884362] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:20 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f700bfe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:20 executing program 5: socket$inet(0x10, 0x3, 0xc) [ 371.891623] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 371.898879] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 371.906134] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 371.913398] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 371.931159] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:21 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7060fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:21 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050f00a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:21 executing program 3 (fault-call:1 fault-nth:27): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:21 executing program 5: set_thread_area(&(0x7f0000000100)={0xfffffffffffffe01, 0x20001000, 0x0, 0xd01b, 0x2, 0x3ff, 0xff, 0x80000000, 0xffffffffffffffff, 0x9}) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x2000, 0x0) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f00000000c0)={0x17, 0x3b, &(0x7f0000000080)="4c402d679eba74677279ad1d2a9970ff281abba166000806577e4a556f838a186cad3b0a1a8c108105d4398a560a99588adaf482d91c05afbe03a7"}) r1 = socket$inet(0x10, 0x3, 0xc) socket$inet_tcp(0x2, 0x1, 0x0) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) ioctl$KDENABIO(r0, 0x4b36) [ 371.953605] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 372.016244] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:21 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x34b) 12:15:21 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:21 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050400a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 372.059760] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 372.085145] FAULT_INJECTION: forcing a failure. [ 372.085145] name failslab, interval 1, probability 0, space 0, times 0 [ 372.118807] CPU: 0 PID: 19803 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 372.127436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 372.136811] Call Trace: [ 372.139434] dump_stack+0x244/0x3ab [ 372.143090] ? dump_stack_print_info.cold.2+0x52/0x52 [ 372.148299] should_fail.cold.4+0xa/0x17 [ 372.152364] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 372.157472] ? perf_trace_lock+0x7a0/0x7a0 [ 372.161733] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 372.167279] ? fs_reclaim_acquire+0x20/0x20 [ 372.171600] ? lock_downgrade+0x900/0x900 [ 372.175750] ? perf_trace_sched_process_exec+0x860/0x860 [ 372.181220] __should_failslab+0x124/0x180 [ 372.185454] should_failslab+0x9/0x14 [ 372.189256] kmem_cache_alloc_node_trace+0x270/0x740 [ 372.194368] __kmalloc_node+0x3c/0x70 [ 372.198164] __vmalloc_node_range+0x1ed/0x750 [ 372.202669] __vmalloc+0x45/0x50 [ 372.206033] ? pcpu_mem_zalloc+0x8f/0xe0 [ 372.210095] pcpu_mem_zalloc+0x8f/0xe0 [ 372.213975] pcpu_create_chunk+0x23b/0xad0 [ 372.218217] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 372.225146] ? trace_hardirqs_on+0xbd/0x310 [ 372.229460] ? kasan_check_read+0x11/0x20 [ 372.233603] ? pcpu_alloc+0x943/0x15d0 [ 372.237483] ? trace_hardirqs_off_caller+0x300/0x300 [ 372.242584] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 372.247592] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 372.252623] pcpu_alloc+0x12fa/0x15d0 [ 372.256450] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 372.261209] ? lock_downgrade+0x900/0x900 [ 372.265382] ? trace_hardirqs_on+0xbd/0x310 [ 372.269786] ? __kmalloc_node+0x3c/0x70 [ 372.273759] ? kasan_unpoison_shadow+0x35/0x50 [ 372.278332] ? kasan_kmalloc+0xc7/0xe0 [ 372.282233] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 372.287505] ? kasan_unpoison_shadow+0x35/0x50 [ 372.292085] ? perf_trace_sched_process_exec+0x860/0x860 [ 372.297538] __alloc_percpu_gfp+0x27/0x30 [ 372.301685] array_map_alloc+0x46c/0x5f0 [ 372.305745] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 372.311014] map_create+0x3bd/0x1100 [ 372.314728] ? bpf_map_new_fd+0x70/0x70 [ 372.318702] ? __might_fault+0x12b/0x1e0 [ 372.322756] ? lock_downgrade+0x900/0x900 [ 372.326897] ? lock_release+0xa10/0xa10 [ 372.330874] ? perf_trace_sched_process_exec+0x860/0x860 [ 372.336321] ? usercopy_warn+0x110/0x110 [ 372.340404] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 372.345943] __x64_sys_bpf+0x303/0x510 [ 372.349825] ? bpf_prog_get+0x20/0x20 [ 372.353639] do_syscall_64+0x1b9/0x820 [ 372.357533] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 372.362913] ? syscall_return_slowpath+0x5e0/0x5e0 [ 372.367838] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 372.372674] ? trace_hardirqs_on_caller+0x310/0x310 [ 372.377683] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 372.382692] ? prepare_exit_to_usermode+0x291/0x3b0 [ 372.387708] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 372.392568] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 372.397760] RIP: 0033:0x457519 [ 372.400948] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 12:15:21 executing program 5: r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) ioctl$PPPOEIOCDFWD(r0, 0xb101, 0x0) mkdir(&(0x7f0000000700)='./file0\x00', 0x0) mount(&(0x7f0000000440)=ANY=[], &(0x7f0000000480)='./file0\x00', &(0x7f00000006c0)='ramfs\x00', 0x0, &(0x7f0000000780)="2a841f7254aabf01e91755127513e0c867c81a800ec547ec4317213262b5ad3d8d299a4d8c84a011804db9a57865c7d36e73f061b0e03e32eefadca0ef1374620e53a0d4e29ed3541282bda8e589266d9891a732246db35e8c0a523e24fbab1e1b9979936f3a6567ce") chdir(&(0x7f0000000080)='./file0\x00') umount2(&(0x7f0000000100)='.', 0x10000000002) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) setsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000040)={0x7ff, 0xe77, 0x7f5, 0x0, 0x401, 0x0, 0xffffffffffff1d5a, 0x0, 0x8, 0x80, 0x100000001}, 0xb) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x16}, &(0x7f0000000180)=0x8) r4 = msgget(0x1, 0x0) openat(r2, &(0x7f0000000200)='./file0\x00', 0x8000, 0x2) msgctl$IPC_RMID(r4, 0x0) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f00000001c0)={r3, 0x5b5, 0x5, [0x2, 0x1, 0x8, 0x1000, 0x2]}, 0x12) r5 = socket$inet(0x10, 0x80000000000003, 0xf) sendmsg(r5, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 372.419841] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 372.427542] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 372.434801] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 372.442058] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 372.449319] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 372.456592] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:21 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f700afe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:21 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a600500fca84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:21 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f700ffe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 372.488067] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 372.507764] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:21 executing program 3 (fault-call:1 fault-nth:28): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:21 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) getpeername$packet(0xffffffffffffff9c, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000001c0)=0x14) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1e, 0x9, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x955a, 0x0, 0x0, 0x0, 0xffffffffffffff74}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, @generic={0x8, 0x80000000, 0xffffffffffffffff, 0x4000000000}, @generic={0x100000001, 0x7ff, 0x80000001, 0x236618}]}, &(0x7f0000000080)='syzkaller\x00', 0x20, 0xae, &(0x7f00000000c0)=""/174, 0x0, 0x1, [], r1, 0xc}, 0x48) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 372.567268] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 372.599079] IPv6: NLM_F_CREATE should be specified when creating new route [ 372.606262] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:21 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:15:21 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 372.612827] IPv6: NLM_F_CREATE should be set when creating new route [ 372.619379] IPv6: NLM_F_CREATE should be set when creating new route [ 372.625898] IPv6: NLM_F_CREATE should be set when creating new route [ 372.652886] FAULT_INJECTION: forcing a failure. [ 372.652886] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:21 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7010fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:21 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x1c8) 12:15:21 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a600500ffa84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 372.721569] CPU: 0 PID: 19833 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 372.730244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 372.739627] Call Trace: [ 372.742240] dump_stack+0x244/0x3ab [ 372.745900] ? dump_stack_print_info.cold.2+0x52/0x52 [ 372.751541] ? perf_trace_lock_acquire+0x501/0x800 [ 372.751572] should_fail.cold.4+0xa/0x17 [ 372.760541] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 372.760569] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 372.760591] ? kasan_check_read+0x11/0x20 [ 372.774764] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 372.780189] ? unwind_dump+0x190/0x190 [ 372.784096] ? is_bpf_text_address+0xd3/0x170 [ 372.788605] ? fs_reclaim_acquire+0x20/0x20 [ 372.792944] ? lock_downgrade+0x900/0x900 [ 372.797120] ? lock_release+0xa10/0xa10 [ 372.801122] ? perf_trace_sched_process_exec+0x860/0x860 [ 372.806619] ? __might_sleep+0x95/0x190 [ 372.810621] __alloc_pages_nodemask+0x34b/0xdd0 [ 372.815294] ? __x64_sys_bpf+0x303/0x510 [ 372.819354] ? do_syscall_64+0x1b9/0x820 [ 372.823419] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 372.828782] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 372.833813] ? trace_hardirqs_on+0xbd/0x310 [ 372.838143] ? kasan_unpoison_shadow+0x35/0x50 [ 372.842829] ? kasan_kmalloc+0xc7/0xe0 [ 372.846722] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 372.851993] ? kasan_unpoison_shadow+0x35/0x50 [ 372.856566] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 372.862100] alloc_pages_current+0x173/0x350 [ 372.866510] __vmalloc_node_range+0x498/0x750 [ 372.871008] __vmalloc+0x45/0x50 [ 372.874380] ? pcpu_mem_zalloc+0x8f/0xe0 [ 372.878448] pcpu_mem_zalloc+0x8f/0xe0 [ 372.882329] pcpu_create_chunk+0x23b/0xad0 [ 372.886561] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 372.893481] ? trace_hardirqs_on+0xbd/0x310 [ 372.897789] ? kasan_check_read+0x11/0x20 [ 372.901926] ? pcpu_alloc+0x943/0x15d0 [ 372.905915] ? trace_hardirqs_off_caller+0x300/0x300 [ 372.911011] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 372.916020] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 372.921037] pcpu_alloc+0x12fa/0x15d0 [ 372.924848] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 372.929594] ? fs_reclaim_acquire+0x20/0x20 [ 372.933978] ? lock_downgrade+0x900/0x900 [ 372.938128] ? trace_hardirqs_on+0xbd/0x310 [ 372.942467] ? __kmalloc_node+0x3c/0x70 [ 372.946444] ? kasan_unpoison_shadow+0x35/0x50 [ 372.951024] ? kasan_kmalloc+0xc7/0xe0 [ 372.954911] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 372.960183] ? kasan_unpoison_shadow+0x35/0x50 [ 372.964759] ? perf_trace_sched_process_exec+0x860/0x860 [ 372.970207] __alloc_percpu_gfp+0x27/0x30 [ 372.974354] array_map_alloc+0x46c/0x5f0 [ 372.978415] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 372.983686] map_create+0x3bd/0x1100 [ 372.987397] ? bpf_map_new_fd+0x70/0x70 [ 372.991369] ? __might_fault+0x12b/0x1e0 [ 372.995439] ? lock_downgrade+0x900/0x900 [ 372.999596] ? lock_release+0xa10/0xa10 [ 373.003561] ? perf_trace_sched_process_exec+0x860/0x860 [ 373.009007] ? usercopy_warn+0x110/0x110 [ 373.013113] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 373.018685] __x64_sys_bpf+0x303/0x510 [ 373.022570] ? bpf_prog_get+0x20/0x20 [ 373.026381] do_syscall_64+0x1b9/0x820 [ 373.030259] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 373.035616] ? syscall_return_slowpath+0x5e0/0x5e0 [ 373.040545] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.045420] ? trace_hardirqs_on_caller+0x310/0x310 [ 373.050544] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 373.055577] ? prepare_exit_to_usermode+0x291/0x3b0 [ 373.060589] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.065429] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.070632] RIP: 0033:0x457519 [ 373.073824] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 373.092840] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 373.100580] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 373.107929] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 373.115273] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 12:15:22 executing program 5: r0 = socket$inet(0x10, 0x7, 0x8) flistxattr(r0, &(0x7f0000000000)=""/178, 0xb2) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 373.122537] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 373.129804] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 373.149050] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 373.160579] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 373.167144] IPv6: NLM_F_CREATE should be set when creating new route 12:15:22 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7006fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:22 executing program 3 (fault-call:1 fault-nth:29): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:22 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x4) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r1, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000328bd7000fbdbdf25080000003000029120f2039576c3e200000008200800ffffff7f140001007f0000010000000000000000000000000800030001000000000000000000"], 0x4c}, 0x1, 0x0, 0x0, 0xc001}, 0x80) r3 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x3ff, 0x8402) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000140)={{{@in=@broadcast, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}}}, &(0x7f0000000240)=0xe8) connect$packet(r3, &(0x7f0000000280)={0x11, 0xfd, r4, 0x1, 0x4, 0x6, @remote}, 0x14) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x10002, 0x5) [ 373.173693] IPv6: NLM_F_CREATE should be set when creating new route 12:15:22 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005fe80a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:22 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7011fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 373.227773] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 373.262753] FAULT_INJECTION: forcing a failure. [ 373.262753] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x266) [ 373.310565] IPv6: NLM_F_CREATE should be specified when creating new route [ 373.337625] CPU: 0 PID: 19865 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 373.346173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 373.355619] Call Trace: 12:15:22 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x80000000, 0x0) r1 = gettid() fcntl$setown(r0, 0x8, r1) r2 = socket$inet(0x10, 0x3, 0xc) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000100)={0xff, @empty, 0x4e20, 0x4, 'none\x00', 0x4, 0x7ff, 0x21}, 0x2c) r3 = fcntl$getown(r2, 0x9) ptrace$setregset(0x4205, r3, 0x207, &(0x7f00000000c0)={&(0x7f0000000000)="646dc6320a1d30602648e17a75b29c3b024b63aa95c137e2aaf468de5990fc8d5e30f1b12a2800173712f08068809535d16af85cfd5bc9aa418ba643d370c02ddd12d1e2ab3c02ac4fdaaeb57313bcf59e0cf7beae06a195061d23c432496507d895c23c3f59bd5f0fcca5477d9d0031b49a2914a5ed43070acfb5872b9f43e69030ce04327fb9c92fbbeed22fce7851e569ab", 0x93}) [ 373.355647] dump_stack+0x244/0x3ab [ 373.355673] ? dump_stack_print_info.cold.2+0x52/0x52 [ 373.361866] ? perf_trace_lock_acquire+0x501/0x800 [ 373.361896] should_fail.cold.4+0xa/0x17 [ 373.361919] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 373.381219] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 373.386183] ? kasan_check_read+0x11/0x20 [ 373.390345] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 373.395631] ? unwind_dump+0x190/0x190 [ 373.399546] ? is_bpf_text_address+0xd3/0x170 [ 373.404071] ? fs_reclaim_acquire+0x20/0x20 [ 373.408420] ? lock_downgrade+0x900/0x900 [ 373.412698] ? lock_release+0xa10/0xa10 [ 373.416695] ? perf_trace_sched_process_exec+0x860/0x860 [ 373.422292] ? __might_sleep+0x95/0x190 [ 373.426296] __alloc_pages_nodemask+0x34b/0xdd0 [ 373.430981] ? __x64_sys_bpf+0x303/0x510 [ 373.435064] ? do_syscall_64+0x1b9/0x820 [ 373.439145] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.444512] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 373.449533] ? trace_hardirqs_on+0xbd/0x310 [ 373.453939] ? kasan_unpoison_shadow+0x35/0x50 [ 373.458520] ? kasan_kmalloc+0xc7/0xe0 [ 373.462405] ? kasan_unpoison_shadow+0x35/0x50 [ 373.466977] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 373.472525] alloc_pages_current+0x173/0x350 [ 373.476935] __vmalloc_node_range+0x498/0x750 [ 373.481433] __vmalloc+0x45/0x50 [ 373.484807] ? pcpu_mem_zalloc+0x8f/0xe0 [ 373.488869] pcpu_mem_zalloc+0x8f/0xe0 [ 373.492748] pcpu_create_chunk+0x23b/0xad0 [ 373.497105] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 373.504057] ? trace_hardirqs_on+0xbd/0x310 [ 373.508384] ? kasan_check_read+0x11/0x20 [ 373.512527] ? pcpu_alloc+0x943/0x15d0 [ 373.516409] ? trace_hardirqs_off_caller+0x300/0x300 [ 373.521507] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 373.526519] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 373.531537] pcpu_alloc+0x12fa/0x15d0 [ 373.535343] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 373.540113] ? fs_reclaim_acquire+0x20/0x20 [ 373.544446] ? lock_downgrade+0x900/0x900 [ 373.548615] ? trace_hardirqs_on+0xbd/0x310 [ 373.552946] ? __kmalloc_node+0x3c/0x70 [ 373.556926] ? kasan_unpoison_shadow+0x35/0x50 [ 373.561499] ? kasan_kmalloc+0xc7/0xe0 [ 373.565382] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 373.570652] ? kasan_unpoison_shadow+0x35/0x50 [ 373.575229] ? perf_trace_sched_process_exec+0x860/0x860 [ 373.580707] __alloc_percpu_gfp+0x27/0x30 [ 373.584867] array_map_alloc+0x46c/0x5f0 [ 373.588940] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 373.594209] map_create+0x3bd/0x1100 [ 373.597918] ? bpf_map_new_fd+0x70/0x70 [ 373.601890] ? __might_fault+0x12b/0x1e0 [ 373.605960] ? lock_downgrade+0x900/0x900 [ 373.610211] ? lock_release+0xa10/0xa10 [ 373.614182] ? perf_trace_sched_process_exec+0x860/0x860 [ 373.619625] ? usercopy_warn+0x110/0x110 [ 373.623720] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 373.629276] __x64_sys_bpf+0x303/0x510 [ 373.633158] ? bpf_prog_get+0x20/0x20 [ 373.637837] do_syscall_64+0x1b9/0x820 [ 373.641719] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 373.647072] ? syscall_return_slowpath+0x5e0/0x5e0 [ 373.651995] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.656828] ? trace_hardirqs_on_caller+0x310/0x310 [ 373.661922] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 373.666945] ? prepare_exit_to_usermode+0x291/0x3b0 [ 373.671981] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.676844] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.682037] RIP: 0033:0x457519 [ 373.685228] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 373.704232] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 373.711939] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 373.719218] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 373.726488] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 373.733755] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 373.741026] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 373.750038] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:22 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:22 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0xffffffff, 0x2907fc) ioctl$KDDELIO(r1, 0x4b35, 0x101) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:15:22 executing program 5: r0 = socket$inet(0x10, 0xfffffffffffffffe, 0x10) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x13e, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0xfffffffffffffefc}], 0x1}, 0x0) [ 373.756611] IPv6: NLM_F_CREATE should be set when creating new route [ 373.763194] IPv6: NLM_F_CREATE should be set when creating new route [ 373.769732] IPv6: NLM_F_CREATE should be set when creating new route [ 373.777418] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:22 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050900a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:22 executing program 3 (fault-call:1 fault-nth:30): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:22 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7005fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 373.852988] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:22 executing program 5: r0 = socket$inet(0x10, 0x1, 0x9) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={0x0, @dev, @loopback}, &(0x7f0000000100)=0xc) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000140)={'team0\x00', r1}) r3 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffc, 0x80000) r4 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000800)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000180)={0x62c, r4, 0x100, 0x70bd2b, 0x25dfdbff, {}, [{{0x8, 0x1, r1}, {0x138, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x7fff}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'roundrobin\x00'}}}, {0x44, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x14, 0x4, [{0x3, 0xb7, 0x40, 0x5}, {0xffffffffffffff81, 0x2, 0x9, 0x99}]}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r2}}}]}}, {{0x8, 0x1, r1}, {0xc0, 0x2, [{0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'roundrobin\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r2}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r1}}}]}}, {{0x8, 0x1, r1}, {0x7c, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x8001}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r1}}}]}}, {{0x8, 0x1, r1}, {0xb8, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r2}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0xcef}}, {0x8}}}]}}, {{0x8, 0x1, r2}, {0x168, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x1ff}}, {0x8, 0x6, r2}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r1}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r2}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x6}}}]}}, {{0x8, 0x1, r2}, {0x154, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r2}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0xfffffffffffffffc}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r2}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x3ff}}}]}}]}, 0x62c}, 0x1, 0x0, 0x0, 0x4008000}, 0x20044080) 12:15:22 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050800a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x14c) [ 373.954050] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 373.954548] FAULT_INJECTION: forcing a failure. [ 373.954548] name failslab, interval 1, probability 0, space 0, times 0 [ 373.995952] CPU: 1 PID: 19899 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 374.004504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.013877] Call Trace: [ 374.016486] dump_stack+0x244/0x3ab [ 374.020234] ? dump_stack_print_info.cold.2+0x52/0x52 [ 374.025499] should_fail.cold.4+0xa/0x17 [ 374.029590] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 374.034719] ? is_bpf_text_address+0xd3/0x170 [ 374.039362] ? fs_reclaim_acquire+0x20/0x20 [ 374.043717] ? lock_release+0xa10/0xa10 [ 374.047715] ? perf_trace_sched_process_exec+0x860/0x860 [ 374.053215] ? fs_reclaim_acquire+0x20/0x20 [ 374.057557] ? lock_downgrade+0x900/0x900 [ 374.061734] ? perf_trace_sched_process_exec+0x860/0x860 [ 374.067302] __should_failslab+0x124/0x180 [ 374.071556] should_failslab+0x9/0x14 [ 374.075383] __kmalloc+0x2e0/0x760 [ 374.078950] ? pcpu_get_vm_areas+0x4e8/0x12c0 [ 374.083473] pcpu_get_vm_areas+0x4e8/0x12c0 [ 374.087815] ? perf_trace_sched_process_exec+0x860/0x860 [ 374.093314] ? vm_map_ram+0xf60/0xf60 [ 374.097153] ? __vmalloc+0x45/0x50 [ 374.100716] ? pcpu_mem_zalloc+0x8f/0xe0 [ 374.104809] pcpu_create_chunk+0x40a/0xad0 [ 374.109077] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 374.116027] ? trace_hardirqs_on+0xbd/0x310 [ 374.120370] ? kasan_check_read+0x11/0x20 [ 374.124538] ? pcpu_alloc+0x943/0x15d0 [ 374.128454] ? trace_hardirqs_off_caller+0x300/0x300 [ 374.133583] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 374.138795] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 374.143845] pcpu_alloc+0x12fa/0x15d0 [ 374.147688] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 374.152460] ? fs_reclaim_acquire+0x20/0x20 [ 374.156807] ? lock_downgrade+0x900/0x900 [ 374.160996] ? trace_hardirqs_on+0xbd/0x310 [ 374.165347] ? __kmalloc_node+0x3c/0x70 [ 374.169343] ? kasan_unpoison_shadow+0x35/0x50 [ 374.173944] ? kasan_kmalloc+0xc7/0xe0 [ 374.177863] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 374.183160] ? kasan_unpoison_shadow+0x35/0x50 [ 374.187775] ? perf_trace_sched_process_exec+0x860/0x860 [ 374.193259] __alloc_percpu_gfp+0x27/0x30 [ 374.197429] array_map_alloc+0x46c/0x5f0 [ 374.201523] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 374.206825] map_create+0x3bd/0x1100 [ 374.210585] ? bpf_map_new_fd+0x70/0x70 [ 374.214602] ? __might_fault+0x12b/0x1e0 [ 374.218687] ? lock_downgrade+0x900/0x900 [ 374.222860] ? lock_release+0xa10/0xa10 [ 374.226847] ? perf_trace_sched_process_exec+0x860/0x860 [ 374.232322] ? usercopy_warn+0x110/0x110 [ 374.236437] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 374.242001] __x64_sys_bpf+0x303/0x510 [ 374.245918] ? bpf_prog_get+0x20/0x20 [ 374.249771] do_syscall_64+0x1b9/0x820 [ 374.253676] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 374.259067] ? syscall_return_slowpath+0x5e0/0x5e0 [ 374.264015] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 374.268892] ? trace_hardirqs_on_caller+0x310/0x310 [ 374.273931] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 374.278972] ? prepare_exit_to_usermode+0x291/0x3b0 [ 374.284019] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 374.288906] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 374.294121] RIP: 0033:0x457519 12:15:23 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005000aa84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 374.297330] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 374.316256] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 374.324161] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 374.324173] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 374.324187] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 374.338721] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 374.338733] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 374.349056] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 374.374425] IPv6: NLM_F_CREATE should be specified when creating new route [ 374.382628] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 374.389397] IPv6: NLM_F_CREATE should be set when creating new route 12:15:23 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7007fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:23 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1, 0x0, 0xfffffd67}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000001ac0)={0x11, 0x0, 0x0}, &(0x7f0000001b00)=0x14) sendmmsg(r0, &(0x7f0000001f40)=[{{&(0x7f0000000000)=@rc={0x1f, {0x7fff, 0xff, 0x10001, 0x100, 0x8, 0xc0e5}, 0x7f}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000080)="4a914da958ad4f21805825fa3e51cf2ded89780af474dd235d686d16c37dc260c5caf04cad87db832645ba37f460ad0473a3cdb2ad4a9ff088767a3b65dd4ad98daf2b6c1e2f1778007c03be9816b2e3b0c06b9d5439c9a2b5f70740e774069a053098823371a7b4f0511bb175ecdb0dae0367d177abffd44a4b2146869ae173c69c659a22c6acd4bc4efd3453a27fa9c751db17259d5ca2a82330eecfaf48245a2338d1ff9d5f9b49a3730e1411f556", 0xb0}, {&(0x7f0000000140)="33a93e7f6d3f7e7cecf83f00c510a28cde7ae0f0ab9f759e5fc586fa7a1913f93c6bfd27887cd0373148bd4671e85fac7d78b16cb5c1e1dd5e1467d4a018ecbf7648be6a2951248641820ee3d733f530cfb0648eaddf6614e90926808c58ca0e01f884c33490968b08bb5924fcffa47d09c37924f345f5cd6f4d0ad1728285243047f6a7f3f5e10c5d62116a", 0x8c}, {&(0x7f0000000200)="42623aaa3520ea4f7c246e716766334b0f0658a01ae05a33d76cfb7286bf408ef5f89d1e17a8a713a5719a97677860f973baf917dfb0bea4962375c2027d7e1593b4869725d6323f302d2f0adeb1f368c226c7a0f8e29b6ad858a4728e591a85d03b9738b988ba047af9e67a", 0x6c}, {&(0x7f0000000280)="ed7bcbb729ead4d44f259ba00dc93dba7b79c05b170dae2931e541c41f6d939bdd6c6937026367e99fada06aa8258f2e92d070d5d3a383ed0052f352d0ae3a17eb6c0f575b5e0f9672cda204643701c2cd6ab96d3ddff1a193d4a98055fdf889653668f7d377e00829e60a478f75ddaf92", 0x71}, {&(0x7f0000000300)="e0b05b14a72feb1cc47ed10202494e79df08b80d2f6eff41df122e7b09e491ca8131bc99dd215dfb8d469dd9a5294d8e616eeab8c7b9bdf29221b2f780f468b4a8c29a387f2d15becb9f7349b998ea6d7a417510152969ee5df72c4350452141d49a05f579dc8b8422c676204bc841fe2688ad4cac7a950b7ae46b611ed4e155de19f85e9e28716f56553e198623257561da6e7fc144616ded14d8910970ae3d5fdedb25ef009a887c1b7840214df16c5aec58f94b786cdca693332f00778e30e4d620b5e7d30042ea52ece10aa9f50e31754ca61eee21a39bf4085e4fbc6badb7f7a8b20a80e1b3f9bb5e264f0013", 0xef}, {&(0x7f0000000400)="1f6f1d7fcde9811b0e9a1543b148e87e1755a789ab91420a8ef1a9cf3f8016682d2b4bd877a862366631ae7fc200e695ca9aeb8e8366167f2b1a3b7f2d4f34aa83e11f1ea36cdf657a920975d9b11d0e4d51cdb1c3e4721f797d0581ecec78dc5230c388e96fe2c89f18c6c25c63926d876ade857674c0d07ab267818d17e9c790e702d63e9dee49fce263ae02eb334772fcc8d1e90673e017b770242d816fbf732b360b24e3f51596cd", 0xaa}, {&(0x7f00000004c0)="438d0a82822432dff9d56575d205c469c51c0f9c7fbb13755d8bfa998dd4d5d48891301e972978a877ba58869cf2273f2f28c6718b8e407873d1436d72b246412ec7b930502117d59c77fb66f5d91b7495988bccf7d7a621ef7d3775d9a0105b2b049ad351555e43ec5615b6eb077f7bb3ac4f68b60247f454b6d23820c119a412239a552d7d3f2b48579d4d519dbed71d5ff52c3d678d92e79d1742f884f4ed6a2f254b16b5c99ff969d7efdfc9716cac29fd167737d7f8525950cf0c518871", 0xc0}, {&(0x7f0000000580)="f1fa60afa4adedb3caa161153c3c6c4a7bb7d9ddc65686ee4b8396f94b0e49a6616d085fd2cce38c22a20bb03c63591eff3ab586c37c2826d898abd9d9d5440af8f3594cc9f083695f4f66f9eb3b85021b97ac8d213cf001a9c61726053e602204165b47989824011ae55615d4fb113f7ccb12bf84225c25b9a570d37d1e48212510b4ffafcfc8105df395d7bba2083639f1958385c2b04f8d70658858d37374b0bcf8722e9e0bf5789627917db6175d931fcac23aea808a44b76395af5f89cc04508a038adea6a3b343cab728d6887040731b", 0xd3}, {&(0x7f0000000680)="3d5ffc9d0d096c8e1507a836be49418ca3fc3e92f998ebd9144e95699583b22114777205237aba552b4152be00e2683a5ce84178db90088735c9ff3dd3d75807e354e47920231522d137e467455c44dcd5b2098603c44880b9cc87818caccbb1325d1e2c17e5625a72a66fcceb796a369ba2a3dd1a98c551b1963abc7b42bbacb823812512c25d7da90d6df91c2301e10c6bb31047a53eef05f00907ec9ae486e121e47e9458000842843b459cfcc5f80273dc2aca9d55edddbc4d5c1bd8e3a4e55fdd6c7156", 0xc6}], 0x9, &(0x7f0000000840)=[{0xa8, 0x11b, 0x2, "34cf4d75e310f36ccf6dcfba98a5834c6cfc1a0fe736f5bd987239f542062736dea2c4d826fb58939003765c221315668a0be5f090b9c0628bf13b5ac2a355d5b9829e0419e1fe7fdce038bec418d6dea255c3f074e8a0eac8d96f0936cb6379849e2d66a494f75505f5361f0d9509029280a32c218bf67d7cfe1fb0a531a58237f8417418fd744cf4d744e2f318aa8e7bf0"}, {0x50, 0x11f, 0x6, "e89d84918c57891da6a3e4cbc4866aaef5668b656125a3919b6c20efa96083c5e33a4efecac824c446d6e27988d058ee4a0993b38795675e1266bf67c8"}, {0x38, 0x107, 0x3, "41bef1cb6078ee1eda0c8803a37399f7d5afa7a8e5c9670d44af44665c91a14cc82265eb45b1"}, {0x78, 0x10f, 0x3ff, "06f3bcb38ad96240f72b4e6301077c1c94951afbac970a5cc00dfa4c0c0c923fd23f6c8006aa3e45aeee26c9aa56e610b3ecaa4f14bb5d12561279ca9df6f20b7e43b43caffd6f200cda4e08076aad02c4ef947a83c70f34feb733a9e4825890d3ddc2c1d9d3b9"}, {0xb8, 0x1, 0xd95f, "cfb38ca486577cc03432953664e7de32aaa42666ca43c63b6e79c0fd4dbaadfc26616358d9bdcdaa471e890c1f28acc8e289856f139b2b24e06472c428d3fd45fce6075071d001ac8c09a21abf4f3bd9dff20e52136c541ce8eabe327199263230dbd5912b2e00960eaa6a35961390c2b82621c8f4243032912ae96492818a8f69c106c3da3aaeb9c13e88ed27bed810e235dff629139ea2ef13ea99eee814a031"}, {0x1010, 0x6, 0x80, "149709f72676355f499ec948a827e576e4b79e4aec7801598f5b79e027cfca626adc12cce2488aab8839226d366d64c1c616e837891cfa892ff31043c59fdce6f706f6bbb16169d30d25b38c3c7585ceecf6f0d72763df9faae7e55dc4890358ba8800657688352aa9a0387b401112cdf428ffb4104dfaea573f2b66263652300683851175ab0091be7e52c5ff4d13c02c2cbdb5ca7409299c352621a15c639274cd05a3c734de48c589ce75f980e1e6fdb367e6675ae33dcab971385a32166467faba631ace60671d83b81d3db28e36f91d7d3fb71fb2862a1ac8c1cdfd4bd90ef2044f72a410058da25f72ff97210276f716c75aecc8927ebf7afdb455d2516102ecd89060f0eebc6f7b6e7b74fe7b30337216802919a8f8407378ef510daeddf1fb4d8e52d493fbdb249b4513147bd0c6aeff069a82975a202248bcebd56ab582ca7311eb5df1b57d56124b42bc717c1202a253bbbd2ae10771bf98cfb4570d5876f78265a98d8dd1b090b3aa9ab74464d81521d49b8b3d226ad671321c9111a865aeb27f6d06c4a54733d1d33916209afd08d885dffe48f228374758dde79deeed9789842f605539972434bebd28f0856ed55654d8649f414a02a88eb745cedbe5118a8ec1ae8090f5e0b11a30641f15f7e1c47e263a25ea2e003cc6bead5ea6e560c83d8fc621553ea82640c273ad0c37013579f481d58f4feb7ca2b2e151b1d0f6b9693fdcffd3db62e7728843ea87341db466f21b1dbc058918e5a9948fc1f52b3da1f20ecd287205a3d8b69f306781650f9416afcda994e5dace003b3aa8d79034e591acaaf9c2115ba684c453ca22fb92444ea62b6507ffb04e84d108860a2819881a07c8aa501ae77d45980faca3636f83bf38e906b1d85f7e0d04945731ba5dab8023c55f8fa143d6f4e2a8f9e0eecaac099cf9d5e80dd3adba311d1656af6a4258ec23fc7e64accd27c9dd8ec614fa6824da473a965cae381677b1f1eae55d8c7e8104d8bc8a13bb5bab6ecd8ff55e857818edacf71b17034a36e7a5276d8cc40fe5b977b02d4d4f86ead91b5bb0d5d2662bfb4877e00589d33740b2afff3513c2b90ba305486c5d89af95b89738509ca70996710b3695fed7f03ea5ea4eec15cd109fd6da433ca61ba3b20d00ac4aef281c2895ea3f03eeb2c49135b7f3091f9aa4512d1c947dfcd07732516f317dfd78106b25f676672ef8e5c63fa2b35c82330a15a7d38273aecab5047b9c8b51333113473c233f6bf42c238a0bfa31b64416ba130ea2f7eb73faddcb42573754e043db43e7a84c8c1941a965726df2da279ebf1a50e8334f8f1f36441fb9a96b286c3af495bb1734602535225486487aa3f6b1acf8ca4a0749ef5bdc89060cb9f917bca46faf2ebc304d6d54d37c4175cc8b3dbd34dfc9ef501a6ad1e5adfff26bc358d8e1aef7862a3624d9c6b3e4350433bc64926dab9fc2b2c3bcae8706530e7862fa55a6aed623a3578b7aca22c6114b27998b52bd50c662f6053686afcd134ff2fbcdd61609fa537949976dc9eadab54a72673e107fc6615fd0c936ec6dfea17033a119983730dd22280347299bbcda78e44788dee9ef72e26cfa5d571a4e9e51c71b31eb681d435977f9a6d92d4442fe3cb941c61821935c8b0b7009c6ccf3e464a7f37cc6ecaf3485a2d38c1de68ceed406f903f210dd9473886d003628cec92421509882d46127bd4f47d331852f35e444afa29579f934e1c5b7f5cc39dbe0b75dd02ac8154d83b20d4363b73a1cdd1b3310f305b012f56735c147ed7f688513a642b376a9823781279418414b58e75456465ac4adf414b29fdaad4d59df7bf7fbef1be3b53963b4a793e592d2907c3bb7dfb96932cf11251a7029a73e2a38d391a769c09bfc4a9b2da31274dcf8086aabfb236590e52c95a548439c5105b192e947439a52fda21280c96b002fb7ac1438e986f6c1e072dbc03b98c642c570e9f07d1eddc1e0b18857494a6ce75e3e27a15e6d9183c0f56678a6f1c955616a9426f845b5cae6259142ff792960714512803c71789763e285f5d4508995f7f813ca7c6132eaf6a4d4163bca836a33e371f7a4c3464d8a65a259da99066399777108841a96c19d843fdbf66d3ae3f4eeee5a55bc9ec3f219c509449844fa155fc4c37f9d0c465a7867d4289b6f8b3f83d5fbda914395e0c6573bd1ff41ae854c7c0f6d7abbe9e2166938e85551430a8b74c145f665d31016edbab34ddeaa8e34eceae59ce9b79f24e5a15ce6f5327be86db35a96b9db06ce2f492c957e3734d0ea18a2814e9cb4bff348897d48cf0d6943ff95e6064c15ba509a861c797891b201bae6c0aa99186beda5e302a9116a5ffc3badcee440b8e6e70e07165dbbda5a0bfdb76868e5fd0a8dd44191cb7fa0d3d2d337770b172ab6efc82e6c77cad0a4e62c1973a156b98ce6cc1e700c640ddb3f9ba96651a4cd639e326d551922bbfaffa3e30ce189a6015f493207dd4862d530b3cf9c3c2a1e2890afe5bd3a2ec85896e1d61ba84df778bc9895617fd0e8ea65bec772adeadbcd00d5d45fc43d5563a425935d66a4bd9d159e0e038571e36a912cb202f4b51ec4dc212eb48e2c24c2e945eb0e0bb357c323301e6b88fb87aa68fcddea4dfcac065aa7e94a665db78e8eaf67d13f3b1387f6c4626ee0d61f89273072672f42b1665ecef6d7d6274b0464331b799c40b0c961e47f18ef09f5cc69e17350f27aab3e865ece8a40d4493ef1a3a56e69e18a53138a217bf255c4440507211cf84e1193afd517dee2d03032bd1916d1ca09b93c36b8332f9c2f76e4ddd0b20f3481c9944c2265e4b2d2d4f7ccbcb98627315555bbe87cda3d7860e29b5e11748fa27f0d79063afc5d3eb3f6fc28f88467224fb06a8f290e1dab73dbd9d2534fb30b307d6e91e91ff776c8fcb4e21ff95da48eafe33c9f58c9f721c75b48e9d9aaf00960f7f03714661fe85472154749c491395da0d38f6898831b121c3e018ad1fecc1ccc68c962659e5a4c6de799ea31a77413db824358d6a5e08d8a6941aa6720026ac2c7c4a41c66239c9894aa2e5111591a9f4723471be1b2bfc6aa2a804cad569d8315315ec37e3ee1b74f7d5d07929e90e0e344c3bdbcbcb6f14b3a5e496fafb99d40209fb32726ae5ca8886fb9ad0d05dc39535faeef3a743252001d1edfc30ad6bdd5ada72de1789fc3905ca94dedb63a2f240ef51c32d133798a9ec6df173c64c2fed99618d26ce052c779598dac0ce1ba97057bfd1185c934a0049b91d93f7899fca1d8ee505a07f246f4a66c97164a8c01f683045208975d48709e2b072ce25191b87a85f1206a3f54ca6350f169a929f7155cc8f5180841b28373e3b9c90d8590c99661dbb2f4f35aa9d7c87789b561c948324e88c00a355a47d40c7474e9b0e207962c0985b21dc6a74e25bd1808d1cb491600d0b4c84b979fe36fd6363bcdfcb1743fa49b04b2b83633a37079cea180ba594a28a6dd943aca59b398f938c92daa21754b4a66591d799a5df7a67e00ae0075d2b04ddfcf0fb8b26a146cd3d2102a86f9f49fa74dcb9d5dcfa925ee56d5c4b79cfa4b59121483d6548b741508ba65e23f5b2375d8e7f47f50332ac7853ef12f5a5cd773026fbfc86b205be2f9997ad6ab2fce9fe0066a0d55ce0ff7acc898d14fd32d2bb9027a766f01e439af71b4c858fc1ec451e470a1f381c2155e2bcf30da688d7f7bb3e46de25e6a6fe32655530fbff24101c619a5c39324593794ae750a3cb48547420db50846e51a9f81c1befb4a3da32a2fb8eb62bc58b08808abffb7f365ce9cf770985785b40840e53169fe5443ca0f945b311ccd7609cb3694358f51c1da053c893400c03ce19704e658b497968e777e6b72cec7747c7b2204500202d5b4a703849a9dc7b96e42a5cb67996e49e28afe60ca0c85b3b4f6192b0c39b8ba4ad1ce184ab36c2d3a20b59943f57eb19bd76f1b1575e56b5759cc78229ff54d6faf3731632f0ad16ae724f1195509b97ffb72296dd670fc943558476a111f6221a0fe254ad05fa5cdcc596fc5b3c872f0bb15abc864263b145dbe66d1fa292f974ff0aa50b930e5851437c1e8024648e046f50d7119ef3f2507e9a15265958926e10561ab7e020cbd55d96c9dc56543a7cb3be87a4d1f90711b9504c61103e29bec9acde3f38f9ea942418231f0d85ea423675bc189c02fde005542fa5e175d857c93073eebe6dbfb9a94cdf6104245b435af1452ab89769eabdf3734e075a2cce8bf5378e642b0245e82b8305a88b5f37a4f51aa57b5d08b398cbbcb374d37947929e1d0a042c181b0a88e6ab0d4bd6d020702bcbb2d3acfbbda0ee36b9b5c46d5a2c9cfae6e1e358504eeed6de95ba68c29d28e5ad589d119e89ac4caa2e9898fb42494814343cfa55fdf405eb0c6b0ed3d5bf4f3f54dfba391100cc0ff2185043eec0053d83b44cfc2a0a62c1e9e087f436ffb83e4f86ac405671b44dab94b5006bd799275d138bf81c04c8234346a2d4c12b7798ef9b886edabbc70f290fca946b2587b32583fe3cf5e5cc22fc8347f5c3cc164b6a4fdd412715c997d57d95807d43e1ff430130455a952b950595e4b9638cbd20f3f138f4809d732c5c78df743641c9890a3151f6d9e327f1d18ccfba1abb6353ef3392d0a817023bf5652ebebe7a92f0cbe11706bf5ba207b184628d55afe9d164c8cb745dd1dbc72afc2a98c3c027cf80fd1d3a132c37b0229d3c54114979722ea99588955f0f0439e03a911c36f561444cb77e44f333313847388f07e311a35f73ae8d06b18f919fb987e05880f6020306db13cd4068b719af9f5205461e6bf2f951047e43f9b798d4e3fb1a79e06554fdf8fb51fbc25fe5ab5bd797393ea8e0a079106ebd16be455d4685297e3161f5bc612f6b35e84e3e34c12550e167eb747b5fd4aa05986f2c718242aacf5f24a3cb83595fa74a3e25e9ecf6679ee2d5f1a38fca5a80fe743773b63ad42b7cddecd94ecfce5cf3d756d92c9e0bdb23b2902bfab2433af3662b90566c8849e45d3e8367aaf3b7248826379b946ac716a5febbf67b36553d17d0095d9301445e47912e621843bed5f0227e472bedfe78cf396bbb10ad613381dce129318bafada4847491c11b9af78a5371853fabb1b25279f7d5732af87816aa8fe9d69c01e74dbb6a7e2763b1cedb687fda081c1433d9aefeb48c0203fa1e7b7709bbff002d004f4b599ff345229f71f1977114002748f2768c8297ae95f0e88e969e20df4d72e5db06770464a8232944212c3468ad9631bff572302735da669e88bff5561eebafb16789ef0cc7724fa475b932530d9eab400be9cb13f4e5d2daea48de00b64fe97d9b9bdf22a431cada4877664bb46c797538298b956c1cd7216d87b3839e49468e58f0980f5dfff963861a28ae955ead0bc48ec0cd4f0a05cbc818d84cc669a72ef1510051fa42bdb4c2c12fbe655248ca22f2b5c6db3268f1f28d6da77783009b628503c553151e9c9b33eceef39ce8174539e81dd6ecef722043aa3eb27e43810e94ceccf0299b0d1d3f8685e35c1686eecbf94f78f9c78308adc833e3b4c6cc28c7a839b41cbbb7cb1af578725bb9d4d3eeeef2596c8fbc82b3b819616b85a9e4c185cadfde38210d9e8132729ce684680d2883f647dcb13489ad3a6ab09d1cc3b2c298de4f8a05e08df603b211e4f0c5d5cde8b4504733af803322b8528ca44b6de58d73ea812ea271721ca9a6e0629e0a58e5e0e99f116f61e5a7adba28daa4935f63e39a51a856be692b7f02b49"}], 0x1270, 0x4000800}, 0x100000000}, {{&(0x7f0000001b40)=@xdp={0x2c, 0x4, r1, 0x2c}, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000001bc0)="cac8c522b9799e14fa99e320b958ffe58916a07aefb4da5bff73b7ea56509238dd14c22104fc248f11ca5fd248b169b1ac0d4a12a49fc34ea0be4d032f8a01e73e4cd847a789f328adf4f9b681ebee69c41031d2081dcd638dbcb810de4e956caa31cf6c04ba5ef89d68cbcde04e", 0x6e}, {&(0x7f0000002040)="a7beb636b2d0fc9fdd18a5e2207a9a068803e0754bbdbcef76f5eb7b6b9409de10419bf5198c5b6ccb759c683b1ef8e2314016d4e80b92af0883651eeb4c3805a6baac90936d30c7b7e6c6917ccd350cf8f9f81f6d9926f01190a2dc03da3ca933def6a1e5ce4ca954e5a38da584c1488171eb41c1041ffcda2be3ee734e883e7167e89162a20382ae0de4fde3b80206e0b0c35b8c2b88e7630910bfeeb55e2a11905d763b11586abc67563791d4381e6daa09607ebe5b51df734e22b8f21c2232fe93de4de83164016bbb8ec93fed7d13a8bc02b9b0c96e44e9284f5b9dfcce937164e9d7b44f95611b89d5a9c1c9e13c403b89306d0ab8bf0da2d9918d635be40051e15858dfd50c37c3f0e58966d27d8bf6c61ffebccca277c976b618e2f93c496b4e620a52b47e126e1c054818481a5dad5e82940ff6ad9730191aeb758007ecdd6312d7fbb745d07e2d4926cdcf1c5f154addabcadec49b68d76b64e15d35c6623f9f402266548f5cb6249eade3553db0c2dd11f7da8e4d85029685e5fd69a0c0f89f1ee3ab42df9f1de67681b3c499322c4740fadbc0571fcf25fbd9cda14fb7ec3b32bae6f6fcfb27b60d0fd905b41e07bf700896a46181dba37866f00e98f46f8fae21623a868a0885c68a9956c3a299309049e11b50aae7b0c4bb9fa9947b2b9876cfb6d15f4f6849ca67c594b62add88ebafe97981d4e2d58f4be082b730ef648c6d7d70a964f26cca6a771e06054e06e769aa35de7f74599635731d902f968a6e9f7b19a5a753789d562fd183f1f5418bb847ad3594590b6f0d287aed65cb2be522cbafbe757fae8696a75073f098c10b75638312b1cdf0307c748dd295c71bda4aa7f66a7e8851066b6961163cadfd5c2f985c400ac84a2e7dbd25f032c94e387dc34f2ab6c0208e67163d7f74a90432cdec2fa7fd8a691f7c276e712ac59a7707b2c187e99c9c5a07d1c6996e24866222cb7698d9fe01f3b643b8fb5504d50b195c7b47ee276064c0e862fadab674afabfb8e1d74fe570d05fc013f54043b3413f7eeff4d8d9fb2ca9c506cf00757205e33c0e21f3e1ea7f47855f12c65eee0566b50cfb966b60eadb88a8b18afaec0de4df0becc1ce589ed9c76b1e45237374b6b15f16c49b34713481cda92e94653dce36442f402f1746ceaa0356dc8aa91201962370a3e1bd4504a68b5779639359de1d95297070c12e27aa7a15548f0a1e1819b460296565603fa008499b4c6d8a7ec1fc0e134a134ffa7b2cd649fb85010aeabcb5c10116277981bd24eb55e5e2f2b5a8043d1ac950e6e031be28781ffea13bcaed447b037ee988684bc08706456cc4e2a5f55007db83d9828d90e64a8c9775bd34ffd9daed60b8068be3316cde5a7aa004a84ac4662298823f37ad5585bedda2d3a5b75d8c1ca95336c9c44360fd44f0ece7288797f6beb07592c3912065430bb09d54b2e81f92c74f9ecd6f776fbcdd2ab5dde1dfebc517ffba75dcf2218d37bc751e26f224360194b15e3801866bbbfd81c0d6fe6bcdd97052b60160aae43b4ab3dcc583a00a1cb13f6b45a7b9a9b3719dfcd66b4d30199a4db23a7b30e8a3d4403d1768a0081acf05b2f594b165f1aba5b2c8bca208a2f1a24226553c191c61359d2f864d12ba3c2a62a7097bee33f25677f1e8af185809e7a9a802adfeacffff257423c5fe2f3b3a492f6636d256e7bc4782cac7c6b1b4bd7e3bb0c4d37ccb3b15b6be61953d4d6d76a944026b7659b992c1a6cfbfcb3320d6b949135d260c16a13145d9fa9fcccf7ada3448a94d8b7a47af1002f3bc0f806144ce9d15c38aa6acd904b46055a2cdf8e5cdd7ded09ba0ac9017139f58278cef8f054f243bcfa0cc29f0560b72c35705708cab13548791e5ee86b2383b51d874af7780765094d77cfd70b3729cd9e5d4bbe49ca9063f2c9e5c1d18ff1cd3002d60bc6cc6a549ecfee7b1f3f5f1948539c01f4a3cc5659298cbf1301b166ff27927bc56108cc636da240d4e6fa1d196077fe48b80486c904ce3ee20407996c6d384b89faf5ee7d413cd068f3a6fc17d8af3861033181d70c043abde401373ca3457377feb32804d11b7b27ac0005d011af8aa72b0d180054e55b1399e6b8738e277b43ecf11376acfca3b287ce4b68906c9bbfecb516316dff228260ba8b834df698b60139691f67db698a87b4f7c8696b6a1938fcbb8daae885cde36fde69908758d438503c0757b99f0df2a1b3b58e9cde98fef28d41a65324c88d83aaa60ac8b2f6a5de70a3eef71fb20157ef5162be5acbc715347cd6f14f43f73f82f9d86f511379869a393df766bbfe04eaba06f94d07939f16b17dedec3770be5bc1a522bf1ac81f93a83c99af03731afd7be3a7abe28020e0e871dd89fdb27d0048797782ad8c6cafc4965d083f83cf1a8f20c7b4e524320ece4aa7f0a36a8c4bd83a7f6346ec417685a8838f3a3e90f1936bfd908ad7196e83315de59cb1dc1b29f277024b39f22172d24c492c3f3da95f9dfebe39262b167bf5cb869438086dc50310967aaabbb50889af3c8164546d2f15445905db6fb42e979487e5f5a3ffceab2477b75004af6ce916cf9f21b745b6d425c87e8b9eecd63471259b0aa5d3c121222e136a5eb4f854bab0c3718950a154ad0d3d8a7d96141ee0f84fedc250f665afa72b2800bf9f49663c9548516b6188354dcf008240a5023f699fb0817cb9b2f74d404a4f9922741cf24def9cf3cb19aeed704f1198b2072405d386283884c5da1fb2478a6e58b848e8c126801c5d9437c04d3eef5f78a9572f983051001d662c8d804f79d0debcc6c7300384d49e743c740713439aa012689690eca4901825e7c2f192a37ddc267132cb97cff57ca1f1c0ba4fc0bb2640112f4e33d8a91798e988b92e15a957b7c6337a3b352045753c729aac2b92c10dc36c20829c90117489bb57b90373864913bb34e6fa73117d36cca3c469050452442a6886d92bd4dd4f68b46f9f1499d2d724ad69550e632dbce21ac9819021f8773d117efd0d9e98ec630e76f49dfdef876a8004e48ab961cfc8df28e38e6a87cf341f0427bbfce9e00985203d8a975ea14d5b4064370a56918f4c33d8913f7698e580d09943fe94cca4924ec0b487aa27d6072a757a9a4320a6e7c87c064449078bdf00a97af5cce54a3ad3d8289d7010122d9c1b0c0717b333211f662a4ecba9fd37ee5e467ac033563d26a6ebd63ac26b0aaae92074c0d1c94312738ceeb9b06fe44997176ef3239e4c27ff8452834850b31e4e67cade4cceaceb3de4f4ffa86a9e07860e5ac5d9825edb22b13b449cfdabb1742ffb0e051493712787a4e42eaf6d100124668980810596e5dbd7519c7169a52f39c9d39c898fe0861a0a64596c5db5d71b1273c3378cd57e8a19d134f9a265eb2d23e2f1f23f7d2b223492776c5f2303b336ddd98719e4d8507781566f55d749dd8f21b25e95240c13be09843d57011425582d84a4faaae7d0e6fa265c5709213b98aca20a2f10e5d4d267a277c4c97a6bdf4aeb4ccee7881b50ab859cd4316c0a022a19b54bbd137e2addd9afc3af18d5befe64f47e71b8899e6bbef6edd4e2295f29aea4a64ebf59f2fb4095f133e26ee54fdf8411ce81cb4436a171966566f5aba6b370dc3b87782ea9b2e081041f6bcdf76ccc1e25bc1ba0bac7d86d22dc2582973ae096a275c3c3a3da2cea4f428c55e3d1f7a736ee04ae1616fa473c067dc657493bd1c6520b1be981eba4414f46d1b25b55b8a48aded2d197d3a892d51c914ee65ee3b8683f97dd3e557c3ff5fda2ac9e49ab43f1b16b474eab535a9715316ca97d4b82e9dda3bcacbff52f031dbade8966ce3539a5e5952e31a6ad107753150f9e6e7b3a08c85d3737da5517bfd38410b08023ade3c35ad2237ba95434cdae12cb74b275f3a320dfa5a0fcec69f4e3349fd58847abddcc2a35f028e6232c4f8eb0275602f8ff37513ec78618e1be2cce40f3660347031ad247c067ad7db106f5c64d8dd4c6154bc281723fdf5cc191f0ed44b56424e83ebce07c9d102682812a8dec84500ae749b8fec6cb6856e6b6ed77063c8d4cfd850fe5d7d36fb64d27ac15091ac2dcbd5f85fb44de547571e9f69562d04ba48f6339340af3a91a251d810840f5887ede7a3b36da2fa030e26ad144390669a48434dae906f06ef10ba7c131bad3cb95959af7bbbc547ffd9eb1eeaf13315ec12e3f2d15652568ccf056671947554f430a3e028be77dc822eb164d9c74ec0554dafd56da9dc6823aa2c577502eac45e2753bc632467e5c8b11a7362caf4c03ed75fa8f357dead97c8ba642c9c4e29b05b461098236044e3f50b0f4885b0e27e8f32593a848e8c2b08d6036fd51d83bd6aea69196113bd38cc79c52c4aed5a925719be897b3df4ae286db473caa57338f01c2ed808f9572cf25e775a8fea50def75a540a5d3a9f5c880945a94c6c69580483e1b0018b94255052cabbde38be607135ed01b60abd4001b245ad2d1e948794d4243ba39295f771192ea9f2dfc112939a552a858b65423c71c4a67e6afca2d485f61c539487dc4d4dd9f6968a8d77aacac943ef8c2d24554e8ecc076653d79aab02bd156b56b3a7e4cac1fbdd1332215a212aa1dbd9a5971d1743154dd2c9d311852d21992c325e7410e22931f5eb129c4e6198cdd948df7bb2481af9929a6a921b985658008945a150d10fefd88819be393b02f477ca155604f62039617f0452b5d6dfe5fa895359d11b720febbfe3081c90c3f656fa03bda67c67723c84d4651408893a0493ec5bb7a1cc4f203105b2cf8dea876b89e1fb3989dff019d0c27c7e3072cec8ab3f54ed54dfbc90d999a1a85db67c536f45bfbf3f84bb851fb52d6e0435b3f0795910c129f87350e31b70a22c0574950e1f83c20d7247e07f873f1a41974c10d3bd9b59451a474fcc8b357443899a9fecaec80f2a9842b8594d932a7d91d4c37432f4b7d4f90c10accdde4e435c500cf91570054ec154650129c50d8ecdabeee7dc34316ae38be82b0d10c0259c38883cfcda872c9f65fb5f44b217fa26e0cdb333fe66b38b30d5a58e6d6361faacd4cf9ebc22e54664e4192bf9d6e7b2ef76a68b8a2fcc34f08eaf1ed9c05fa3381994a5aaced3f6366e03139f7b3108b9bf08148710617127a113e47d587bd736d1cd4e408853ffe60f7b87165ae2fe3f6b5094f143bf4ab27e99132ba702cefee9d18142b4b262536a0bc3f2bb097173a52fd90adbfa2cef5ddc2963a6d9323a5218e71d848bdf6bbc40ff4a58ab255ca1975c96ee41f7c316e7d9eb39777c2698a8dcf344a5a173af54406ce585cf1dbfe04f6983ed6346a3298f3aa4d0784f14c52688a1d4e39d93a570e209e1d5f2477e124429f82e8267089b7eff930a32ee1b6990eabfd5d02ebca1032d13ba1404c57ac6c11db72ced961a0e05f78654151301b2ba6e19ef086050811a88dd41608cb4597e1ec2699715634d2488c38c951dc3a2cd351a17ca51c0a406f1e8df6a6808b69cf815ec2170af5201040ee1f29e83c6cf3b5b03c20ba5f015aec3d7b0276e9f118843c87e1929b0516dd765f970a699e773f8ac3172fbc90276e8b9883d2b525e26c25e135d03d0937f0fd87db8dd7f87437c697422314d7c300346ce3e749ecf50cb0facb203cec8433280d693829620be4201a3e954481bac3644d1d7fdba482462425d3905e8baabf2228cf5affea918a8e8566846ed4eea9478b87de5f7b29a584470bf26231e1f667b006701d4419c400f01ee47b5c086df2b1", 0x1000}, {&(0x7f0000001c40)="2e5f4f725aca9e22546a6ae4a00a38d89f159506f763b29348b97dc49c84817b997b37a2a8bd63e9ed476d8da4a75fcb9a84f63377ac0da60dbe234a2746151f50db0b0f232d77280c9933a610c57329fe32c6e013b6622b75c27f4cc95368cfa7a5a6c30b940790952005", 0x6b}], 0x3, &(0x7f0000003040)=[{0x20, 0x113, 0x1, "8045d5e0c74fad6662"}, {0x80, 0x11f, 0x80000001, "c7f019c28ced0823ffde0f86b2d7d58af99c95376e5040c8efce2bf46da7b23d86ea1b6729de16b94d6456b70b09ab714fb4aeaab1016531aa27cba87cc5e113bb0f23c1fa74256008bf8c5f7f6b48fdbfdc68114e6819f8b7a7391f614957ff97ece336c08125cfde026495f66e6d"}, {0x1010, 0x111, 0x1, "f0b689778a679ed06d7ab15c46e3a401d1167549003990575ce14f3e6e11efed0b98e7b511dc00cb84880ba7910485cca26b1c6d1da30064fca03d62512cdde024cb4e390dfaee3da9fa483a73f36872df3bdaa594ba7457438bed28c09ef96e94768943974a119d183923f51bc255bb851a036d1844d44e737996b90e27bd027c80b70343ed92bf453ce0185295a66e484f25c208ea10078fd83007e2b5d64590f294c0c3d291348c5488d2b370c72aba0852677b4e3a4d439dc891c6c1e88057c4a3e17a2239670277223a4235d41b568d93f089b1951f1cf3002049d502fd587cf652f7c18f5dd483dc9c7d314f63e4acb4e91a2c6a93ec1c200c442aba4f31eae685b03404b13e52d53818f4fc1ade72fcae9d5df7fd5c173ad484153da3ec62a103cf67bdfe2b4a8a97c9f5ef4e68343e6cfc1cce62fd667e73579874a311bb2f1d5d3c877bc0050e3014bbe7490e841bc093d899109114642ddb7d2c4012f5d1e19df76c089ffc08b1c4451f740710ad2bec54aefb8b60a7b099c22221550a1137e4c5517b5b329ce1e0553cdc53588cc6267065baccde6f87291808cf6d7a1506d6bf4d3c7c52577dd0351ea5ed359957cc57da22caad59425d285e0041008725e594f06b57c3e29e728e1195e6ba8beb572f2705298ed3125f251453bebad466f69b215d1035b68c0e51f801db6802a82acc4c89f969ba4becbefa3f310fa02191cc6af07e078349ea5ae307b387a1f18f5ba65365edfd87397d25a742a91a79737e70b30d7fd93448a976456378c1206f17647dda935cd9ffe3eea6f6a2549fb5541c664fe09c3ff47d6753a57551258bcaf81f8e94d0e5ad53f5d8ff98fba52831a8068b4370ab10807efd57873fd11a2d4ec9eaef3a77c3b4322a0defc5bf07ec203383960839b51e8fc48c71772fdae5294e1b9995ee0dbd3661a7a19199c115ae0eb51419e27b918ae80b4820a9c04b1690c7697a181bcaa4b21c767930a1ddf5f35beea27405b3e3e31b456e9f6ab9e363e4ee7cf1c52f908e169ebeced9e9ee6d4209a625a706945ca2e47ddd5106a2b035413d9942e49789f36f29c57bbb01d8dd813c6dbbb3e8b44784771c70cb1aad8e47994a0bd3db3bcb57691c14c8c2a9cb882740bd0d987c34d699a32a099e8da70da0220a4ba7cfc259cbb8e2ff753800b730da0b4f46d253aa8b6ecc1fe808826fede06aaecc993e8cfa015a8f7b377263cce8d9a96dd34afb4698021f2f051ec617f4c14e246a5ff88b0e38d82c7a147586046cb2029b5e4c5cc2dcd64f1d99020a60d12ac2a07fbc8ed46b6261e95329c9a9aaf50645e5c36224725a2540231a42f560a7d19cdedc29bda12d53b68dd01b3f5d3b3eacc2caa165854fd88053039e3b3727d438ed2d7c5264bb343e9581cf5c47020ce4e6a264e53f3ea4ba4bb190cf3db0d602d7b7ea539c9e421f038dbe0ecf618a84be8dc7f51d55decc8536c4999519b42ab5ceaa5cb06036727170e50cd91c69c2f55742c04b3cceeb379e9a8766d1615737093d903f4c66aec35e9aae74034c8338c402f6852e886ea2ba021c99058e78e2f3cc1d3a3710661006b9d73b4db68021e07e895c00e3e1256fea0666ff50b07c6574ba1773d33c85f8fb609e379487e32118fb269d55070e714e85e75a59f93db2eb1116f83d9efe3542fedd387e6715d0e11a9f6481ef7e240f76fc9fcd05dde0688a551a61b18393c55375dea529241dae43eaf0f63ea5c747def390654c9c8889a952a5825c175c3c545ac6eb61aa655c57378e0a50d72a70dc1a7d63b485773c26faed4d59cf65940b61c899e14af761aa9fb32f0a887ea6dad87413a6fb37bd68d213483aba28abca4c79fdcf70236e141693c41b60ee62aa3b6aaa7f60b3261ca93aa910f5ddc3428dfb2e033bb4e68e97e1fd9cef00f7dd920b8c40f3618a7db1870765efde27bed081b9d6fd59103de855e59eada950c4aa178982d78afc92521faaae694cb0a814fe7b858616089fc3b6017b4a251b05ab450756e1afdafbfa9bd556be3e4b59d52e2daca4c920b831fe01c00eec16adadaad2bcf310d13baa1b9cf3524b0ce8206a72180124796baa852080779a8786a199490521b02be71b166a0bb32bccb390f62bc498f84a6580a1c31c5f22bc0d7f1c666b1d383ac7b998775e7aa0d41ad220c24877e79bae801f2d7073115af4b3326477bd74b402d7f269bcdaa3bd04151721d6709d9d43b8ab949c3d5964e2f121b1ebfcec75d3d04ad25a9c2f4aa9ad484e9022c599665b4df5f5c186ad01f363fd05bb2508832dd900002aae0ec73e1d904bcdba56a8d38f538d9cb478bdd785ac6ea4a8b6c19d1fc7560f93b529e014d97fd91a4a48cf200be14d04d316797556b38ec3a648ec2965c4d9e5d39009f7c93f1be3a55f2983097810c15be45e64a60fa070e75bef416511c6c7c351fa632bf39d729a2e3c8efcc1633d5173e8701aef7d76de91df7ec1a57972fb26be36212d273aab5284701e787c01b1b40eeaef6976840a605ebd40c251a1219946fe847c3cff53d92b3a87f5828917d0ba9f269f29df72f1c9e2d1b1043964cfd3595c89946cb79ff2ce310e842282b0947b63bd5ffa46efe93b08acf879aebea9dd825b505944ad61db9ba9850d0b652710fcd3075eeb9353a9a6c45b55920ec98c4548fc1dd0a7365ce4897ed089e73b52c38b828a2329bb1cca0eb5477ec536d4541c9113bdcc55623a2744723ef1938b9339330037f382793000bf10466111a779916774513d29e9c654c4d1c2659c9537bca0a66157e731e9f956387f2b66183aa469b0adcfb0d4e013ba178c6e6884e5027d9a04ec4de63c660d13e5657164f5a0058616a148e0f90bca9478a66bc58c02dc0135a6ee5ac7ddb6c85a87e23c969333973c3b5f5f7e4eae684ece4418bb788d0d3afdf4c72eda408f72373a2cb728c3a34b1c76e963484c8bbf06691c5f7e39c053d2b65ddae43a50d613a7c03ffbb6a960c790ac5767ceb5862ddb0f49a0948a21fd45d93a154a5927dd85e95974bba30c6cb381191ad6b54a45412e0402bcb11fa89aa019bf2d3cd59ffe5c29342920cddcd550b907671a2a70e6e8bf510907e68e1727bcd7568f1ceb39e11bb6fecc669241786ff1866c1139c50fad34b770f77f172aeaf103d39801832ce00476f74f35e73abf85aecff657b01286df4c1f714bee772befa670406d834203bf1dc8e2d40c58c7896ae1295fdbc7178363acce02cbada4d3f09d24819e3504a8e582615f2af8d2d79e11adb9eb894b36041af32b7dc571441672b949326f0c58ea273b778bf189911892025aa8541b349fa1352a9a388fdcbb47b17e3c8a4a86b8e513d743d4d657e6eb05e4fd972ab680c109be84d06fa908ef4fcd2c608c859fe8634d38cdcebd9e6229e17dac8983542d95d64e84331d533b851d9f9eb7996e73511277cbae9de1afec691a611a882f6f0fb717ddfcb28016d8d34d694410aa4db44869b2d041e461f443fc36b52314e95fba3be83dca47187bdbc60a57aa5188182edcfcb468c28dbad45447b8638f9a210b51b14975cd2c942c2c052e18f209ebc6ad299e7062e561d4f8167b36bf55bc654d3c58869ab1433b0754597ff8b5eaf7ec910269a4b303c017d5f1a54f47d9489113f129101e3d13d1262db5e6b1eaa3005dd82c5ca2e122ce18728af2ef14885ec85796a4fef874be9ef521bab5437d0a93435a7033ee1d43c98c2788ee8c01310ab18d1f4172e820932a5d4ebcfc691e031f1e1157be93e5e7d81a92dae5581466a80f4d109a630e35d44d269f4a0bc0b2cd7fa91342ee3afe1cf159c246077051b0e8eeb7c294295a5dd1318f37a0646f44ca670744b4e39609d89acc4af921a3c71b9a0c3f7a2c55aa71c62155123c5502137f915ebd09ca0d145b7130b3cef5bbe1a5972cb9317d7ce1835d76f65b0ab8b08ff79d7b14eb57381fd99702ed6900f4ff7ed09ab614cd7a0325e8fdddbc2edff3aceb084ab48911eff0340122d683053d3db487edf7da689c9e7cc18350989ff80676ee2558067ad458fdd91b2c4d7f9c9c106464d1d79052d5c320e12552c278ce5dd33cd62158cd89b80e2aaf6634f895b58c52487272a9ea4eb6f903e2509fccfa5e716cc92f7841e8792e8f473591cba1f003f23fc342ce5171499ef8c0a1506b42b82a6973ef5bc9e4434f8e88c75b917f798485d5d76d998adc46a996d4f39cbf2b5311dd923b4dbb71d3194db9b6d470146f1ba8c0fe1983c7ef61667dc3eebc26b6d9fe9e5bf7a4976f73564f05aefe5bc1647c88ad84a77e7d939c909200471a4c06ab5193148ed457bd39c767caeae458fc0285d32101b4beaae556f4c1cdd16c37e16462df24e61a8675f76f87b113a25edb99081f10fed73f4593f81208cea65b6a02bda9ce72ccc566cc8d33a2f45470f983bf1eaa02ba9caf64fe71087be00897e50f3a115d3aaced74bb09652796551a0eb781a4a02d190be8fb56cc6244edc1ba8332e0c9eb2df36fdce0cc859f21b0e163e5e9d707bca3d873ee6f09757c32b25657af3aa1349dbe99c42ae0ad4b242932d9d47887a9ffbcb579d44906ab0ec4636fcb958ed3c9d747dcbd5256b15f998fa56cbf90f22ba5774aba57ed8aae83a6572eea6fffae771727fcf1fa03ff9de867b75664ef1d6991f3e8fc77b2be3eceb5f4f92f66815453262aa1781e373a883378fe192124400b1cad81ed3196ced0cd42a47cd945f2966eee237bddfe02ba751b79e92e0607562c917c20b6ba4ccabbed06b9b8e4dcbfb143864a87dfc878b404d82b7d545d6908478e4b8c8fd21bc20b1403af9c2d3599271c485a0bbccd0c18cd8b19a09a5fc35319b1a7450b43b9a37a233356499d8344c43cac895f3644b630628b25f9e5cb06248b19f608de3c001524875840e8d75241e105cf07767738d58d64ac6b1c6d0100020618aee1410484dfbca1957241cb1cbb7954f8121a68cf78de7295d2a64e291c852aa18208d3fc07c684f647684dac97b0cc7dd418a1cce230a0fee25adf275b6ef25b67cdab07e5edb678fa116d6d824d892bd859913ba2c53a75f013517db355b0738844a44c1766dbda157b301d9d96f295e753943205e35708e05295a4fc797c5afa5f0c8bed3f7e0bb5548852e19d3e67d1723a6b99564976dc06cc908cf5d972dd07885c956544bc2854eca08a4e1263f41c77cabfe90590ef026a93542abf6e9cf1f3325401110f2111d7f5788c414d2a54b77ab969c64f5ba551ea1fa7ae470904b783f6c858b22c87c05a94859db626893fbbb1d4eb56b2f153334a78ebde4187d472827ad86774819497551d14cf2f85e2319deba49deb3ea3100a7d33d82bf3e354fc6b4d4f769e2bed4bcd678d866be0dbb8ab9ef7e4b772c329c96322d4845243007fef3ac20c3b8d72809724353c4633b0e4a96bf2cf5a74189011ed9aa3ef1f0e6b9d8252ad66a82f12ef4018f403353f420c5325cfd31ea84c1999ec153d0431b45a6f30dd4490a7fb1765c2b2b6717a0ba910ff9e5100059fdb0d1cc56b69d11baa9d9c06a844aec42f61a65505a17ebaa550d8d6d6dad2211ce23037c0f3a304db9cffdd25e571532d79e4b86bdc615b08673cb38ef8ab32d90b09185a70339e4585009f2c9b72fe6f27fb0edde3014b25c1ba74150be72458b878329d436a4d0121efda0e9b8d5635b8eb5a555f8b2214382bc79b463f9a285788d2000664f43441202f03e0bc93dd6a1de12445df2165321b7cc2b70742d5"}, {0xe0, 0x10d, 0x585, "f8d0d9990c59e0a7adea0ca7c40c3e938a2e796539c025ef51791badbeec16ed6d882407037367fe81016f28a0d7822e59b47249ecf10afbc33953bc727c6ace74c9eeb18de12034d2b23dca1004a0fe99577e326db99b5e3084a3216d0cd44d8fcab367ae010e2f0c919ab0ee845c9a5f37b8a64ba21c085a95bbcb09f37371c4b60336c569c6d6fb0dbcef9481225eedad27d8f043591bdf66bebcc5056f95ea9aaa7d4383f4c77d14228ccc2fb8914b714c2e846a734845074e16a7159f59fa874cd4effc5d2d70"}, {0xc0, 0x10d, 0x0, "de8da9619d32364903bd13d280e853ab3f4dba6f2a438fe7711a22876bdbe66ed5651a0e37d492badbd7563ca4f8fccf094232d94e689e79216a42cbb4d612606e7fdc5a80155f8e3c5c625ba7595dfe476a5e1094ef655a50cef6932046b417eb576fd34bd1770d548d235095e63add29c8aab59aba1d0a2e35a53332979d7204d0e2a0240c7549059d772196bd8cba78a16980089c76737ce124645f7c645756ce0f79cc8fe3481697"}], 0x1250, 0x1}, 0x10000}, {{&(0x7f0000001d00)=@ipx={0x4, 0xff, 0x100000000, "6a3d9a332428", 0xc281}, 0x80, &(0x7f0000001ec0)=[{&(0x7f00000042c0)="0dc50b0e71f7b770e9ad550f711ab1283411dd7dc0ad17a23425e92dee96e024ec82e7c176dcb88495e3a061090cddcd4a3edfb6f2c6a88a15baee0569056fead8fb6946ab8cf16b05b08158b4b0442e130d8c21f793d6f44cb9666634f98f07cfe7bf7b955d702f6d4dac80da70577887bdf898016dc26cb6ce0bfe6fb8412629829bfc84fee230ff4dcf5344d60f955d318a8a708b63953b313791387eecf4cf0c956526dab0c15e2e2abba12289550381fe9e040b31aacce4788f8b30b339564330014f0f23c67b9e91bbf92449346092ce92ed838468cabecc917b3bb8831f99c50c23fce83d9eb47ba598696a2c0809f71089790f31fa94ff6d2d6e344e9fd423c175f484dd9229c0eee96811d369e1139ad8255f6571f7dc62a10ccaa0ad91ac3db478536245502e43c2aa62ea1860f3ac787a127eed5cb99c6ec5fb714f6c9dcc631a9e99ce6ed5ce6c27c134ef479053e0560a35eff977fe6dd63c105ecc9ed79244c25a5fc001ab6d820f371c6f40b902e131602cca7a1c5ecb94b1e6ea83455dd317a0f9602fa831a60244e43d541ce5d7aa227ebabdf996d4bd81af80b9f66657fa39fa563f6e66cb38c8cb26493a5d22aaba04900779233f9babbf464db375166c9f2aa83ff9a4eabeef95b89fd75bad0e6b31daae25aa5f7e9a025725efd8a19b6fbf3a911863f2480c1142e95af35dda11064869165fb6739862ae3d29a727ec1402dd342379a2b73aeb16f5b97f01affd7ffca9c88a5fdc8db48e4672173d7cb5348171a8f18555e137600037dc0525fde227b043f17d350112b4207e0a1b93864888d7ea07ac602e967789131ed3f42dfb8cd39abdd284cffafb56014b97c6f4e24409e9191fff71223c495f85aae7f68049edf0424ea6fbb90430b796bb66c743cd2b83283c99def0c5a1760b065e2c5ae76598ada090db3f4d8300a9d642afd2001371aada03d18e3ba1b0893c4b46f261bc7368f5d208af8ba1de97cd521708b010e1e97bb82368b8df4e203782226d35a7afb2e611e87231b523d63dde0db9002df3fcbaf4dccb8de1967a3c37d7a0f6cbca964fe71819a7a70f34a41f383f30030b38e90b771a604c4135d9d1b9f97a6cbf532ddb0e7e1b1845c8a3c82a9b10b7a3ecd3943c1f832034f69ba647740013ece3a908747afc6d2333c443c4b15ecc49ac5ba93d0a09c4aaf81a4d8e1a47f604583bfa0003b939ff07a3b18656bb7abc03cea6eeb10d952e26aafd38ebbfa6abf6e4bfac02cf79fed8d80c2c47ae8cb09aa438bf5cacb0a831a8395323fc699a4923aee84a8e910590aaa02c9b30b6d1c06fd58022d0a16357b40c31a94afe8048e6eb619e2d1334f54b97ab06f40d2af5772cee78f044a4c0c92d7ee182cd6fad7d2c9e0eecfd3c2237d87c829cded955b52af525c64e9afa805f5cc776fac3c7ba3ba35c858348ed7475322ddf653196cf18b23e62e10532df5e23c946aa274bd394cbbd6714c158a178fb61397411a9111c71c71df373f2d60ff9044a3562036a6e96934572f9d6910b6581061876de2cb61ab7645660810ed6490c1b742cff20f40beb48326cd1e42f4f6b4f6a6fa61076e617f872b901b6a030830084041bdf5c5a7cf780ad6ca36031b95c6798304bc5f70d02065504fed6ef53f7f27d2dd0a54b737d2bbbc4c52f81dcfbe77047aa524460d4a1b0d884d79bb86ecb73a4453ecf7b78d2ecfa1da8ef76b33318a047570e9de88c99dfdc4118f4f4e44f799c73e6f2a8a7da5f2691714b0d05f6ab475c1c64af62094380643364e8358c7ae6906a42a8c7f7713c30325ddae8a49eca8bcadffe350c8439bb6793ea53cd2768d8c73ee04079d384f666d4da2894a203f7fd839cb634f9dbc4e63109e826f8bbfa8ea37d40cab0d1e4c8f9323e311cf747392475dced350d68ac5c4dd0afc6c644cfc15e748b05a046157a1027ad150b970e6c388a6846a39d28cad80fbe9c821ff4022f3e3b5cc9e13c403ba470d8af1b7bde9d2b764912ebd431cd484b4139bf40f37b253a1a48c2874e1f409fd9d70db054382723d611534ac9d3ff40ac42aa56fe9ad3a9538a0b2e57322bce424a33efdd11a7f997f75694ae1d5e29fc5ff45add16e66471eb0888c781a57ff3b15cd092a351d883997ab56db5a84f1a592fa6abf6b4f3b3e3ac00631ab9f5fb4f66b23be40b1eab7e6eda7c5b5b308a892c2af7f3332b581ce5c15ba0154945545650b7828400420103d7e9a249d612cea105e981d9d86cd158478310e23edb23b01f55f1183b4a102eac3ff3f506eb589ba3bea7bdc962ab40968bc27e667fde798332a364a66a63c40f5c25377281aad6557580fae30abf9fff613eeab9d0b9f4e611f5a231126bc2e687769da8db4646afc15097010854786cda4a432777f85376a44adca648f091cfa3c34c40bfcde3f9f887a5f8080561bf993342a6512228c14f7153d45ff4bb8f2fdb3747ad9fa5b0e75dbe149df72810f115b58f74c157025ce36ceb6248db5b80b9fed34f98fdcf4dbe5e169db31a57b05525eff96d9e907a4ca68d788b7f656f2f8e5d3a3a1ee22b0dd0063c546de58eaf74fb78e298c912838c12079a35d9b640f08ee6b93a49f85f5de427d4724ee5ef98f51d6eeb06b54c8b1c58d104bc30b89c5c246b8df3c71de889787b428b87279894d177227ba2f4b442031d12d481df90a6cf57a5b764721c372b61ca99ea85b9da7578a75af22cb5f3becea5d0094a64e274ca48976352bf5302f734bb18c6a8ba9f22806a259d3ecd0f7100d5b9abf909edbcc715d518d6e1478f050cdfca70614b57db4f3283efeb9ba52e2b97a8f2df2870172af18dacb09d4131fbcad34c10f6c91a834e13d4072788cc5add3a61f6c834014b7e821d863325cf297bc058d8aa5d48520874e13528f1fde32aaf96d232a4c39c2a4ef5fa1784b9d6989afed1a86e29fbf3d20768fe92e81b02ecd9705b6d3c75e0f9e8fefe0f23fc5a5bbfe3404289cded4a38e17da189e0048d3eb24f4d1597fc6a3f3f0005d168d6e9ae98ac8a1dc9d7d33b9408e655bfe7e258231efda21a6fd5200c5fe8df6e759628d5fa26a75d3ae8735f382e38b43b335bcba9177e91dccc0422c5161629e1ec883f0524e99e887b8d0a6430a373af0ecc94123bc63f12e267a07850088c97381278e86640fab939bf41450c9f6231173cf10c21ad51d02c66f9aa3aa590698262c2991d56292094bebf1b6027b972677c27573d79dcd3e514dd5c9ff5a7a42061d9ee1caba6955a296676c4f473edc70018a58d5741daad6de93a89b097176c56e7f55a65120d7d2355eed313e8b2cfe1ab704d1f1059b2e7a46027a2d931b77b4e32b27099594ce44a46d96ba3b6592e0f7c3d11d68b4b61d69598f839352a7c371feddd90e3a2f7b7ca7f6a40976447e9d2ca6c49d7a8da78e975cce36f5bded105b6c6b49dfbe727a794c295ae65250f8e356fa0bd98cd9b33aa7d1ea3d4287839951d33dd67e95cf3c9d346e27d49acaa9317b1bb71050685a7bb2a9b47a29d0c35b76834c6256bbd8a24896b27dfe1cf8d1ea46dd571eaa210a589e7eaf2b26ab37c9f7d862025c8500baedace64d68ce2b4ba7ce0e7c0b6501b3f7f1a211c4ad8a89e7a12b3244e5d74ae529e2a4f95b63281bf6c3b71f57cd1d43d5d294c7081dd89c5c998098f68b54840094c7f570c85579fba2dc19620ceddbcfee0d8758ad06d232dba0e2c2c817f1392ae448333fdee1c76d2176f1603e7640f32d86cc48f1a4a6c8189c7927b22e9cbfcafdbe28a08ded99c0f3c845602db9535ef57fcc6601bde10d80ad190ced048cb393e422ba6ae85fae637ca911cf16d48655117025ceaf5794b3cbc8a81abe18678c64e2c199d1da6e961c532a9309016f537c85cef85f7060decdb66a20df46bc09aae4f263e54d384539df8992094fdd90777eb588de035a919dbc4e1bc42b69bc9e844586c82a8e53cdf79ec9b620d6afa76803d3509ea4cf15ac4cb4e4baf34571017ba81e1b22b7456e90ce7641612b6d5b0ebbb7fad807d94de02ec7a4f356e1dd3adb52bc3424435f81ecba2cce59cae36a6eb5d7a4921bed9414539263715ee67a453380b16ae21d326a0756b9c602fda934845dc48dc6389f0ae6528d766c3066ac7b856bb137829938f3fb3f10a41f59886012f8be24f6d08d2bc41a53d760d201303837100adabc2854c97fdecafdc84f292d040bfa36d47761f7cc4a263ee8da84ccb0ee334f5c0ab2819a665a3df10bc95d57169cc06ca0e7879e9c0a31134975f6fef83b9bfd5feecc571766163ed22257c7a191533a7fe45a48c0e7717a8f05a7c685396f967b5e5bbef31e71c22c055de9baf0f265b6ae40fb8fd12273caf3b0f70f3ac855f13f1e8bb690f794c80a64c70b699e05534c646e6a0d47a1dc02c6a5090221dc6edde2db9e9eabd5134d5518c924fe3d3ec307859c85168b286d31e309a3cfe595c6655700fbd8ce1b6065d597322d026c4cac5015392b099ff84b7d2c5ad38c74ed8b19859434dcc335fc1e624c8c1699cdbbe0afe90999452b4c2c6acb12c2a07b295b7300ee4314ecd11b09e812cbf5433901b31ea9ef9fbc5aa3f56c38ad157a8f8e989327d39fa29d593a15f57de8ca7d7f589f0acbde959a411f5bfcee1604467d1e586042d12a8387ac113878f1ec92504b4a20811721c0bb344aa32241447abf5a411d4029e6aa5b825de17a4493b5d813e5d01ba3f663f4060e1b956eb81d946815a01ad33b648fc4b594f92547eb1836ab935b7a1542ba00dae3201ea31a04e5d8b2c07fef5d6832b5503da08a37af6a22d4329d3dcbb8d6b0c3c7f35fa9a73cf488f9ebc711f0f8b5e084ca40b9bac8127770ec26931d2b05d2fb88bdbdc7bd7047d6b18ad053466a3b024429e0d1fb52cf102f7f7a2051b1de68c0c69c15ab8353684f2ccfee38486f271632deaaaa698b2376a59e4bfd272a8cd35c0d0f14a0c7de63fd80e87a3e0b439377f805fad909c44f150e5e80ccbf2e61e3f99e1367e8832bf19e5876063c7a09ea2eaa547f3a61730961938276dd60ddcb5c712b39026fba3435ccb57b2f2a844910c4d59929e7d4e697989ed1b9ec2cc62e2c3251d6dbd4f14d7a80c67abc7ce656a99ea938e980ca3a6cbb50a2f4d7e19ef28e4cda657dd1dce44b5405631478ebdafc574341d627a5e291925bcb8bfc492abdebf50037fb1786a9d9167a76344b39785f7843fd9cbe113bc10be1b3d8dc705bcfa74f8b40fd9e86b91b3637fd1c27c5051223e9882fd965784699d026f57f60a727d25d849833555fff0d3bc84c289ac21e7bd5811fd982083df4ed8b89efa683379693ec7b258e2a3986c97fac12483faa67d6bf6aad335dba70211e817daa3fa5cd0a4b23609b0cd358fc2dc499871d013dae682df91388d8dcf5333591ab32b24f4e54246b7ba542c2a406dd0f9fc518922c04e82b38fe1834a513d7b9680d7cb99a623fc1ae844fa2a6aa4576bb3d1db5716f425cd67db480b0c36365020eec1a141441d68df3d9a4d17a41ea3cbeddf1973e8d113efe8656b79f28461c09977d2870833830831c905f41d45d108df79906abef2d94b56e853283c8b34f287a4b8f522c82d6d0ca3129aef1031bef1b1154de0afe7979d939d95201f1f087c5820346e0629eb5a5e72407d66fa244e9c510293d6ef42917e26ce57f792d23bbfa32e772188f629cf835a73652022e0413cd2709963b5115b2347747598280166bf2a702a1077e500eaa01f08cc0794fc54", 0x1000}, {&(0x7f00000052c0)="5226975a41f8843702cda85406a7e46664172afff0fd3edeffb266638e4dc9011829622162eb115e1a057938c8faced52693431bbbc9d19c28261d1cbcea8c0c09e5da2a186904858eea3c049a70fb7b86302f7ce6adf6db7e43c706f1375a7d44d5b54a7703dfb7d234f1e8835cd0b428c5e291a9fc8540def45f16c53c0091209ea7f49668d6e16bef769cc9a44266ff40f71eb6b993d675c88020b15c9ced7e389c5a222c8918f5ff64498e331b256528edcfda2c53cfe5943d99ba9b92981f4ea7131e36d32844b975511b037afd7480a939e16b81ef7d89577a986f108bde99b4440d112179211a96d9f64bac5805f46875dbf509f1c5e94a3fff4228068194e1830359f816133f84bad59d4b7d0c51176b17c5ba0ee324b465ac18a47c86e7f779d7a99c3846322ccfa1560022e3bbc1cfb95cac35e215abf6a4bea4a20a023b462da4e1ab3f2283eec16f2195bdd61b6aedf4b39df75efd17eb1c508db313bdfecf1907118fa967bceb337d11379902e08ae4d4d9b323bd14a9d1df83430a492ce2e6781bc1b5bff8bde9391a796499d15e3bc041953dcaceb3beca0fcddb88022aedefe3f764892161f57904cdbbd3ea72c74a2de3e3de7ebd77042f144d8d5848cdb0b5907e0b1020c3cf16a05018ad083b7ca531243305bbd9f55449ca68fd621ef6b6e1042e1070ba383df8ea3cc6defd22533713ccac26d6fb94efa387060afb1529f942426b736d4851f2dcf353c380bff33a61dbd6bc68743bbf9ecf3d396ebd4ce01fe3589424392d73afb77ad34b0ebc5a277368a211f063d8f517e5172dd2445de37c6a2115e9b519f00225e64dadaeb2d41fd7b6082673bc55315c62712cb66b9fb304becf82b4a5de12aefb0ef706c3f50df60ab535963b9aba64cb9c43efde2d5c860e78a70617862504f5b482a042dfd17ce249f64200548fb13b63c14f2cd141653fae39503ffc576fb020c96d26be6a7b59bb72bed983054aed517e1c61d5cb61da8d2c2cf4f6df3755ce0d8fa9ef95d04c2154efb54844ae16de1de895a8c0fdaafd3ff59440e81fb6f6f46b7f6225df6c0ca8b67695455ff2681518529c5d5bdf42fb60bddc7262325ecafabe37dcfd070606679f9af0118a97a804adafb3f6d93766e8bb69d8b1a8bb5d3ad6389a7cc7a4b018c627f4c48cf5c430d7f10069b44f69f558416bf2db211e972ea8227bac491c6b4afb73057edf63c0ed378ef575028633c4d3c148211d7f10da2004601c634c099c9c58ea5797463e39f0c5ae4d0ad71952fc6973c178d125048a240145b31ab10852cd53a8d660c2c3c5cd92eb03dfb3191cbe7ca6ef01b8ad29e82d828f3ced64fdfa2789b83158178e7a56afd7cdaa57dc64902ec12a32401fe97433b91070373d23c11dcde9cf4469e853ba863ccd544e19a3ead620b225607674bb740d0dd01d43130ca5d9eccf088486d5e6107672497fb7263d95f8fb311a1ad2e37110ae4a34bb2fe3135b79ca47fdc0d61ca7b8b748f84d073dd928e1b56ed0ce8bb0b324663acf9f723f3f04480a37ffe2a80203eed3c2ae48fc44a49d2740afe35898e04776eef04b18da701396e8f59a0e473d4f37853ed39e22c90d4b5ee93d46d29411fab7df695f2fbe7899845591c0b953172c366653a165ad5867bf3d6eaf0e69e280a193bc2f0881f545162e6834a20b78b3a055841396e39c849b12779c094a7821edd2a56c58612ea7fc0544e1cc77acf63581bef54d2484840be46d084412412f2d72b1095f9da6f7ecdabf27f75d421976a06d2bae15e6cb9db0c83c22e4ff5507ab254c8467c5b623f5c54d0a288df433d51300aa3a83dd4248a4eaf978936d08a459f7cec793f4a7ff1065078d8289893d72bd4a0f9a941e14c5d1effd665ed66af0d281e9de5f6c0fc420f09b441d30c40bf1a164e4b517e0b6583e4862e13bd7c69b98a1ff7c693b10a0340b427ad4b9eb0950b66d1b9cef5c3aa8374fdacf2e42814ed5c0e783c4d2f9b0aa45bab614194098c93a3f3d346d57e8ae18a321fb972b9266170cb62833c7f1795cbea2c02bebd82bfca28f329ab32f1511f7930416724b24d8128622453b70ca939a3e6ce2808c5dc14a0b490fe07d2461048d7cbff8e513d3d28fe3fdbf05ae8602a7fe97b594849eebab078cc87ac4b0eaf0d66231f07ba8d1ce7d64e159e160a6440863d3766c9448465fe32a4b055016ac652e2b8e249032b410f2fcc75d09c22f33d69916b73bc6aeb86f47a32a4fa056720cb7263362551a5ae21a2008a15035f71d1532f85d9ad4791d953e34af51c30ab0dafa25ebba9b275628a1beff881ed1d0c1cdb2bbd25fda4bbfeb69c6725ee71465d397b32ef1b99615f2f02f9ce10c086b62034490b50f74851e17e5145929545845e0d4723f20dd705bd681da516af7dbcf2f8d57bc9a81cca738ef4baeedd8055becc1e5972a41e1f17e4d973567a2383c597036fbc36818d082c54a79a8cc123e04f646a09c0ac9349451986ae11d25a53e7a9210fd930b29e82f2895642e9f368acab41a143c2ed4f278514074eaf9148dff43e445196d2cd1024e78ea75bb35a414914e8a40afa1f7fb86976b5b7c5013a99c172218370f088d3634e03d3636bcaf28a16ee066a4e543c540c49ebacc0cfeff05e29705fe1f5ea8fb5b44a17df7ae808f99c727becb28e226d60a5a157e032e0240124fa0342b082d78c89e8860a763d17040524d6ef24fafd1a45f746e2bd242b78b8513594f0607d1de89544162b0a07a2f6521623415d9641bf5bd2995eb52f5781cb9bdb8bdb218068f7cceacf692cc3bb6d7eab3c3049af628bcc9075ed4f464e91940581cc578e8f00dfc40f3fbcebd18c2153c7c5f93e864dc7944337b0ef4f2774c377293020db08bbc4b31bb43c4848586a6d1e8c04f06cb332c59e7b4c76b44e5e90b5557e7351eed9f86652a818a37bf6b40bb5b6a0118f6ef1fdb5d6bbdd402fc89025763408f23e5387f14e21ee5950b3535cb96d2bad5a85a302d375a2a55d0339ca3f58e3675decc7d69c4f0e65ec5a2b15f2fba0e1240f4e072c3122c0ee1d4485502987fa5b1b83ef53dd9adaaf75a3c0411df56c427561c41b7e37d9c0e49c2bc88cb92d7c3462c25d1ab8eb4aa84fe24e71082b2db362abd106d99d0b3f720893f161ba9e33113a81e19dab846d78e82dad34238a00cd1de8c261f9e5c11ab18ffcac070f8f8176a0a57da49dd3a29cde34af3518cf6027053db30a72a96a5b3ec2d45b1ec8453597f4fc8f92689dd8adddce0191307cb3c106cbd75d155bec1c6abf28d18c4832896b8ea917d1f73f78f238e8e239b4ace42510cfd09e5e8886ea9060f3d8fbbe5269f52259b676a207c097f09b6f53613200b0615bda09a636bcc5c8489c26e6c5b0b4da2a710a8869c0a1c35b8c31296d7f0c2e8ad3e8d261b645f22a48e7f2022650927947840a3d152ac2942c8da572c4ce13be02b3a793b489b05edc8c5fca75cc9c0624e0d607655d790d7c928c42acfcaec5da6e042c6650830336bd0f1e5ce38c2b3dace2ae454941fd7e67125f8bf4e05c1734f57216334ea9b727c1131d99511ee0ce250787338ec423ab0a2ef1db02a4fe40c0757388b56022d7032d5743e64bd04fac1a9a957db9c3e79cc75380d81b6d8a1e31a59aa8c10a6d406f3e7567038d5efb5ea8375faebecb8e812aff943ae43975be89d1fcf821f6907e7046748796878d1ed4a234b43b89eb0d79eeb89982e6977d008c5ca3b7139fb97a691ade6a661e96a360089de717736d8a0f136aefc6790bcbbf8bcbb1eed94210eb02d28689af828345b4f427feceadef76805b097d0a3e460769262c1ddbc7512e2ed7016f7d04cf51d44601ef6fc57d2b299f4fef203efadcab65d5432edb4102e908f0e050ffdd477492413de940411dc1a96fb2fd0c364fa46d716dbaeffa6694660fd77613677285c40b7b333f5ae76a35bb0c96b1b0a4bfc326f60814d7ed15aae4d09f418d9eb678d2deb819f6f45f15bdd8e3ad7c5523b0db0e797e64ff15358445b7cb65d914b98e185602d1286b382e4eeee7faaf36df20356c33fecf8d67ed7117ba6dceeacc5848fbce317ac92de1e1c64fe33fc0fcf97111d00a097121375b94654b022d9d106ae4968551b6202a56728955dc4184d61990defc3326f5621f4f7b34b491c5705ec2fe62d0bb91311f108a12e4398defe65138a301c036c1bb74cac646a2c8799d5fec87c279f8d0a79629da87aa706ce8a5208a47559aa9c858f0e0be2837970eb09de76f8dccf1c3520735df71bd7a33300f90e397193d69f0123708e3c0eb26d08fbe0e14a719a77b2a9d27d152405b45b90be6fd8f1691140c0f39b22c55b338a51186b2e008e90d059200a1ed25e1fd04fd831f8cc2a08728f6be42a217ed5df573555b2c7a79c7ddfeb472dbe14f2b639c22474bf64346662b89636a8a3a646e0ef1648bb8adf69b43232f1da36b66531217b6996d9e0c50e550e994e496386550d214debb558d4a0ff3c3280a50da131bec55438f15b51ab0a57af04064aabbce806e1b2ee7ddc94d31acb3bc00dd3344e7685228ce2de53c57a86507cae3db175bab531d5938855722ea59dc1946ca45a290e46eff4e4999d3259187e0462f2fadb2355122d414a06c89ea166040c188ea4214569145d55cfac3a9bc48e11f76113e909637a84619902f0feec6fe31addce5260686bc3a8c716dd331a020b2d425763d7e46d00ed8aa9f876f848e89b80a9fa3d069e8da5d16a2f31b0f223e12cf2c8f4fcfaccd789b2bc40fc2dd486c07bb6b03f08d2f5074788e57248e765af657f2588d05071adb4c9a50824f4c5b14ac595c57ff7439f99c01ec5b756d47612d7472413b78b61911b4935e149d647607a9247310f31314ad51305063bb3b871483826e0dafc9e774ab35bc98998b5bf85b8c36923b88380e050ca7df0eae0e055a43ff0e0114fd54a1d629aaedd4888cd2aea1ce838774b00ac4c0bfcc1c0bc2bb3ad178a425db57fbbb28cf325246931454909e08c94221fa48e96eb3a2447b8323672b68c98678b3801d7184114648005c1af27e8ccc58a89d3eb3760427d5b5cdacb096c236e1dacbe6c0aafa29b01005c737b0ccf0e23686102265f945c7917722711ea9ded41d365b1ec311a9e859f94fd1e3c66c6c06eae0528b5670aec5128f2b2a4721d6c8e99cdd8a6d48857e836c890430ccf7a24d993760d30e04a542596d8184dbe6b1e3d96072f056fdf014f97a2236f8bb29a1f15387f2cf928222ec411fa795f09e906bb3ffed82c31ad6d8d439393d41fed59a2aa79affd7b10982d1e55eb745b17072faf11664a762f8405ff3620e8239381e9efbcff96738383bebce775a9cba5b9ed3cbb8714f51d0efec394990dba86055e49dc2c051b1fc3269eb4a7605edfb161cb39b0aa6a441514c57c061fb808e73e888efcc99656994905991672634b1e408f918a50c34b51be64a69e7d879bb0205f048ac6f1142d9ebd82d46eaf8a6d6e1bb404b5a1e22ccf7ce097d788066176a84d4504a7e819185fb73e56c5addd921f0583b96a55bcec9a79ba50508690a4fb1bfd385f3b5537b51bed0446726cc22ff6b62b1d50f2b33baa827cef1c1160783321cd64dbfb1b6e2cd52bccafc8f49bf8fae2aa672b01ba184201447b32ee20ef645752ba7dbdfef0485c7a28124d685bc37593418f9070beeeab9320ce5e0426243d919a423b9060c73b325974cbc0361d7a29bab592f0ee324bbdd1acf5a1f52d", 0x1000}, {&(0x7f0000001d80)="fde9fb610ce4c016508ef7fe9bb1bedf89e6de213587b0295da14cac", 0x1c}, {&(0x7f00000062c0)="a935f6251551503d1aa2961bd116c9f4807381827ce5161eaf561b024f4eb5047063db00c25c1e383927a446836dbc0b3b1e0e2b51a5f4123e2159a840fcbce8d755e35b154822108add7ab8bdb2c60a689840012b7dc8e0999814f36282df164421c558bee8d7fc0ff39a549db7ff38bcafd1448529106da8759321c3532f428f78049ed897c44f54cdfd9292d1a76df9d81a57d5f396997bb4f1aa0303e734d259dda52d35ae8fdd480b94f578bb4089830d000ac0c28053bb885b983c0ec9b8d767a9bd7c5acad0b7d68d0995033ee031e55fffec7ad6516fad4aec30459c577fc68d694d3b34c38decf379215e7cb9a9417d8e362bd11ab9fa08a7fb17c1570ca73cca96909eb8590cb3b2f69035d2ae342c45fe75e4be0392531b68894d773f2f68f826b1bcd89d93d68a6343d3136f26709acf17a43d977081728989dbcf61bcc2d2b103d4c4a0ec9258ea6601fdec1a5f6234002af8c86608b487481da4b19dd9179de013fed928a67db3452b6803856cf73c6f73ad2f539fdf64a813665b6c5419f4d99adb1690472679f4126f5ff4e435b020cab0cb754bd7977890861137d1952bb843770ed4f62ebc6e3df0bef4575f7d86351f824326922dd7f796c03828ee0f0735ed16ea7f11c3595fbc6c12122c396c76dc312f09afd7fadf3afca012342bb9299f450ba645cfdbacc8583adecf6b91b666b1aedb57d17418f976a831c5eab154e4682156cb1c8e5850e77d662b7629b16d165d32d7f0872b780d3f94f48130cf598ac3c970959144020a301d9a43e38268cd3e88045ab05fd1fc6a887c7e902ef5cc8f6f1c24486964b640ddf85a622d3166ec98ac5e381036f41130b1b3721acd8ee3371e7e7bc99025341abf2ebb906a19dc78f433b7b68e440447c91574a89a5276d70c9b70e3317486bef90d0617bb34bed044e362cc6752bb092d57c0aaa82a8433fd9da2e128c712624f5e0b52dc8c0136790dd3b35eb617b23f37799529bad6e1dd916694a76805be52fe7dafaa8037aed24106e9d7c00aeaa9f189c043d9c3c2da5645f3b754547506cac434dd90ef0ea92c03ad05a6fe67147efa6fff7145a3541312fd9b0777b2f2876a05106cc3ba92dae6472fb8903ae28640f96843a367c8db2e685d5e6d3e806e58823f06d4b0fab532e9c4c897996ad677a60f54c0b8aa62d66a09127af8bfa850aae7efd4366a33e69f760cf20a7388f91a863e199f8f3d940abf6a21572f2797311e5fe1ffa0a8cbf309bf8e2c4070eb942dfef066dc3806ca25b5b49f17e0bab2400bd3e96096763f45ee375970fde1cbb7a8c616baabe460b882b11e3e2d82b8720e3338ba46ba4692c6a12a002f720a2b04327ee9bf393bb7e4230fefaeaa27c57c59b54586a5cdf013bc1eb22b9958c53ac75e27c7547548cba53f9acabc3a8cb9259a5a53e7cb05ee26eaa1bf0e3c43b1871dcb176af46cf9fd5ee49ab31af14398d8d12c0ba8bed42f65c2f9bd571bfbecd57eeb39a3b441cabc744efc1c2b974d533fc2ba6964fe70a16a3998f7c84aac1a7fd561fa42fea66704fc8dde58bd3018891f7bd0e1b1443fe270fc34120945a052f98c3687f3721e819c396731e470f19017680c18fffe15d960f6f1bbe228529531edcdfd39dd296f23f254616b87f4c08c98d7c78f3d301ea70faf7fcf7af00da900dbf586cc2fb4d22a1331a4417375f2bb1a54cab362d1b0484f47564652b7360f4a6cc7e06059bcc0dd24087d26b1a076c77fbb2cec24645745793b536650b56ad74277d2b62cb942558c830a0b418994bcc704d5d2965b74646410ed2338fc340f9317517548ad11ebc845e7002b9fcbc8ab84ac3c965e30dcd4c725766937c0b211c39382643fa867d752a9bf1785d51063be2c74adfd0f40f6ee5a28a984b672bdb874776c2f6e7587b8595647838367a04066bbe5ff6b8c509e61852c9c1c17d8596436c74d750ca1d6c3d77a3941bbef172e55a4c196a2abd54b38cdbe7fc56a853d7f8432e236f790922307c71bb29695d24800e7c902a92224315797f7a1ea4188fcd86e51f69f5406e524f44876e8e7913fb8aeedb1514b44d0b00afc7b857522e28a69e266ae2855e6fa8229180afbf321d04450eddb146e595fb86b9b7c335a43cddf1698514c25b4fcc7f4b0c579d042b30e85fafe529ac5b625e94d3e792214001813e7729849a869f343c7d6344252a5bab73df0fac3d1c064da82acce939beb4086f5582e7c6afd0f05b1c6cde246adfe976ea19fb1d1866bfa1edc09fdc73e6a379bfa1c89b47b9050bb61e4a215367b6bb2270ed6256eb177f0609e9f4b56991a5dd0e97632b13745daeb08bf263084a490078eab42c3b4dcf5fcbad4a2a3a1dec13af8288bfb8827e4c3db26a8b91c29ab81a4aa12f869c25db03dfdd7458dc622bfd93bae51d368d8522e816a6dd4a364ffe5f458deb02acf6a5a0612dcf2151e95c13cd4e71916157a848bfc42805a9d49d77aea17e8502751e8246344c398b25962092fe6f790332bba6479ebdd8f9668cc3c335dfda2ea3692a98515de21b69f3fc610b772403e17f2dcf3c548685a3db9ea00de793eb08eb6959b0e6597db456d217572362c5a3dd8bbb8ff4386ff31ac94cd2067e7472898830e00f05423f1acabf25b1b27c222b2db9422b3ce9cace73fc2b0afa0e3d3b35aebc2476633f70f0f01c4397923740dda35a98676ef24f55fe06a72e9569e7f8a2366d8eb7ce3b04dc2c799c53fb3292e829fb3e2d5b09420d10fb1fae59c375293d72892b163dafbf1957bd0629e16f8e3d7b01a17c0205f674a6dea4031b66448b7e2e1453ac3bc6f921f6b1ae798b0aad37394c0f3e0fa0a9367de819ab8030f2e25b6522edbfa82b2329ae6bd2430244b0ec541d47d9461c7dd987a74b3b63de73cd32eea6eb16027a6748bd1c7d16233028f7202e410761ab4eec5b33ad4665da7af1683939fe583089248ab82d866e05e5373f0b4c6802eddd2a88e981c899816dcd84c566091941518adc0f9db371c85eb53768b7162174568663c44c6dcad369a4134f58fa9b5f47776181505ffa57984572dbae0d0669fbb26f108a8c676307cce1da1605cef6f23b02381c53722fe468d1c9481d42dc2b7a149b1f06decd74fdcf139489c625f6c5bc93f4d890e42dab9bf390069a20d6c31003d614e7cf10eea003652109e8f48d548f0dd94cc5c73e8d4e60580246e1568d4bc3a544cb234ceb91b6bf692bb4ba25cc160bd2c57d037f7d8eef3ec74904b24bafc75b21130841b0f2be53430b5eba8f51e24128ba1d313dfc790115276dee6d8daae54492125343fb8f88f30c9694a3e3617e7b844f8eefe7eb7cdd430e430d0e51c297810acd6fae3ac78be10fd62f211076627ac44a4888abd8e37ff4e3f6a7ef0153e3c8a933c9c28d55883805818388b241591d8fa1ef66e23f3a4052dadb113653d55c9c44f30520692f9f9ffadc1a80afc2fae7bb26e80c4d6b64b48a78fc62877213839c786ddef5584d95325451320bb73fbc331fcf94b03433f0e232a10d07575d1c8cf3ac4a31c30e03edb720bd5f2e032df5f16bc8288e5e655d314436db8d9579921a8cd1ae9aec891033fda072e87e463daed7ba78ca1e8daaf5437e5bf083312f2ca836fbdd62e621c9dd326cc28f0a57a7775531e70e6a10d3ed507f3d1dc97d04f59b07c6c5d779683ae21e80a14062f494c606eb264214e4e643d9e0a73d4e98130ea68bbed0961f5312beeb9e5296b5bab89103885b0192ff9443a5696b356e9b16303c2d11611ccb2f3a5b13e6ea3b3b6ddc31e36ba2c7f9532d42c146c99037a76b53c4f8805139172b8b1457d8bd05e30d93b87921b3759bee6d57b04db430296dc83774424dfac4b13ca98c4aa299e2257bbc11e1a01f349bbfca7f153dab1eec37a5b551323d08a55cca38ca99fa1635e4322e9e7a2e83b51c1fed340bc052ca53809671b0a3741b445f5eb1bf6d68fd18bf77a81702bb1560b781eac7650db14e86a282838637abf79c86d125b6d91dbeed76bc36a19c534b62927f88a15049bf4b9d77ea20b327adba5c29d5173c7c5e4411ab2eacf6056b7c3307225db07ab110f25820b7bbc0dd6014bc2dd6da57ab3dfa705d6a7425b73d5f5545190db3ffce17bcf3e4185e50e6a757ae6fb03d9e1a8a9f1bf21fb14cae57e279c43e7a62d6875f144674d77cd1a13ea50d14ea7996c206d223d098365873f6137481d40d69e7aa4239d806a2b7a048e98d239952bc3e1c214f5eb889d5dd560d3fff7a5d813d957a52608da93f6c6e8c1fda492c9a8090727890edf1f90f3bcfba6335d5842d0aa8face56bff3cb041c081dce2f181b1f7e132ae63ed7fbc72f8e52b13abdf1cbf9491e62452cea91aa6c2531e54f68e533809d9f0904297a7d7fe8ac2bc2db3decf400ca56696883db50d9eea824a8cebc210c40bd274c76b6a6b5c768e7544598cf1fee83b1b9d1dedcd68a894ebbe7abaf03ac541e9f316464c2b7ca915fb45d8fc736b4c184f6ccaa4af4c269deeb9a4453556c2a53ac4d496776f37593f2c9fe1090529d015c774fdb2990b4eb6c356810558eaa104951b3a390a94a2ce159e4d2bc3688ef29b0cc15955c687b8aa9d67d8d601ded0ee40fcd5fc6642d4ae75089a9cc70c018917b0c215db924059ecd7fa34ef0090ca6338b3e1e251ae1d989a42bf259c1cc31b2b7f6fe4ea5e07034d93bbe70417f344565e605935a590a42c4679fcb12ae6111a3de7d5caf91eb2dd4de3cc442284cc9485ce7aa90ab223c25ea5931ceb37493b5dcde4a51455c70b91cea33ad64543e1b3d6f3ea65972303c40900bd90bd41f93de76d08f7b5843e48096059c7146ec8e15013bc14f7de34b0b48eaefc4f83d828195315d9665f9e312a947311da82ce40a406fd1c90c5d7c011fc84428c389b5c5cb0510b29fcff37c1c959423aa37ba8c3a930d1c23e138edc5a3664e102c0b5ecea3ca8a4bce1a99f995ee3432ce80055364156f6eb234de6407759b6e943d5b7a5103394cf701c658245349eccfe57ef7e508385c03a4ec84f03eae09bb2df4c4d02bfd05aa21da74765fe530b386c550d5e8e81a584b8be35ec93b0c67eec8a233af8ba8590b5e3d6d112fde508bf15fbae219e44bbb8e1d9932de38171264e7684b0323c32a17d3687d9e6dd7d98b510b450a302ac77910a547c97c61fc3a458a4e246cad167b189bd3088a36d0de8c68ac88b476b629bd80a746dd6c2e73547a20f4c01b72440f62556d34e0d9ae44706f3a9a66b4398c01db1c6e820b8c3ee92e9dea189e29286c4f0adf79412ead1f5aa971bfbe773dd667730070b243daf67ab8bb279d8d0c54e4cab2d2d3c5e02e58181a1304df6b8e9caade8db3426f325fbfb3b217a0f8b7b3c2d4d61b30d10e43dd375d9754636970ca89b7f98623e3414da06c693396a5398061bd5bc73ef1c175e1e866686363a010b15658e32ddc5082be97d5bba9d05dbd3ac9b7b52ccf8e96dc2202c7cf0d75b29aea81e9ba83c080e753ff0a8e1695d901b3452099f24a149cc7ef2c71a524af4125cec7c9f6ebc53f195675e952247c0ed24801cdafd348773104a6363b3a442a2e155e2b2bfa87a69944e2fe0fa8f40025b9062df5254330f5f5cb85de15d9f0eabda7f8a5b5cbab53839e7d29762f4a79cf7acad532a0ce26693e350168131a6357c7ff2c8ab2fd6630448cda57ae6f9e95c38f9c35f89c0622d667ec19dcf8355479073dc4ce01fd25ae169c9c34c7c287f3a240f", 0x1000}, {&(0x7f0000001dc0)="fb327694ce0874c9a9bd645e1b0e3ad3ad9b3e9f79d2af244442419310f753ed95a2ed6fce349bc7d0c2a6af98c0d43fc825ffe41a7e2df315bac57433bbf44f36639c31f6bbc41782522063008cb8dede86aec12576282806989ceb2cc1c949c4073fabcc4af942fa81a00b5ff5fcebea26392c19a6562d7eb2f9db2df061d8aa549c4b29d30d3fd9afa457d2b7ba1728f4213575b08a4b61f65191d35eec36227528c20dde11b229aa07e68f849065b1dd933f36c83a1ca761eb33daff5e672cc9443b4f2e29146b404f509099f5de4a18", 0xd2}], 0x5, &(0x7f00000072c0)=[{0x108, 0x0, 0xfffffffffffffff8, "9b38ffdd53411351a8e01ea3da08106040e4a3248cd594ecdd1d3a8e966685f34c636b1bff1a8fac6d35eb6ecd0dee574ab58eb83b847b0009db938f5909b32935bb2078a517aadabb4881f2a93f9ba9ccc565673bbc7962c9032fc48c311962048dbedde8aec86609273cadeb6f2ff715c946ef176e240926ca906305a0d301915325bc46cdcd11a7c169d7d10006c88fdcfe719243d265cfff6e71bc22bd148252705d732d24bbbbbcb08fbfe459d9de3364f1a226fd7fa9ba2c7b9c414079da44a4e5f9919e5f3269fc9f8d9ae2d42c26ca5791209df94604324a2c88d9510f5778f8e58a2bda970824005aef2ef0f4cf"}, {0x98, 0x10c, 0x6, "1b4d85170c0529ae7bd045c34006f496d002b235be87e968dfd7e28215ac3942fdf52f3c1fc09d9d0005e974a397b79cc5eaf3213a2b864a3db2620f364865e199c1f71ad1bdde99decebcb62235855b86580439898d3904ed1d20fda3c317817ab509c85c0cfa2ce428d98cfdb81094a2a0d91138355f6f28a6acfb458f896261bda13002f34840"}, {0x100, 0x29, 0x2, "7f13daa6ae2d92c436187df255e903fce7c853f35d31ca6e40c7de9a3691a51d097cf7fddca7515477f15a18d1768225c37bd9a91042cf95e85deb1402fcda907c28f91e5860f2660a6fb9c765cb06e8cb4f632b9833657523dc1ae0f4c7a43da92284c53b3691a4118be058594902ff2e4a51079b486cd68939914ff6fd39dfee043f2f35f94ae4f180cf0ea2fd4528a4609f6be0fd122becb5f4343e5740298d7ac0a1d09e30dd36ce24914af9a3d0a0e9518966f5ca868de18b23a289b532295aedf91bd6fa3b5f6ce256d653c86541acf7d4c28c17572f3072a683e1bb5b83c56a0941b01eb9b9bdc5691af39f"}, {0x80, 0x107, 0x3, "433659697a7bf72f6fabf97bb881007b5f3a20ebc9467288f8333c0f61cfa538dce0f2393bd6dbad3c837220b8c399062ab92aa89d6656324f23defb8a9b853a033f5864400e246d95f272ef725632e7040d6611df9260df31502a8b727d1d3933d8806088cea3d8e8d117f20797"}, {0xa8, 0x11f, 0x5, "04d136479c150ad8c1e388242f3aff3a0efc86b93b092379d5212e7e1a73dadf437590e002789e9cd3c28635cb92ab54a34b8aaf3a3970a16cb166cbcff94896156761a8bb996ef9fdc0cfda4558f255310a9dfddab82aa402b84167f222c951ca8023ade84b6d23ca17776b7ebe2b6cef3ab2451fdfc6dfb18abfe52aa6deb024a32e615d21b7b88a1e2b60f8e3e6de2dd052"}], 0x3c8, 0x40}, 0x2}], 0x3, 0x4040000) [ 374.395917] IPv6: NLM_F_CREATE should be set when creating new route [ 374.402470] IPv6: NLM_F_CREATE should be set when creating new route [ 374.466590] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:23 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000000), 0x100000d2}, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x2000, 0x0) ioctl$SCSI_IOCTL_GET_IDLUN(r1, 0x5382, &(0x7f0000000040)) 12:15:23 executing program 3 (fault-call:1 fault-nth:31): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:23 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050012a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:23 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7008fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:23 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xb2) 12:15:23 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 374.673499] IPv6: NLM_F_CREATE should be specified when creating new route [ 374.692795] FAULT_INJECTION: forcing a failure. [ 374.692795] name failslab, interval 1, probability 0, space 0, times 0 [ 374.705237] CPU: 1 PID: 19940 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 374.713767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.723130] Call Trace: [ 374.725720] dump_stack+0x244/0x3ab [ 374.729365] ? dump_stack_print_info.cold.2+0x52/0x52 [ 374.734582] should_fail.cold.4+0xa/0x17 [ 374.738642] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 374.743750] ? save_stack+0xa9/0xd0 [ 374.747393] ? save_stack+0x43/0xd0 [ 374.751027] ? kasan_kmalloc+0xc7/0xe0 [ 374.754909] ? __kmalloc+0x15b/0x760 [ 374.758615] ? pcpu_get_vm_areas+0x4e8/0x12c0 [ 374.763221] ? pcpu_create_chunk+0x40a/0xad0 [ 374.767637] ? pcpu_alloc+0x12fa/0x15d0 [ 374.771604] ? array_map_alloc+0x46c/0x5f0 [ 374.775831] ? map_create+0x3bd/0x1100 [ 374.779720] ? __x64_sys_bpf+0x303/0x510 [ 374.783785] ? do_syscall_64+0x1b9/0x820 [ 374.787837] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 374.793281] ? lock_release+0xa10/0xa10 [ 374.797248] ? perf_trace_sched_process_exec+0x860/0x860 [ 374.802755] ? fs_reclaim_acquire+0x20/0x20 [ 374.807071] ? lock_downgrade+0x900/0x900 [ 374.811224] ? perf_trace_sched_process_exec+0x860/0x860 [ 374.816671] ? trace_hardirqs_on+0xbd/0x310 [ 374.821005] __should_failslab+0x124/0x180 [ 374.825251] should_failslab+0x9/0x14 [ 374.829058] __kmalloc+0x2e0/0x760 [ 374.832596] ? pcpu_get_vm_areas+0x4ff/0x12c0 [ 374.837088] pcpu_get_vm_areas+0x4ff/0x12c0 [ 374.841407] ? perf_trace_sched_process_exec+0x860/0x860 [ 374.846866] ? vm_map_ram+0xf60/0xf60 [ 374.850668] ? __vmalloc+0x45/0x50 [ 374.854214] ? pcpu_mem_zalloc+0x8f/0xe0 [ 374.858286] pcpu_create_chunk+0x40a/0xad0 [ 374.862548] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 374.869474] ? trace_hardirqs_on+0xbd/0x310 [ 374.873877] ? kasan_check_read+0x11/0x20 [ 374.878024] ? pcpu_alloc+0x943/0x15d0 [ 374.881918] ? trace_hardirqs_off_caller+0x300/0x300 [ 374.887130] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 374.892145] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 374.897162] pcpu_alloc+0x12fa/0x15d0 [ 374.900970] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 374.905725] ? fs_reclaim_acquire+0x20/0x20 [ 374.910050] ? lock_downgrade+0x900/0x900 [ 374.914199] ? trace_hardirqs_on+0xbd/0x310 [ 374.918532] ? __kmalloc_node+0x3c/0x70 [ 374.922540] ? kasan_unpoison_shadow+0x35/0x50 [ 374.927124] ? kasan_kmalloc+0xc7/0xe0 [ 374.931014] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 374.936283] ? kasan_unpoison_shadow+0x35/0x50 [ 374.940863] ? perf_trace_sched_process_exec+0x860/0x860 [ 374.946316] __alloc_percpu_gfp+0x27/0x30 [ 374.950462] array_map_alloc+0x46c/0x5f0 [ 374.954528] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 374.959799] map_create+0x3bd/0x1100 [ 374.963515] ? bpf_map_new_fd+0x70/0x70 [ 374.967506] ? __might_fault+0x12b/0x1e0 [ 374.971592] ? lock_downgrade+0x900/0x900 [ 374.975755] ? lock_release+0xa10/0xa10 [ 374.979733] ? perf_trace_sched_process_exec+0x860/0x860 [ 374.985185] ? usercopy_warn+0x110/0x110 [ 374.989267] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 374.994820] __x64_sys_bpf+0x303/0x510 [ 374.998714] ? bpf_prog_get+0x20/0x20 [ 375.002554] do_syscall_64+0x1b9/0x820 [ 375.006449] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 375.011806] ? syscall_return_slowpath+0x5e0/0x5e0 [ 375.016738] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.021587] ? trace_hardirqs_on_caller+0x310/0x310 [ 375.026608] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 375.031620] ? prepare_exit_to_usermode+0x291/0x3b0 [ 375.036649] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.041606] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 375.046788] RIP: 0033:0x457519 [ 375.049981] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 12:15:24 executing program 5: r0 = syz_open_dev$dspn(&(0x7f00000003c0)='/dev/dsp#\x00', 0x9, 0x280800) ioctl$RTC_ALM_READ(r0, 0x80247008, &(0x7f0000000400)) r1 = syz_open_dev$usb(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x1, 0x100) getpeername$packet(0xffffffffffffff9c, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000340)=0x14) bind$bt_hci(r1, &(0x7f0000000380)={0x1f, r2, 0x3}, 0xc) sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="240000000b0607041dfffd946fa2830020200a0009000300001d8568180000000400ff7e4a8bcb8ba13cc47524d205e5c09790787a858043dd576413ae69010af62c4e1813972f9c3dbd3134720a95236ce89bbc37e4b3f5fe1b4dd67a6640e9b32f5745ce7f87672226b1cdfff720787f666aa302ddae4b8e352b07058aeca7a148ba01049c6e284711d6758ec4c8de6b9becf3d8f1099207f7709cec6dae424b50314fe59196c82bb7e34c7bd05658a52ee784761ff06d2b4b61b5c8d6bbe7f2c7bfac56c48858736fb4c7eeae6d6b0e5c750f2b838f3e131483988d548dc03b1a6c", 0xe3}], 0x4357}, 0x0) setxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.redirect\x00', &(0x7f0000000080)='./file0\x00', 0x8, 0x2) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000200)={0x0, 0x8}, &(0x7f0000000240)=0x8) setsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000280)=@assoc_value={r3, 0x1}, 0x8) [ 375.068969] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 375.076697] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 375.083967] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 375.091232] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 375.098520] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 375.105794] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:24 executing program 5: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x101040, 0x0) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000040)={0x0, 0x4}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000000c0)=@assoc_id=r1, 0x4) r2 = socket$inet(0x10, 0x3, 0xc) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 375.122519] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 375.129123] IPv6: NLM_F_CREATE should be set when creating new route [ 375.135640] IPv6: NLM_F_CREATE should be set when creating new route [ 375.142193] IPv6: NLM_F_CREATE should be set when creating new route 12:15:24 executing program 3 (fault-call:1 fault-nth:32): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:24 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000000000)={0x0, 0xffffffffffffff74, &(0x7f0000000040)=[{&(0x7f0000000080)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1, 0x0, 0x0, 0x4}, 0x1) r1 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x3, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000100)={0xffffffffffffffff}, 0x2, 0x100b}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f0000000180)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e24, 0xde66, @local, 0xffffffffffff7fff}, r2}}, 0x30) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f00000001c0)=0x7fff, 0x4) 12:15:24 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005003fa84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 375.166833] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 375.213582] FAULT_INJECTION: forcing a failure. [ 375.213582] name failslab, interval 1, probability 0, space 0, times 0 [ 375.229001] CPU: 1 PID: 19956 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 375.237545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 375.246912] Call Trace: [ 375.246941] dump_stack+0x244/0x3ab [ 375.246975] ? dump_stack_print_info.cold.2+0x52/0x52 [ 375.258358] should_fail.cold.4+0xa/0x17 [ 375.262426] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 375.267530] ? save_stack+0xa9/0xd0 [ 375.271154] ? save_stack+0x43/0xd0 [ 375.274775] ? kasan_kmalloc+0xc7/0xe0 [ 375.278658] ? __kmalloc+0x15b/0x760 [ 375.282385] ? pcpu_get_vm_areas+0x4ff/0x12c0 [ 375.286878] ? pcpu_create_chunk+0x40a/0xad0 [ 375.291292] ? pcpu_alloc+0x12fa/0x15d0 [ 375.295373] ? __alloc_percpu_gfp+0x27/0x30 [ 375.299692] ? map_create+0x3bd/0x1100 [ 375.303572] ? __x64_sys_bpf+0x303/0x510 [ 375.307630] ? do_syscall_64+0x1b9/0x820 [ 375.311702] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 375.317060] ? lock_release+0xa10/0xa10 [ 375.321032] ? perf_trace_sched_process_exec+0x860/0x860 [ 375.326513] ? fs_reclaim_acquire+0x20/0x20 [ 375.330842] ? lock_downgrade+0x900/0x900 [ 375.334999] ? perf_trace_sched_process_exec+0x860/0x860 [ 375.340446] ? trace_hardirqs_on+0xbd/0x310 [ 375.344782] ? pcpu_get_vm_areas+0x4ff/0x12c0 [ 375.349368] __should_failslab+0x124/0x180 [ 375.353602] should_failslab+0x9/0x14 [ 375.357402] kmem_cache_alloc_trace+0x2d7/0x750 [ 375.362075] ? pcpu_get_vm_areas+0x4ff/0x12c0 [ 375.366576] pcpu_get_vm_areas+0x5a9/0x12c0 [ 375.370895] ? perf_trace_sched_process_exec+0x860/0x860 [ 375.376359] ? vm_map_ram+0xf60/0xf60 [ 375.380164] ? __vmalloc+0x45/0x50 [ 375.383701] ? pcpu_mem_zalloc+0x8f/0xe0 [ 375.387766] pcpu_create_chunk+0x40a/0xad0 [ 375.392004] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 375.398942] ? trace_hardirqs_on+0xbd/0x310 [ 375.403276] ? kasan_check_read+0x11/0x20 [ 375.407423] ? pcpu_alloc+0x943/0x15d0 [ 375.411395] ? trace_hardirqs_off_caller+0x300/0x300 [ 375.416496] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 375.421510] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 375.426535] pcpu_alloc+0x12fa/0x15d0 [ 375.430346] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 375.435106] ? fs_reclaim_acquire+0x20/0x20 [ 375.439432] ? lock_downgrade+0x900/0x900 [ 375.443590] ? trace_hardirqs_on+0xbd/0x310 [ 375.447911] ? __kmalloc_node+0x3c/0x70 [ 375.451893] ? kasan_unpoison_shadow+0x35/0x50 [ 375.456476] ? kasan_kmalloc+0xc7/0xe0 [ 375.460371] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 375.465748] ? kasan_unpoison_shadow+0x35/0x50 [ 375.470328] ? perf_trace_sched_process_exec+0x860/0x860 [ 375.475783] __alloc_percpu_gfp+0x27/0x30 [ 375.479941] array_map_alloc+0x46c/0x5f0 [ 375.484018] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 375.489292] map_create+0x3bd/0x1100 [ 375.493007] ? bpf_map_new_fd+0x70/0x70 [ 375.496988] ? __might_fault+0x12b/0x1e0 [ 375.501068] ? lock_downgrade+0x900/0x900 [ 375.505214] ? lock_release+0xa10/0xa10 [ 375.509180] ? perf_trace_sched_process_exec+0x860/0x860 [ 375.514713] ? usercopy_warn+0x110/0x110 [ 375.518802] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 375.524369] __x64_sys_bpf+0x303/0x510 [ 375.528262] ? bpf_prog_get+0x20/0x20 [ 375.532082] do_syscall_64+0x1b9/0x820 [ 375.535975] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 375.541424] ? syscall_return_slowpath+0x5e0/0x5e0 [ 375.546352] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.551193] ? trace_hardirqs_on_caller+0x310/0x310 [ 375.556208] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 375.561246] ? prepare_exit_to_usermode+0x291/0x3b0 [ 375.566267] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.571116] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 375.576296] RIP: 0033:0x457519 [ 375.579496] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 375.598391] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 375.606114] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:24 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7009fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 375.613392] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 375.620662] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 375.627944] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 375.635204] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:24 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 375.659951] IPv6: NLM_F_CREATE should be specified when creating new route 12:15:24 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x310) 12:15:24 executing program 5: r0 = socket$inet(0x10, 0x8, 0x1101) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:15:24 executing program 3 (fault-call:1 fault-nth:33): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 375.724667] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 375.731363] IPv6: NLM_F_CREATE should be set when creating new route [ 375.737880] IPv6: NLM_F_CREATE should be set when creating new route [ 375.744480] IPv6: NLM_F_CREATE should be set when creating new route [ 375.767372] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:24 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a600580fea84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:24 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7002fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:24 executing program 5: shmget(0x2, 0x1000, 0x20, &(0x7f0000ffc000/0x1000)=nil) r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 375.808369] FAULT_INJECTION: forcing a failure. [ 375.808369] name failslab, interval 1, probability 0, space 0, times 0 [ 375.871326] CPU: 1 PID: 19981 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 375.879882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 375.889269] Call Trace: [ 375.891886] dump_stack+0x244/0x3ab [ 375.895572] ? dump_stack_print_info.cold.2+0x52/0x52 [ 375.900813] should_fail.cold.4+0xa/0x17 [ 375.904917] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 375.910047] ? save_stack+0xa9/0xd0 [ 375.913715] ? save_stack+0x43/0xd0 [ 375.917353] ? kasan_kmalloc+0xc7/0xe0 [ 375.921260] ? kmem_cache_alloc_trace+0x152/0x750 [ 375.926139] ? pcpu_get_vm_areas+0x5a9/0x12c0 [ 375.930655] ? pcpu_create_chunk+0x40a/0xad0 [ 375.935085] ? pcpu_alloc+0x12fa/0x15d0 [ 375.939094] ? array_map_alloc+0x46c/0x5f0 [ 375.943352] ? map_create+0x3bd/0x1100 [ 375.947256] ? __x64_sys_bpf+0x303/0x510 [ 375.951331] ? do_syscall_64+0x1b9/0x820 [ 375.955450] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 375.960849] ? perf_trace_sched_process_exec+0x860/0x860 [ 375.960897] ? fs_reclaim_acquire+0x20/0x20 12:15:24 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x24000, 0x4) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000040)="f03c015fc597ebf1258c09da6cdffdf8acfdaf3d8b6a8ab071ff3acacf867e1c6716d8ebacb4a386ea2c00f8683b799b0fe1a1b41b0aeb3fad01e10edbca47c5460e5c8c4ab7b564522a71202975e9877f002e826c1848f4084ef86afea4621bd7fffe21e5ea068c6b049c87f58978095bfec444d282224a13f5ff0f1f43618d3ff118f31310216b5d1538e84838942f58692f7f95011bf52784be617fbee5e9edf5f21489bbc850094f8c590512e757ebf345bf504cfd", 0xb7) r1 = socket$inet(0x10, 0x3, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:15:24 executing program 5: r0 = dup(0xffffffffffffffff) r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000001c0)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8040014}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r1, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xdc7}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x34}, 0x1, 0x0, 0x0, 0x8080}, 0x1) r2 = socket$inet(0x10, 0xb, 0xe) r3 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xff, 0x40) r4 = accept4$llc(r3, &(0x7f00000000c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000100)=0x10, 0x800) ioctl$EVIOCGNAME(r4, 0x80404506, &(0x7f00000002c0)=""/16) getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f0000000040)=0x7ff, &(0x7f0000000080)=0x4) sendmsg(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1, 0x0, 0x0, 0x20000000}, 0x0) 12:15:24 executing program 5: r0 = socket$inet(0x10, 0x3, 0xd) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 375.960915] ? lock_downgrade+0x900/0x900 [ 375.960941] ? perf_trace_sched_process_exec+0x860/0x860 [ 375.970787] ? trace_hardirqs_on+0xbd/0x310 [ 375.970807] ? pcpu_get_vm_areas+0x4ff/0x12c0 [ 375.970837] __should_failslab+0x124/0x180 [ 375.970854] should_failslab+0x9/0x14 [ 375.970874] kmem_cache_alloc_trace+0x2d7/0x750 [ 376.002254] ? pcpu_get_vm_areas+0x4ff/0x12c0 [ 376.006789] pcpu_get_vm_areas+0x5e8/0x12c0 [ 376.011143] ? perf_trace_sched_process_exec+0x860/0x860 [ 376.016674] ? vm_map_ram+0xf60/0xf60 12:15:25 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040), 0x7c}, 0x0) userfaultfd(0x800) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000080)={0x6, 0x4, 0x100000002, 0x91}, 0xfffffffffffffecd) [ 376.020525] ? __vmalloc+0x45/0x50 [ 376.024089] ? pcpu_mem_zalloc+0x8f/0xe0 [ 376.028179] pcpu_create_chunk+0x40a/0xad0 [ 376.032450] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 376.039411] ? trace_hardirqs_on+0xbd/0x310 [ 376.043748] ? kasan_check_read+0x11/0x20 [ 376.047917] ? pcpu_alloc+0x943/0x15d0 [ 376.051818] ? trace_hardirqs_off_caller+0x300/0x300 [ 376.056937] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 376.056954] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 376.056985] pcpu_alloc+0x12fa/0x15d0 [ 376.070819] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 376.070839] ? fs_reclaim_acquire+0x20/0x20 [ 376.070863] ? lock_downgrade+0x900/0x900 [ 376.084111] ? trace_hardirqs_on+0xbd/0x310 [ 376.088466] ? __kmalloc_node+0x3c/0x70 [ 376.092595] ? kasan_unpoison_shadow+0x35/0x50 [ 376.097218] ? kasan_kmalloc+0xc7/0xe0 [ 376.101148] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 376.106448] ? kasan_unpoison_shadow+0x35/0x50 [ 376.111059] ? perf_trace_sched_process_exec+0x860/0x860 [ 376.116545] __alloc_percpu_gfp+0x27/0x30 12:15:25 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 376.120721] array_map_alloc+0x46c/0x5f0 [ 376.124827] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 376.130131] map_create+0x3bd/0x1100 [ 376.133887] ? bpf_map_new_fd+0x70/0x70 [ 376.137895] ? __might_fault+0x12b/0x1e0 [ 376.141982] ? lock_downgrade+0x900/0x900 [ 376.146159] ? lock_release+0xa10/0xa10 [ 376.150155] ? perf_trace_sched_process_exec+0x860/0x860 [ 376.155635] ? usercopy_warn+0x110/0x110 [ 376.159746] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 376.165314] __x64_sys_bpf+0x303/0x510 [ 376.169232] ? bpf_prog_get+0x20/0x20 [ 376.173086] do_syscall_64+0x1b9/0x820 [ 376.176999] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 376.182395] ? syscall_return_slowpath+0x5e0/0x5e0 [ 376.187361] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.192246] ? trace_hardirqs_on_caller+0x310/0x310 [ 376.197308] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 376.202446] ? prepare_exit_to_usermode+0x291/0x3b0 [ 376.207495] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.212403] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 376.217612] RIP: 0033:0x457519 [ 376.220824] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 376.239866] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 376.247610] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 376.254911] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 376.262298] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 376.269594] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 376.276897] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 376.293707] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 376.301265] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:25 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7012fe01b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:25 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) recvfrom$inet(r0, &(0x7f0000000000)=""/248, 0xf8, 0x40000002, 0x0, 0x0) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:15:25 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x1d9) 12:15:25 executing program 3 (fault-call:1 fault-nth:34): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:25 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r3 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r3, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:25 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050011a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 376.704828] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 376.718196] FAULT_INJECTION: forcing a failure. [ 376.718196] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 376.733688] IPv6: NLM_F_CREATE should be specified when creating new route [ 376.743987] CPU: 1 PID: 20018 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 376.752549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 376.761909] Call Trace: [ 376.764502] dump_stack+0x244/0x3ab [ 376.768133] ? dump_stack_print_info.cold.2+0x52/0x52 [ 376.773320] ? perf_trace_lock_acquire+0x501/0x800 [ 376.778269] should_fail.cold.4+0xa/0x17 [ 376.782335] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 376.787450] ? check_preemption_disabled+0x48/0x200 [ 376.792484] ? memset+0x31/0x40 [ 376.795786] ? perf_trace_run_bpf_submit+0x267/0x330 [ 376.800900] ? perf_trace_lock_acquire+0x501/0x800 [ 376.805843] ? mark_held_locks+0x130/0x130 [ 376.810087] ? perf_tp_event+0xc20/0xc20 [ 376.814145] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 376.819691] ? fs_reclaim_acquire+0x20/0x20 [ 376.824018] ? lock_downgrade+0x900/0x900 [ 376.828176] ? lock_release+0xa10/0xa10 [ 376.832159] ? perf_trace_sched_process_exec+0x860/0x860 [ 376.837612] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 376.842198] ? __might_sleep+0x95/0x190 [ 376.846180] __alloc_pages_nodemask+0x34b/0xdd0 [ 376.850866] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 376.856406] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 376.861436] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 376.866456] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 376.871041] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 376.876583] ? pcpu_alloc+0x4f4/0x15d0 [ 376.880470] ? lock_downgrade+0x900/0x900 [ 376.884617] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 376.890152] ? find_next_bit+0x104/0x130 [ 376.894232] pcpu_populate_chunk+0xf9/0x910 [ 376.898552] ? find_next_bit+0x104/0x130 [ 376.902627] pcpu_alloc+0xe14/0x15d0 [ 376.906361] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 376.911119] ? fs_reclaim_acquire+0x20/0x20 [ 376.915451] ? lock_downgrade+0x900/0x900 [ 376.919616] ? trace_hardirqs_on+0xbd/0x310 [ 376.923942] ? __kmalloc_node+0x3c/0x70 [ 376.927926] ? kasan_unpoison_shadow+0x35/0x50 [ 376.932505] ? kasan_kmalloc+0xc7/0xe0 [ 376.936420] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 376.941696] ? kasan_unpoison_shadow+0x35/0x50 [ 376.946294] ? perf_trace_sched_process_exec+0x860/0x860 [ 376.951755] __alloc_percpu_gfp+0x27/0x30 [ 376.955903] array_map_alloc+0x46c/0x5f0 [ 376.959968] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 376.965255] map_create+0x3bd/0x1100 [ 376.968970] ? bpf_map_new_fd+0x70/0x70 [ 376.972949] ? __might_fault+0x12b/0x1e0 [ 376.977025] ? lock_downgrade+0x900/0x900 [ 376.981184] ? lock_release+0xa10/0xa10 [ 376.985150] ? perf_trace_sched_process_exec+0x860/0x860 [ 376.990598] ? usercopy_warn+0x110/0x110 [ 376.994686] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 377.000228] __x64_sys_bpf+0x303/0x510 [ 377.004115] ? bpf_prog_get+0x20/0x20 [ 377.007932] do_syscall_64+0x1b9/0x820 [ 377.011831] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 377.017227] ? syscall_return_slowpath+0x5e0/0x5e0 [ 377.022159] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.027106] ? trace_hardirqs_on_caller+0x310/0x310 [ 377.032123] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 377.037138] ? prepare_exit_to_usermode+0x291/0x3b0 [ 377.042171] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.047019] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.052203] RIP: 0033:0x457519 [ 377.055394] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 377.074291] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 377.082122] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 377.089387] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 377.096658] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 12:15:26 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe02b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 377.103924] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 377.111187] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 377.121041] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 377.127800] IPv6: NLM_F_CREATE should be set when creating new route [ 377.134372] IPv6: NLM_F_CREATE should be set when creating new route [ 377.140919] IPv6: NLM_F_CREATE should be set when creating new route 12:15:26 executing program 3 (fault-call:1 fault-nth:35): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:26 executing program 5: socketpair(0x1, 0xf, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f0000000040)={'IDLETIMER\x00'}, &(0x7f0000000280)=0x1e) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e20, 0x0, @empty, 0x3f}}}, &(0x7f0000000180)=0x84) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f00000001c0)={r2, @in6={{0xa, 0x4e20, 0x7fffffff, @empty, 0xfffffffffffffbff}}, 0x3, 0xc4}, 0x90) r3 = socket$inet(0x10, 0x3, 0xc) sendmsg(r3, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 377.169527] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:26 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005fc00a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:26 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x400280, 0x0) write$FUSE_NOTIFY_DELETE(r1, &(0x7f0000000040)={0x3a, 0x6, 0x0, {0x4, 0x3, 0x11, 0x0, 'securityvboxnet1@'}}, 0x3a) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) setsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000140)={r2, @multicast1, @multicast2}, 0xc) getsockopt$inet_sctp_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:15:26 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe48b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 377.222093] FAULT_INJECTION: forcing a failure. [ 377.222093] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 377.311626] CPU: 0 PID: 20039 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 377.320274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.329654] Call Trace: [ 377.332285] dump_stack+0x244/0x3ab [ 377.335952] ? dump_stack_print_info.cold.2+0x52/0x52 [ 377.341174] ? perf_trace_lock_acquire+0x501/0x800 [ 377.346150] should_fail.cold.4+0xa/0x17 [ 377.350243] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 377.355378] ? check_preemption_disabled+0x48/0x200 [ 377.360424] ? memset+0x31/0x40 [ 377.363750] ? perf_trace_run_bpf_submit+0x267/0x330 [ 377.368891] ? perf_trace_lock_acquire+0x501/0x800 [ 377.373957] ? mark_held_locks+0x130/0x130 [ 377.378226] ? perf_tp_event+0xc20/0xc20 [ 377.382311] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.387889] ? fs_reclaim_acquire+0x20/0x20 [ 377.392242] ? lock_downgrade+0x900/0x900 [ 377.396421] ? lock_release+0xa10/0xa10 [ 377.400421] ? perf_trace_sched_process_exec+0x860/0x860 [ 377.405903] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 377.410629] ? __might_sleep+0x95/0x190 [ 377.414633] __alloc_pages_nodemask+0x34b/0xdd0 [ 377.419330] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.424902] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 377.429948] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 377.434996] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 377.439607] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 377.445177] ? pcpu_alloc+0x4f4/0x15d0 [ 377.449090] ? lock_downgrade+0x900/0x900 [ 377.453286] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 377.458847] ? find_next_bit+0x104/0x130 [ 377.462946] pcpu_populate_chunk+0xf9/0x910 [ 377.467286] ? find_next_bit+0x104/0x130 [ 377.471394] pcpu_alloc+0xe14/0x15d0 [ 377.475149] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 377.480387] ? fs_reclaim_acquire+0x20/0x20 [ 377.484737] ? lock_downgrade+0x900/0x900 [ 377.488936] ? trace_hardirqs_on+0xbd/0x310 [ 377.493278] ? __kmalloc_node+0x3c/0x70 [ 377.497277] ? kasan_unpoison_shadow+0x35/0x50 [ 377.501878] ? kasan_kmalloc+0xc7/0xe0 [ 377.505806] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 377.511124] ? kasan_unpoison_shadow+0x35/0x50 [ 377.515734] ? perf_trace_sched_process_exec+0x860/0x860 [ 377.521231] __alloc_percpu_gfp+0x27/0x30 [ 377.525404] array_map_alloc+0x46c/0x5f0 [ 377.529495] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 377.534796] map_create+0x3bd/0x1100 [ 377.538549] ? bpf_map_new_fd+0x70/0x70 [ 377.542553] ? __might_fault+0x12b/0x1e0 [ 377.546633] ? lock_downgrade+0x900/0x900 [ 377.550805] ? lock_release+0xa10/0xa10 [ 377.554803] ? perf_trace_sched_process_exec+0x860/0x860 [ 377.560279] ? usercopy_warn+0x110/0x110 [ 377.564390] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 377.569962] __x64_sys_bpf+0x303/0x510 [ 377.573870] ? bpf_prog_get+0x20/0x20 [ 377.577728] do_syscall_64+0x1b9/0x820 [ 377.581649] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 377.587048] ? syscall_return_slowpath+0x5e0/0x5e0 [ 377.592000] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.596866] ? trace_hardirqs_on_caller+0x310/0x310 [ 377.601913] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 377.606955] ? prepare_exit_to_usermode+0x291/0x3b0 [ 377.612001] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.616881] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.622086] RIP: 0033:0x457519 [ 377.625298] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 377.644236] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 377.651979] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:26 executing program 5: r0 = socket$inet(0x10, 0x2, 0xc) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0xc) fstat(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setregid(r1, r2) setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000000)=0x5f4, 0x4) 12:15:26 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x12e) 12:15:26 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1, 0x0, 0xfffffffffffffef6}, 0x0) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x3ff, 0x400000) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r1, 0x111, 0x3, 0x0, 0x4) timerfd_create(0x7, 0x80000) [ 377.659260] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 377.659271] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 377.659280] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 377.659291] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:26 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000000380)={&(0x7f0000000000)=@in6={0xa, 0x4e23, 0xfff, @loopback, 0x7fffffff}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000080)="44aa39e715f79d08839e668f359ba1ff21030871ecc169298f636a8176f6a99d5286a73150b505e541a1e00bf0074cfc91e4aa845e7699eb3178f30d4b46531ea3f277caafebc0e7333b04cb61e2c3fdd4c969494412a8c18ad6c1276b3e4909e57d18a02d562c19c22a65aea9d172ab30e3ccaa7e4cd9cd1364141f2731c42daa2f11a81ab7ea9d8d98a249fedd2358", 0x90}, {&(0x7f0000000140)="593c90f0d362b8905f77c39d24a24450464e45500326d09da8eb16ffdb1d064123e257dacf593a318537b05105fa4576c742d855d0b8b45aef0da87dbcf2a9dc4d2af9c80c0ec5766f48ff1e1db4a9eb33ad0943afe80b78af4198251b7a2549c51a590ec074", 0x66}], 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="f00000000000000001010000070000000adb05b959c42b6c769e466c2d9a400c5cf6330f86bbbc2eff8cee926914e3c3ef6326a0f5f3e41397687ee25137b49508a7284dc7c63a261cc04cebf942a6186fece1271557e3f9575ea44ae7eb5cc03a3db8ae14e3b17f9252a11d1a3e92d0631b79aa2629f6384ffda8532416174e7b9927bc1a068ce662b09ce10b5dcef394d5ec6c4487e4d6369ba9ff2c568c7f15d4c5bbe9d771bb27222dfd73a7e1513df35ce7f7403fcda381ca329e735ce2c253005c73c08d1147556f32e872a27005c3941c1d52bea8645b7de7df590fe5e34c1130cf7c0bfcd4ffa813b1f9410070000000000000000000000001000000f4a74f558609e134d7a10845159141544fa4874d5a33c23ea20117bdc00c6e1ed8130a2d5cabe3c10b987f60aa8ab9cbc1360000ce634b698392422039d562fad95f26f92a6745f52585bce5bc42906aae33c34e8bea125babeeb2e63ca4d000"], 0x160, 0x10}, 0x0) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0xffffffffffffffad, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24d}], 0x1}, 0x0) [ 377.778698] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 377.789128] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:26 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:26 executing program 3 (fault-call:1 fault-nth:36): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:26 executing program 5: r0 = socket$inet(0x10, 0x9, 0x1) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7fff, 0x10400) setsockopt$inet6_int(r1, 0x29, 0x77, &(0x7f0000000040)=0x1, 0x4) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:15:26 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050e00a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:26 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe21b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 377.886730] FAULT_INJECTION: forcing a failure. [ 377.886730] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 377.917536] CPU: 0 PID: 20072 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 377.926122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 12:15:26 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) r1 = syz_open_dev$usb(&(0x7f0000002040)='/dev/bus/usb/00#/00#\x00', 0x80, 0x8000) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000020c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f0000002180)={&(0x7f0000002080)={0x10, 0x0, 0x0, 0x2810030}, 0xc, &(0x7f0000002140)={&(0x7f0000002100)={0x20, r2, 0x600, 0x70bd2c, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xc9c}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x8000) [ 377.935679] Call Trace: [ 377.935705] dump_stack+0x244/0x3ab [ 377.935746] ? dump_stack_print_info.cold.2+0x52/0x52 [ 377.947257] ? perf_trace_lock_acquire+0x501/0x800 [ 377.947305] should_fail.cold.4+0xa/0x17 [ 377.947327] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 377.961421] ? check_preemption_disabled+0x48/0x200 [ 377.966468] ? memset+0x31/0x40 [ 377.969797] ? perf_trace_run_bpf_submit+0x267/0x330 [ 377.974925] ? perf_trace_lock_acquire+0x501/0x800 [ 377.979877] ? mark_held_locks+0x130/0x130 [ 377.984114] ? perf_tp_event+0xc20/0xc20 [ 377.988170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.993704] ? fs_reclaim_acquire+0x20/0x20 [ 377.998032] ? lock_downgrade+0x900/0x900 [ 378.002173] ? lock_release+0xa10/0xa10 [ 378.006156] ? perf_trace_sched_process_exec+0x860/0x860 [ 378.011603] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 378.016185] ? __might_sleep+0x95/0x190 [ 378.020161] __alloc_pages_nodemask+0x34b/0xdd0 [ 378.024873] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 378.030409] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 378.035417] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 378.040433] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 378.045011] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 378.050545] ? pcpu_alloc+0x4f4/0x15d0 [ 378.054424] ? lock_downgrade+0x900/0x900 [ 378.058585] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 378.064131] ? find_next_bit+0x104/0x130 [ 378.068207] pcpu_populate_chunk+0xf9/0x910 [ 378.072518] ? find_next_bit+0x104/0x130 [ 378.076593] pcpu_alloc+0xe14/0x15d0 [ 378.080312] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 378.085060] ? fs_reclaim_acquire+0x20/0x20 [ 378.089375] ? lock_downgrade+0x900/0x900 [ 378.093527] ? trace_hardirqs_on+0xbd/0x310 [ 378.097845] ? __kmalloc_node+0x3c/0x70 [ 378.101825] ? kasan_unpoison_shadow+0x35/0x50 [ 378.106413] ? kasan_kmalloc+0xc7/0xe0 [ 378.110303] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 378.115575] ? kasan_unpoison_shadow+0x35/0x50 [ 378.120169] ? perf_trace_sched_process_exec+0x860/0x860 [ 378.125636] __alloc_percpu_gfp+0x27/0x30 [ 378.129787] array_map_alloc+0x46c/0x5f0 [ 378.133863] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 378.139133] map_create+0x3bd/0x1100 [ 378.142872] ? bpf_map_new_fd+0x70/0x70 [ 378.146843] ? __might_fault+0x12b/0x1e0 [ 378.150920] ? lock_downgrade+0x900/0x900 [ 378.155064] ? lock_release+0xa10/0xa10 [ 378.159027] ? perf_trace_sched_process_exec+0x860/0x860 [ 378.164473] ? usercopy_warn+0x110/0x110 [ 378.168570] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 378.174128] __x64_sys_bpf+0x303/0x510 [ 378.178015] ? bpf_prog_get+0x20/0x20 [ 378.181842] do_syscall_64+0x1b9/0x820 [ 378.185736] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 378.191093] ? syscall_return_slowpath+0x5e0/0x5e0 [ 378.196100] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.200936] ? trace_hardirqs_on_caller+0x310/0x310 [ 378.205945] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 378.210953] ? prepare_exit_to_usermode+0x291/0x3b0 [ 378.215966] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.220823] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 378.226004] RIP: 0033:0x457519 [ 378.229203] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 378.248099] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 378.255825] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 378.263102] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 378.270365] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 378.277638] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 378.284930] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 378.303368] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:27 executing program 5: r0 = socket$inet(0x10, 0x2, 0x3) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:15:27 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe08b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 378.333643] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:27 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005fec0a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 378.416733] IPv6: NLM_F_CREATE should be specified when creating new route 12:15:27 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x180) 12:15:27 executing program 3 (fault-call:1 fault-nth:37): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:27 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:27 executing program 5: mknod(&(0x7f0000000000)='./file0\x00', 0x100, 0x100) r0 = socket$inet(0x10, 0x3, 0xc) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000040)={0x0, 0x7bd, 0x401, 0x9}, &(0x7f0000000080)=0x10) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000200)=@assoc_id=r1, 0x4) r2 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x1000, 0x200000) ioctl$GIO_SCRNMAP(r2, 0x4b40, &(0x7f0000000140)=""/139) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 378.463317] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 378.469908] IPv6: NLM_F_CREATE should be set when creating new route [ 378.476932] IPv6: NLM_F_CREATE should be set when creating new route [ 378.483470] IPv6: NLM_F_CREATE should be set when creating new route [ 378.500554] FAULT_INJECTION: forcing a failure. [ 378.500554] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:27 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005ab01a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 378.554110] CPU: 1 PID: 20106 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 378.562797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.572173] Call Trace: [ 378.574799] dump_stack+0x244/0x3ab [ 378.578582] ? dump_stack_print_info.cold.2+0x52/0x52 [ 378.583794] ? perf_trace_lock_acquire+0x501/0x800 [ 378.583827] should_fail.cold.4+0xa/0x17 [ 378.592796] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 378.592816] ? check_preemption_disabled+0x48/0x200 [ 378.602928] ? memset+0x31/0x40 [ 378.606242] ? perf_trace_run_bpf_submit+0x267/0x330 [ 378.611369] ? perf_trace_lock_acquire+0x501/0x800 [ 378.616327] ? mark_held_locks+0x130/0x130 [ 378.620590] ? perf_tp_event+0xc20/0xc20 [ 378.624796] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 378.624827] ? fs_reclaim_acquire+0x20/0x20 [ 378.624847] ? lock_downgrade+0x900/0x900 [ 378.638838] ? lock_release+0xa10/0xa10 [ 378.638858] ? perf_trace_sched_process_exec+0x860/0x860 [ 378.638881] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 378.638905] ? __might_sleep+0x95/0x190 [ 378.638932] __alloc_pages_nodemask+0x34b/0xdd0 [ 378.662053] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 378.667624] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 378.672680] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 378.677718] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 378.677739] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 378.677765] ? pcpu_alloc+0x4f4/0x15d0 [ 378.687880] ? lock_downgrade+0x900/0x900 [ 378.687906] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 12:15:27 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x10000, 0x0) setsockopt$RDS_GET_MR(r1, 0x114, 0x2, &(0x7f0000000100)={{&(0x7f0000000040)=""/72, 0x48}, &(0x7f00000000c0), 0x41}, 0x20) 12:15:27 executing program 5: r0 = socket$inet(0x10, 0x3, 0x8) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:15:27 executing program 5: r0 = socket$inet(0x10, 0x5, 0x20000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0xffffffffffffffca, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:15:27 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0) getsockopt$inet6_tcp_int(r1, 0x6, 0x8, &(0x7f0000000040), &(0x7f0000000080)=0x4) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 378.687926] ? find_next_bit+0x104/0x130 [ 378.705545] pcpu_populate_chunk+0xf9/0x910 [ 378.709886] ? find_next_bit+0x104/0x130 [ 378.713985] pcpu_alloc+0xe14/0x15d0 [ 378.717743] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 378.722513] ? fs_reclaim_acquire+0x20/0x20 [ 378.726854] ? lock_downgrade+0x900/0x900 [ 378.731154] ? trace_hardirqs_on+0xbd/0x310 [ 378.731184] ? __kmalloc_node+0x3c/0x70 [ 378.731206] ? kasan_unpoison_shadow+0x35/0x50 [ 378.731225] ? kasan_kmalloc+0xc7/0xe0 [ 378.731255] ? kmem_cache_alloc_node_trace+0x305/0x740 12:15:27 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x40000, 0x0) mq_timedreceive(r1, &(0x7f0000000040)=""/66, 0x42, 0x1, &(0x7f00000000c0)={0x77359400}) [ 378.731274] ? kasan_unpoison_shadow+0x35/0x50 [ 378.731299] ? perf_trace_sched_process_exec+0x860/0x860 [ 378.731329] __alloc_percpu_gfp+0x27/0x30 [ 378.731352] array_map_alloc+0x46c/0x5f0 [ 378.731376] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 378.731393] map_create+0x3bd/0x1100 [ 378.731417] ? bpf_map_new_fd+0x70/0x70 [ 378.784665] ? __might_fault+0x12b/0x1e0 [ 378.784689] ? lock_downgrade+0x900/0x900 [ 378.784713] ? lock_release+0xa10/0xa10 [ 378.796881] ? perf_trace_sched_process_exec+0x860/0x860 [ 378.802351] ? usercopy_warn+0x110/0x110 [ 378.806442] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 378.806467] __x64_sys_bpf+0x303/0x510 [ 378.815866] ? bpf_prog_get+0x20/0x20 [ 378.815914] do_syscall_64+0x1b9/0x820 [ 378.823595] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 378.828977] ? syscall_return_slowpath+0x5e0/0x5e0 [ 378.833923] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.838806] ? trace_hardirqs_on_caller+0x310/0x310 [ 378.843850] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 378.848884] ? prepare_exit_to_usermode+0x291/0x3b0 [ 378.853926] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.858793] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 378.863987] RIP: 0033:0x457519 [ 378.867197] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 378.867208] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 378.867229] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 378.867242] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 378.893831] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 378.893843] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 378.893854] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 378.895971] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:27 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe25b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:27 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x101000, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0bc5310, &(0x7f0000000040)) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000100)={'erspan0\x00', 0x1200}) [ 378.902644] audit: type=1804 audit(1539260127.936:37): pid=20135 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor4" name="/root/syzkaller-testdir239113681/syzkaller.coKA60/476/bus" dev="sda1" ino=16548 res=1 [ 378.957814] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 378.976132] IPv6: NLM_F_CREATE should be specified when creating new route 12:15:28 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x12d) 12:15:28 executing program 3 (fault-call:1 fault-nth:38): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 379.008450] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 379.015056] IPv6: NLM_F_CREATE should be set when creating new route [ 379.021640] IPv6: NLM_F_CREATE should be set when creating new route [ 379.028153] IPv6: NLM_F_CREATE should be set when creating new route [ 379.087571] FAULT_INJECTION: forcing a failure. [ 379.087571] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 379.106239] CPU: 1 PID: 20148 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 379.114795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.124179] Call Trace: [ 379.126796] dump_stack+0x244/0x3ab [ 379.130456] ? dump_stack_print_info.cold.2+0x52/0x52 [ 379.135784] ? perf_trace_lock_acquire+0x501/0x800 [ 379.140725] should_fail.cold.4+0xa/0x17 [ 379.144788] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 379.149893] ? check_preemption_disabled+0x48/0x200 [ 379.154918] ? memset+0x31/0x40 [ 379.158200] ? perf_trace_run_bpf_submit+0x267/0x330 [ 379.163298] ? perf_trace_lock_acquire+0x501/0x800 [ 379.168231] ? mark_held_locks+0x130/0x130 [ 379.172465] ? perf_tp_event+0xc20/0xc20 [ 379.176524] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.182084] ? fs_reclaim_acquire+0x20/0x20 [ 379.186402] ? lock_downgrade+0x900/0x900 [ 379.190550] ? lock_release+0xa10/0xa10 [ 379.194530] ? perf_trace_sched_process_exec+0x860/0x860 [ 379.199979] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 379.204565] ? __might_sleep+0x95/0x190 [ 379.208543] __alloc_pages_nodemask+0x34b/0xdd0 [ 379.213204] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.218742] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 379.223753] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 379.228768] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 379.233345] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 379.238885] ? pcpu_alloc+0x4f4/0x15d0 [ 379.242769] ? lock_downgrade+0x900/0x900 [ 379.246918] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 379.252448] ? find_next_bit+0x104/0x130 [ 379.256526] pcpu_populate_chunk+0xf9/0x910 [ 379.260858] ? find_next_bit+0x104/0x130 [ 379.264923] pcpu_alloc+0xe14/0x15d0 [ 379.268647] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 379.273491] ? fs_reclaim_acquire+0x20/0x20 [ 379.277811] ? lock_downgrade+0x900/0x900 [ 379.281966] ? trace_hardirqs_on+0xbd/0x310 [ 379.286280] ? __kmalloc_node+0x3c/0x70 [ 379.290281] ? kasan_unpoison_shadow+0x35/0x50 [ 379.294859] ? kasan_kmalloc+0xc7/0xe0 [ 379.298747] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 379.304031] ? kasan_unpoison_shadow+0x35/0x50 [ 379.308621] ? perf_trace_sched_process_exec+0x860/0x860 [ 379.314089] __alloc_percpu_gfp+0x27/0x30 [ 379.318241] array_map_alloc+0x46c/0x5f0 [ 379.322303] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 379.327576] map_create+0x3bd/0x1100 [ 379.331296] ? bpf_map_new_fd+0x70/0x70 [ 379.335273] ? __might_fault+0x12b/0x1e0 [ 379.339334] ? lock_downgrade+0x900/0x900 [ 379.343484] ? lock_release+0xa10/0xa10 [ 379.347451] ? perf_trace_sched_process_exec+0x860/0x860 [ 379.352904] ? usercopy_warn+0x110/0x110 [ 379.356997] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 379.362535] __x64_sys_bpf+0x303/0x510 [ 379.366421] ? bpf_prog_get+0x20/0x20 [ 379.370265] do_syscall_64+0x1b9/0x820 [ 379.374146] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 379.379604] ? syscall_return_slowpath+0x5e0/0x5e0 [ 379.384530] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.389368] ? trace_hardirqs_on_caller+0x310/0x310 [ 379.394378] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 379.399403] ? prepare_exit_to_usermode+0x291/0x3b0 [ 379.404420] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.409291] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 379.414474] RIP: 0033:0x457519 [ 379.417671] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 379.436566] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 379.444280] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 379.451543] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 379.458802] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 379.466067] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 379.473328] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:28 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:28 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0x66, "31ee16c8b81bfc41d7f614fd8ea5a6873374a818c7d21969109705bda3a40cebd5a81ee082044538033a11a41469c53ec17a5eee919449343ad9e3a38ad0efab5a4d39490d3ca356678af335180348ab90e47303bfe76c604ee28e83ca91f5ba4fecfbfa5b9d"}, &(0x7f0000000080)=0x6e) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000000c0)={r1, 0x9}, &(0x7f0000000100)=0x8) 12:15:28 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe14b2a4a280930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:28 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60051300a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:28 executing program 3 (fault-call:1 fault-nth:39): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:28 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a600501aba84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 379.539674] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 379.549037] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:28 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000000)=0x6, 0x4) [ 379.583937] audit: type=1804 audit(1539260128.606:38): pid=20163 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor4" name="/root/syzkaller-testdir239113681/syzkaller.coKA60/477/bus" dev="sda1" ino=16532 res=1 [ 379.619897] FAULT_INJECTION: forcing a failure. [ 379.619897] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:28 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a20b930a60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 379.645200] IPv6: NLM_F_CREATE should be specified when creating new route [ 379.655424] CPU: 0 PID: 20165 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 379.663956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.673318] Call Trace: [ 379.673347] dump_stack+0x244/0x3ab [ 379.673374] ? dump_stack_print_info.cold.2+0x52/0x52 [ 379.673396] ? perf_trace_lock_acquire+0x501/0x800 [ 379.673430] should_fail.cold.4+0xa/0x17 [ 379.689741] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 379.689762] ? check_preemption_disabled+0x48/0x200 [ 379.689782] ? memset+0x31/0x40 [ 379.689811] ? perf_trace_run_bpf_submit+0x267/0x330 [ 379.689828] ? perf_trace_lock_acquire+0x501/0x800 [ 379.689854] ? mark_held_locks+0x130/0x130 [ 379.689879] ? perf_tp_event+0xc20/0xc20 [ 379.689898] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.731216] ? fs_reclaim_acquire+0x20/0x20 [ 379.735579] ? lock_downgrade+0x900/0x900 [ 379.739790] ? lock_release+0xa10/0xa10 12:15:28 executing program 5: r0 = socket$inet(0x10, 0x80000, 0x1000000000000c) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) 12:15:28 executing program 5: r0 = socket$inet(0x10, 0x3, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x5, 0x40000) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, &(0x7f0000000040)={0x0, 0x7, 0x100000000}) [ 379.743785] ? perf_trace_sched_process_exec+0x860/0x860 [ 379.749258] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 379.753869] ? __might_sleep+0x95/0x190 [ 379.757875] __alloc_pages_nodemask+0x34b/0xdd0 [ 379.762565] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.768137] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 379.773184] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 379.778212] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 379.782789] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 379.788323] ? pcpu_alloc+0x4f4/0x15d0 [ 379.792205] ? lock_downgrade+0x900/0x900 [ 379.796361] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 379.801988] ? find_next_bit+0x104/0x130 [ 379.806080] pcpu_populate_chunk+0xf9/0x910 [ 379.810528] ? find_next_bit+0x104/0x130 [ 379.814601] pcpu_alloc+0xe14/0x15d0 [ 379.818321] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 379.823086] ? fs_reclaim_acquire+0x20/0x20 [ 379.827403] ? lock_downgrade+0x900/0x900 [ 379.831561] ? trace_hardirqs_on+0xbd/0x310 [ 379.835887] ? __kmalloc_node+0x3c/0x70 [ 379.839872] ? kasan_unpoison_shadow+0x35/0x50 [ 379.844485] ? kasan_kmalloc+0xc7/0xe0 [ 379.848598] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 379.853881] ? kasan_unpoison_shadow+0x35/0x50 [ 379.858459] ? perf_trace_sched_process_exec+0x860/0x860 [ 379.863910] __alloc_percpu_gfp+0x27/0x30 [ 379.868175] array_map_alloc+0x46c/0x5f0 [ 379.872319] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 379.877722] map_create+0x3bd/0x1100 [ 379.881453] ? bpf_map_new_fd+0x70/0x70 [ 379.885437] ? __might_fault+0x12b/0x1e0 [ 379.889493] ? lock_downgrade+0x900/0x900 [ 379.893671] ? lock_release+0xa10/0xa10 [ 379.897652] ? perf_trace_sched_process_exec+0x860/0x860 [ 379.903111] ? usercopy_warn+0x110/0x110 [ 379.907184] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 379.912740] __x64_sys_bpf+0x303/0x510 [ 379.916643] ? bpf_prog_get+0x20/0x20 [ 379.920460] do_syscall_64+0x1b9/0x820 [ 379.924342] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 379.929701] ? syscall_return_slowpath+0x5e0/0x5e0 [ 379.934621] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.939460] ? trace_hardirqs_on_caller+0x310/0x310 [ 379.944485] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 379.949498] ? prepare_exit_to_usermode+0x291/0x3b0 [ 379.954512] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.959362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 379.964551] RIP: 0033:0x457519 [ 379.967742] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 379.986646] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 379.994359] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 380.001620] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 380.008968] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 380.016227] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 380.023670] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 380.036450] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x1b4) 12:15:29 executing program 5: r0 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x228, 0xdc5f3035e88022e5) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6) r1 = socket$inet(0x10, 0x3, 0xc) r2 = shmget(0x0, 0x3000, 0x800, &(0x7f0000ffa000/0x3000)=nil) ioctl$KVM_GET_SREGS(r0, 0x8138ae83, &(0x7f0000000100)) shmctl$SHM_UNLOCK(r2, 0xc) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0xffffffffffffff55, &(0x7f0000009ff0)=[{&(0x7f0000002000)="b044a0490b0607041dfffd946fa283000600000000000000001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f0000000000)={0xd8, {0x2, 0x4e23, @multicast2}, {0x2, 0x4e22, @remote}, {0x2, 0x4e22, @multicast1}, 0x8, 0x401, 0x62a1, 0xfffffffffffffff8, 0x1ff, 0x0, 0x0, 0xfffffffffffffffb, 0x99}) [ 380.043063] IPv6: NLM_F_CREATE should be set when creating new route [ 380.049629] IPv6: NLM_F_CREATE should be set when creating new route [ 380.056135] IPv6: NLM_F_CREATE should be set when creating new route [ 380.063411] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:29 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:29 executing program 3 (fault-call:1 fault-nth:40): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:29 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a600500fca84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:29 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280931460050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:29 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={0x0, 0xfffffffffffffff9, 0x800, 0xfffffffffffffffb}, &(0x7f0000000080)=0x10) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000000c0)=ANY=[@ANYRES32=r1, @ANYBLOB], 0x14) r2 = socket$inet(0x10, 0x3, 0xc) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000002000)="240000000b0607041dfffd946fa2830020200a0009000300001d85680c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) [ 380.155641] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:29 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050008a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 380.216154] audit: type=1804 audit(1539260129.236:39): pid=20197 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor4" name="/root/syzkaller-testdir239113681/syzkaller.coKA60/478/bus" dev="sda1" ino=16544 res=1 [ 380.261289] FAULT_INJECTION: forcing a failure. [ 380.261289] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 380.262395] IPv6: NLM_F_CREATE should be specified when creating new route [ 380.294781] CPU: 0 PID: 20204 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 12:15:29 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280934860050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 380.303319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.303329] Call Trace: [ 380.303357] dump_stack+0x244/0x3ab [ 380.303385] ? dump_stack_print_info.cold.2+0x52/0x52 [ 380.303405] ? perf_trace_lock_acquire+0x501/0x800 [ 380.324357] should_fail.cold.4+0xa/0x17 [ 380.324380] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 380.338465] ? check_preemption_disabled+0x48/0x200 [ 380.343534] ? memset+0x31/0x40 [ 380.346850] ? perf_trace_run_bpf_submit+0x267/0x330 [ 380.351977] ? perf_trace_lock_acquire+0x501/0x800 [ 380.356938] ? mark_held_locks+0x130/0x130 12:15:29 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a28093fc60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 380.361201] ? perf_tp_event+0xc20/0xc20 [ 380.365283] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 380.370842] ? fs_reclaim_acquire+0x20/0x20 [ 380.370866] ? lock_downgrade+0x900/0x900 [ 380.370888] ? lock_release+0xa10/0xa10 [ 380.370906] ? perf_trace_sched_process_exec+0x860/0x860 [ 380.379357] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 380.379385] ? __might_sleep+0x95/0x190 [ 380.379413] __alloc_pages_nodemask+0x34b/0xdd0 [ 380.379438] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 12:15:29 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a28093ec60050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:29 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280932560050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 380.407606] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 380.412657] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 380.417717] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 380.422323] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 380.427895] ? pcpu_alloc+0x4f4/0x15d0 [ 380.431800] ? lock_downgrade+0x900/0x900 [ 380.435979] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 380.441550] ? find_next_bit+0x104/0x130 [ 380.445641] pcpu_populate_chunk+0xf9/0x910 [ 380.449992] ? find_next_bit+0x104/0x130 [ 380.454087] pcpu_alloc+0xe14/0x15d0 [ 380.457837] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 380.462635] ? lock_downgrade+0x900/0x900 [ 380.466815] ? trace_hardirqs_on+0xbd/0x310 [ 380.471128] ? __kmalloc_node+0x3c/0x70 [ 380.475095] ? kasan_unpoison_shadow+0x35/0x50 [ 380.479667] ? kasan_kmalloc+0xc7/0xe0 [ 380.483570] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 380.488836] ? kasan_unpoison_shadow+0x35/0x50 [ 380.493416] ? perf_trace_sched_process_exec+0x860/0x860 [ 380.498863] __alloc_percpu_gfp+0x27/0x30 [ 380.503004] array_map_alloc+0x46c/0x5f0 [ 380.507074] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 380.512357] map_create+0x3bd/0x1100 [ 380.516072] ? bpf_map_new_fd+0x70/0x70 [ 380.520043] ? __might_fault+0x12b/0x1e0 [ 380.524095] ? lock_downgrade+0x900/0x900 [ 380.528249] ? lock_release+0xa10/0xa10 [ 380.532210] ? perf_trace_sched_process_exec+0x860/0x860 [ 380.537651] ? usercopy_warn+0x110/0x110 [ 380.541716] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 380.547265] __x64_sys_bpf+0x303/0x510 [ 380.551144] ? bpf_prog_get+0x20/0x20 [ 380.554955] do_syscall_64+0x1b9/0x820 [ 380.558833] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 380.564186] ? syscall_return_slowpath+0x5e0/0x5e0 [ 380.569125] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.573962] ? trace_hardirqs_on_caller+0x310/0x310 [ 380.578968] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 380.583975] ? prepare_exit_to_usermode+0x291/0x3b0 [ 380.588987] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.593829] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 380.599006] RIP: 0033:0x457519 [ 380.602193] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 380.621101] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 380.628800] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 380.636070] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 380.643335] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 380.651047] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 380.658311] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 380.675299] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 380.681889] IPv6: NLM_F_CREATE should be set when creating new route [ 380.688410] IPv6: NLM_F_CREATE should be set when creating new route [ 380.694971] IPv6: NLM_F_CREATE should be set when creating new route 12:15:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x7a) 12:15:29 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a58050000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:29 executing program 5: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a600500fca84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:29 executing program 3 (fault-call:1 fault-nth:41): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:29 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005000ba84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:29 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 380.781301] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 380.787865] IPv6: NLM_F_CREATE should be set when creating new route [ 380.792129] FAULT_INJECTION: forcing a failure. [ 380.792129] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 380.794416] IPv6: NLM_F_CREATE should be set when creating new route [ 380.812773] IPv6: NLM_F_CREATE should be set when creating new route [ 380.831179] CPU: 1 PID: 20228 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 380.839711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.849059] Call Trace: [ 380.851649] dump_stack+0x244/0x3ab [ 380.855279] ? dump_stack_print_info.cold.2+0x52/0x52 [ 380.860471] ? perf_trace_lock_acquire+0x501/0x800 [ 380.865406] should_fail.cold.4+0xa/0x17 [ 380.869476] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 380.874575] ? check_preemption_disabled+0x48/0x200 [ 380.879586] ? memset+0x31/0x40 [ 380.883009] ? perf_trace_run_bpf_submit+0x267/0x330 [ 380.888104] ? perf_trace_lock_acquire+0x501/0x800 [ 380.893033] ? mark_held_locks+0x130/0x130 [ 380.897266] ? perf_tp_event+0xc20/0xc20 [ 380.901321] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 380.906873] ? fs_reclaim_acquire+0x20/0x20 [ 380.911189] ? lock_downgrade+0x900/0x900 [ 380.915347] ? lock_release+0xa10/0xa10 [ 380.919315] ? perf_trace_sched_process_exec+0x860/0x860 [ 380.924759] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 380.929341] ? __might_sleep+0x95/0x190 [ 380.933313] __alloc_pages_nodemask+0x34b/0xdd0 [ 380.938012] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 380.943549] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 380.948563] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 380.953577] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 380.958151] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 380.963691] ? pcpu_alloc+0x4f4/0x15d0 [ 380.967587] ? lock_downgrade+0x900/0x900 [ 380.971735] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 380.977274] ? find_next_bit+0x104/0x130 [ 380.981442] pcpu_populate_chunk+0xf9/0x910 [ 380.985766] ? find_next_bit+0x104/0x130 [ 380.989834] pcpu_alloc+0xe14/0x15d0 [ 380.993640] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 380.998387] ? fs_reclaim_acquire+0x20/0x20 [ 381.002700] ? lock_downgrade+0x900/0x900 [ 381.006850] ? trace_hardirqs_on+0xbd/0x310 [ 381.011174] ? __kmalloc_node+0x3c/0x70 [ 381.015156] ? kasan_unpoison_shadow+0x35/0x50 [ 381.019804] ? kasan_kmalloc+0xc7/0xe0 [ 381.023694] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 381.028977] ? kasan_unpoison_shadow+0x35/0x50 [ 381.033567] ? perf_trace_sched_process_exec+0x860/0x860 [ 381.039018] __alloc_percpu_gfp+0x27/0x30 [ 381.043159] array_map_alloc+0x46c/0x5f0 [ 381.047217] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 381.052487] map_create+0x3bd/0x1100 [ 381.056211] ? bpf_map_new_fd+0x70/0x70 [ 381.060186] ? __might_fault+0x12b/0x1e0 [ 381.064252] ? lock_downgrade+0x900/0x900 [ 381.068396] ? lock_release+0xa10/0xa10 [ 381.072360] ? perf_trace_sched_process_exec+0x860/0x860 [ 381.077808] ? usercopy_warn+0x110/0x110 [ 381.081884] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 381.087421] __x64_sys_bpf+0x303/0x510 [ 381.091313] ? bpf_prog_get+0x20/0x20 [ 381.095158] do_syscall_64+0x1b9/0x820 [ 381.099038] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 381.104396] ? syscall_return_slowpath+0x5e0/0x5e0 [ 381.109336] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.114190] ? trace_hardirqs_on_caller+0x310/0x310 [ 381.119203] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 381.124215] ? prepare_exit_to_usermode+0x291/0x3b0 [ 381.129230] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.134100] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 381.139368] RIP: 0033:0x457519 [ 381.142555] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 381.161535] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 381.169256] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 381.176520] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 381.183784] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 381.191049] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 381.198311] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:30 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60060000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:30 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005000fa84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:30 executing program 3 (fault-call:1 fault-nth:42): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 381.225331] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 381.236621] IPv6: NLM_F_CREATE should be specified when creating new route [ 381.269713] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 381.276268] IPv6: NLM_F_CREATE should be set when creating new route [ 381.282797] IPv6: NLM_F_CREATE should be set when creating new route [ 381.289312] IPv6: NLM_F_CREATE should be set when creating new route [ 381.306930] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 381.313629] IPv6: NLM_F_CREATE should be set when creating new route 12:15:30 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x12d) [ 381.320161] IPv6: NLM_F_CREATE should be set when creating new route [ 381.327348] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 381.347199] FAULT_INJECTION: forcing a failure. [ 381.347199] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 381.370134] CPU: 0 PID: 20246 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 381.378752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.388142] Call Trace: [ 381.390771] dump_stack+0x244/0x3ab [ 381.394450] ? dump_stack_print_info.cold.2+0x52/0x52 [ 381.399645] ? perf_trace_lock_acquire+0x501/0x800 [ 381.404600] should_fail.cold.4+0xa/0x17 [ 381.408661] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 381.413773] ? check_preemption_disabled+0x48/0x200 [ 381.418783] ? memset+0x31/0x40 [ 381.422062] ? perf_trace_run_bpf_submit+0x267/0x330 [ 381.427153] ? perf_trace_lock_acquire+0x501/0x800 [ 381.432080] ? mark_held_locks+0x130/0x130 [ 381.436310] ? perf_tp_event+0xc20/0xc20 [ 381.440385] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 381.445930] ? fs_reclaim_acquire+0x20/0x20 [ 381.450244] ? lock_downgrade+0x900/0x900 [ 381.454418] ? lock_release+0xa10/0xa10 [ 381.458388] ? perf_trace_sched_process_exec+0x860/0x860 [ 381.463836] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 381.468427] ? __might_sleep+0x95/0x190 [ 381.472492] __alloc_pages_nodemask+0x34b/0xdd0 [ 381.477776] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 381.483311] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 381.488322] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 381.493337] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 381.497915] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 381.503458] ? pcpu_alloc+0x4f4/0x15d0 [ 381.507344] ? lock_downgrade+0x900/0x900 [ 381.511490] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 381.517019] ? find_next_bit+0x104/0x130 [ 381.521081] pcpu_populate_chunk+0xf9/0x910 [ 381.525396] ? find_next_bit+0x104/0x130 [ 381.529478] pcpu_alloc+0xe14/0x15d0 [ 381.533199] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 381.537946] ? fs_reclaim_acquire+0x20/0x20 [ 381.542263] ? lock_downgrade+0x900/0x900 [ 381.546431] ? trace_hardirqs_on+0xbd/0x310 [ 381.550751] ? __kmalloc_node+0x3c/0x70 [ 381.554724] ? kasan_unpoison_shadow+0x35/0x50 [ 381.559300] ? kasan_kmalloc+0xc7/0xe0 [ 381.563191] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 381.568565] ? kasan_unpoison_shadow+0x35/0x50 [ 381.573149] ? perf_trace_sched_process_exec+0x860/0x860 [ 381.578601] __alloc_percpu_gfp+0x27/0x30 [ 381.582749] array_map_alloc+0x46c/0x5f0 [ 381.586811] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 381.592094] map_create+0x3bd/0x1100 [ 381.595809] ? bpf_map_new_fd+0x70/0x70 [ 381.599780] ? __might_fault+0x12b/0x1e0 [ 381.603833] ? lock_downgrade+0x900/0x900 [ 381.607978] ? lock_release+0xa10/0xa10 [ 381.611950] ? perf_trace_sched_process_exec+0x860/0x860 [ 381.617401] ? usercopy_warn+0x110/0x110 [ 381.621479] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 381.627028] __x64_sys_bpf+0x303/0x510 [ 381.630910] ? bpf_prog_get+0x20/0x20 [ 381.634728] do_syscall_64+0x1b9/0x820 [ 381.638609] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 381.643969] ? syscall_return_slowpath+0x5e0/0x5e0 [ 381.648892] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.653733] ? trace_hardirqs_on_caller+0x310/0x310 [ 381.658745] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 381.663758] ? prepare_exit_to_usermode+0x291/0x3b0 [ 381.668779] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.673621] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 381.678802] RIP: 0033:0x457519 [ 381.681995] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 381.700888] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 381.708606] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:30 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60140000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:30 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050006a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 381.715869] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 381.723128] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 381.730477] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 381.737739] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:30 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x304) 12:15:30 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 381.806340] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 381.812959] IPv6: NLM_F_CREATE should be set when creating new route [ 381.819505] IPv6: NLM_F_CREATE should be set when creating new route 12:15:30 executing program 3 (fault-call:1 fault-nth:43): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:30 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60150000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:30 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050003004302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 381.853078] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 381.870670] FAULT_INJECTION: forcing a failure. [ 381.870670] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 381.923340] CPU: 0 PID: 20264 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 381.931905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.941281] Call Trace: [ 381.943884] dump_stack+0x244/0x3ab [ 381.947548] ? dump_stack_print_info.cold.2+0x52/0x52 [ 381.952751] ? perf_trace_lock_acquire+0x501/0x800 [ 381.957692] should_fail.cold.4+0xa/0x17 [ 381.961859] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 381.966965] ? check_preemption_disabled+0x48/0x200 [ 381.971977] ? memset+0x31/0x40 [ 381.975256] ? perf_trace_run_bpf_submit+0x267/0x330 [ 381.980346] ? perf_trace_lock_acquire+0x501/0x800 [ 381.985293] ? mark_held_locks+0x130/0x130 [ 381.989546] ? perf_tp_event+0xc20/0xc20 [ 381.993617] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 381.999251] ? fs_reclaim_acquire+0x20/0x20 [ 382.003579] ? lock_downgrade+0x900/0x900 [ 382.007731] ? lock_release+0xa10/0xa10 [ 382.011814] ? perf_trace_sched_process_exec+0x860/0x860 [ 382.017345] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 382.021930] ? __might_sleep+0x95/0x190 [ 382.025913] __alloc_pages_nodemask+0x34b/0xdd0 [ 382.030589] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 382.036140] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 382.041159] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 382.046188] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 382.050761] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 382.056293] ? pcpu_alloc+0x4f4/0x15d0 [ 382.060174] ? lock_downgrade+0x900/0x900 [ 382.064320] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 382.069849] ? find_next_bit+0x104/0x130 [ 382.073918] pcpu_populate_chunk+0xf9/0x910 [ 382.078237] ? find_next_bit+0x104/0x130 [ 382.082311] pcpu_alloc+0xe14/0x15d0 [ 382.086026] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 382.090783] ? fs_reclaim_acquire+0x20/0x20 [ 382.095218] ? lock_downgrade+0x900/0x900 [ 382.099405] ? trace_hardirqs_on+0xbd/0x310 [ 382.103732] ? __kmalloc_node+0x3c/0x70 [ 382.107709] ? kasan_unpoison_shadow+0x35/0x50 [ 382.112283] ? kasan_kmalloc+0xc7/0xe0 [ 382.116183] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 382.121465] ? kasan_unpoison_shadow+0x35/0x50 [ 382.126062] ? perf_trace_sched_process_exec+0x860/0x860 [ 382.131537] __alloc_percpu_gfp+0x27/0x30 [ 382.135691] array_map_alloc+0x46c/0x5f0 [ 382.139748] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 382.145019] map_create+0x3bd/0x1100 [ 382.148727] ? bpf_map_new_fd+0x70/0x70 [ 382.152783] ? __might_fault+0x12b/0x1e0 [ 382.156842] ? lock_downgrade+0x900/0x900 [ 382.160984] ? lock_release+0xa10/0xa10 [ 382.164951] ? perf_trace_sched_process_exec+0x860/0x860 [ 382.170412] ? usercopy_warn+0x110/0x110 [ 382.174593] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 382.180127] __x64_sys_bpf+0x303/0x510 [ 382.184006] ? bpf_prog_get+0x20/0x20 [ 382.187813] do_syscall_64+0x1b9/0x820 [ 382.191690] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 382.197060] ? syscall_return_slowpath+0x5e0/0x5e0 [ 382.201977] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.206832] ? trace_hardirqs_on_caller+0x310/0x310 [ 382.211867] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 382.216895] ? prepare_exit_to_usermode+0x291/0x3b0 [ 382.221917] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.226775] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 382.232074] RIP: 0033:0x457519 [ 382.235269] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 382.254161] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 382.261867] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:31 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 382.269131] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 382.276400] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 382.283774] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 382.291047] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:31 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60090000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 382.315263] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 382.321854] IPv6: NLM_F_CREATE should be set when creating new route [ 382.328385] IPv6: NLM_F_CREATE should be set when creating new route [ 382.338922] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:31 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005000aa84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:31 executing program 3 (fault-call:1 fault-nth:44): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 382.380460] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 382.387039] IPv6: NLM_F_CREATE should be set when creating new route [ 382.393590] IPv6: NLM_F_CREATE should be set when creating new route 12:15:31 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x12e) 12:15:31 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x10, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:31 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x11d) 12:15:31 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60160000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 382.437567] FAULT_INJECTION: forcing a failure. [ 382.437567] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 382.511137] CPU: 1 PID: 20284 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 382.519688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.529060] Call Trace: [ 382.531670] dump_stack+0x244/0x3ab [ 382.535374] ? dump_stack_print_info.cold.2+0x52/0x52 [ 382.540611] ? perf_trace_lock_acquire+0x501/0x800 [ 382.545578] should_fail.cold.4+0xa/0x17 [ 382.549665] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 382.554783] ? check_preemption_disabled+0x48/0x200 [ 382.559809] ? memset+0x31/0x40 [ 382.563095] ? perf_trace_run_bpf_submit+0x267/0x330 [ 382.568204] ? perf_trace_lock_acquire+0x501/0x800 [ 382.573129] ? mark_held_locks+0x130/0x130 [ 382.577374] ? perf_tp_event+0xc20/0xc20 [ 382.581551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 382.587114] ? fs_reclaim_acquire+0x20/0x20 [ 382.591584] ? lock_downgrade+0x900/0x900 [ 382.595774] ? lock_release+0xa10/0xa10 [ 382.599765] ? perf_trace_sched_process_exec+0x860/0x860 [ 382.605214] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 382.609795] ? __might_sleep+0x95/0x190 [ 382.613858] __alloc_pages_nodemask+0x34b/0xdd0 [ 382.618527] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 382.624069] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 382.629080] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 382.634110] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 382.638684] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 382.644214] ? pcpu_alloc+0x4f4/0x15d0 [ 382.648093] ? lock_downgrade+0x900/0x900 [ 382.652236] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 382.657767] ? find_next_bit+0x104/0x130 [ 382.661827] pcpu_populate_chunk+0xf9/0x910 [ 382.666146] ? find_next_bit+0x104/0x130 [ 382.670252] pcpu_alloc+0xe14/0x15d0 [ 382.674017] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 382.678765] ? fs_reclaim_acquire+0x20/0x20 [ 382.683079] ? lock_downgrade+0x900/0x900 [ 382.687229] ? trace_hardirqs_on+0xbd/0x310 [ 382.691550] ? __kmalloc_node+0x3c/0x70 [ 382.695605] ? kasan_unpoison_shadow+0x35/0x50 [ 382.700224] ? kasan_kmalloc+0xc7/0xe0 [ 382.704111] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 382.709384] ? kasan_unpoison_shadow+0x35/0x50 [ 382.713965] ? perf_trace_sched_process_exec+0x860/0x860 [ 382.719422] __alloc_percpu_gfp+0x27/0x30 [ 382.723588] array_map_alloc+0x46c/0x5f0 [ 382.727651] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 382.732923] map_create+0x3bd/0x1100 [ 382.736737] ? bpf_map_new_fd+0x70/0x70 [ 382.740717] ? __might_fault+0x12b/0x1e0 [ 382.744778] ? lock_downgrade+0x900/0x900 [ 382.748922] ? lock_release+0xa10/0xa10 [ 382.752891] ? perf_trace_sched_process_exec+0x860/0x860 [ 382.758339] ? usercopy_warn+0x110/0x110 [ 382.762412] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 382.767947] __x64_sys_bpf+0x303/0x510 [ 382.771833] ? bpf_prog_get+0x20/0x20 [ 382.775640] do_syscall_64+0x1b9/0x820 [ 382.779519] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 382.784875] ? syscall_return_slowpath+0x5e0/0x5e0 [ 382.789812] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.794666] ? trace_hardirqs_on_caller+0x310/0x310 [ 382.799688] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 382.804707] ? prepare_exit_to_usermode+0x291/0x3b0 [ 382.809732] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.814573] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 382.819754] RIP: 0033:0x457519 [ 382.822952] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 382.841860] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 382.849577] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 382.856839] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 382.864204] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 382.871474] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 382.878735] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 382.888489] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 382.905075] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:31 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050060a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:31 executing program 3 (fault-call:1 fault-nth:45): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 382.911693] IPv6: NLM_F_CREATE should be set when creating new route [ 382.918204] IPv6: NLM_F_CREATE should be set when creating new route [ 382.951086] FAULT_INJECTION: forcing a failure. [ 382.951086] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 382.967965] CPU: 0 PID: 20303 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 382.976524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.985891] Call Trace: [ 382.988484] dump_stack+0x244/0x3ab [ 382.992138] ? dump_stack_print_info.cold.2+0x52/0x52 [ 382.992159] ? perf_trace_lock_acquire+0x501/0x800 [ 383.002267] should_fail.cold.4+0xa/0x17 [ 383.002296] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 383.011462] ? check_preemption_disabled+0x48/0x200 [ 383.016511] ? memset+0x31/0x40 [ 383.019831] ? perf_trace_run_bpf_submit+0x267/0x330 [ 383.024949] ? perf_trace_lock_acquire+0x501/0x800 [ 383.029892] ? mark_held_locks+0x130/0x130 [ 383.034136] ? perf_tp_event+0xc20/0xc20 [ 383.038192] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.043726] ? fs_reclaim_acquire+0x20/0x20 [ 383.048039] ? lock_downgrade+0x900/0x900 [ 383.052185] ? lock_release+0xa10/0xa10 [ 383.056160] ? perf_trace_sched_process_exec+0x860/0x860 [ 383.061623] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 383.066209] ? __might_sleep+0x95/0x190 [ 383.070188] __alloc_pages_nodemask+0x34b/0xdd0 [ 383.074854] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.080392] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 383.085415] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 383.090428] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 383.095010] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 383.100555] ? pcpu_alloc+0x4f4/0x15d0 [ 383.104436] ? lock_downgrade+0x900/0x900 [ 383.108593] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 383.114131] ? find_next_bit+0x104/0x130 [ 383.118190] pcpu_populate_chunk+0xf9/0x910 [ 383.122537] ? find_next_bit+0x104/0x130 [ 383.126623] pcpu_alloc+0xe14/0x15d0 [ 383.130357] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 383.135112] ? fs_reclaim_acquire+0x20/0x20 [ 383.139431] ? lock_downgrade+0x900/0x900 [ 383.143603] ? trace_hardirqs_on+0xbd/0x310 [ 383.147919] ? __kmalloc_node+0x3c/0x70 [ 383.151975] ? kasan_unpoison_shadow+0x35/0x50 [ 383.156565] ? kasan_kmalloc+0xc7/0xe0 [ 383.160470] ? kmem_cache_alloc_node_trace+0x305/0x740 12:15:32 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60480000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 383.165747] ? kasan_unpoison_shadow+0x35/0x50 [ 383.170321] ? perf_trace_sched_process_exec+0x860/0x860 [ 383.175770] __alloc_percpu_gfp+0x27/0x30 [ 383.179916] array_map_alloc+0x46c/0x5f0 [ 383.183974] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 383.189253] map_create+0x3bd/0x1100 [ 383.193010] ? bpf_map_new_fd+0x70/0x70 [ 383.197110] ? __might_fault+0x12b/0x1e0 [ 383.201212] ? lock_downgrade+0x900/0x900 [ 383.205385] ? lock_release+0xa10/0xa10 [ 383.209365] ? perf_trace_sched_process_exec+0x860/0x860 [ 383.214813] ? usercopy_warn+0x110/0x110 [ 383.218913] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 383.224479] __x64_sys_bpf+0x303/0x510 [ 383.228376] ? bpf_prog_get+0x20/0x20 [ 383.232211] do_syscall_64+0x1b9/0x820 [ 383.236109] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 383.241468] ? syscall_return_slowpath+0x5e0/0x5e0 [ 383.246396] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.251244] ? trace_hardirqs_on_caller+0x310/0x310 [ 383.256310] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 383.261342] ? prepare_exit_to_usermode+0x291/0x3b0 12:15:32 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x12e) [ 383.266386] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.271241] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 383.276448] RIP: 0033:0x457519 [ 383.279653] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 383.298569] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 383.306310] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 383.313599] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 383.320882] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 383.320894] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 383.320906] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 383.350912] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 383.357634] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:32 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050010a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:32 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, 0xffffffffffffffff, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:32 executing program 3 (fault-call:1 fault-nth:46): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:32 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x99) [ 383.364213] IPv6: NLM_F_CREATE should be set when creating new route [ 383.370793] IPv6: NLM_F_CREATE should be set when creating new route [ 383.424848] IPv6: NLM_F_CREATE should be specified when creating new route [ 383.452716] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 383.459322] IPv6: NLM_F_CREATE should be set when creating new route [ 383.459345] IPv6: NLM_F_CREATE should be set when creating new route 12:15:32 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60056000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 383.459363] IPv6: NLM_F_CREATE should be set when creating new route [ 383.486058] FAULT_INJECTION: forcing a failure. [ 383.486058] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:32 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050003a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 383.534595] CPU: 1 PID: 20324 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 383.543160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.552538] Call Trace: [ 383.555164] dump_stack+0x244/0x3ab [ 383.558818] ? dump_stack_print_info.cold.2+0x52/0x52 [ 383.558839] ? perf_trace_lock_acquire+0x501/0x800 [ 383.558872] should_fail.cold.4+0xa/0x17 [ 383.558897] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 383.569022] ? check_preemption_disabled+0x48/0x200 [ 383.569045] ? memset+0x31/0x40 [ 383.569072] ? perf_trace_run_bpf_submit+0x267/0x330 [ 383.569089] ? perf_trace_lock_acquire+0x501/0x800 [ 383.569111] ? mark_held_locks+0x130/0x130 [ 383.569136] ? perf_tp_event+0xc20/0xc20 [ 383.604880] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.610428] ? fs_reclaim_acquire+0x20/0x20 [ 383.614839] ? lock_downgrade+0x900/0x900 [ 383.619005] ? lock_release+0xa10/0xa10 [ 383.623010] ? perf_trace_sched_process_exec+0x860/0x860 [ 383.628478] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 383.633085] ? __might_sleep+0x95/0x190 [ 383.637071] __alloc_pages_nodemask+0x34b/0xdd0 [ 383.641748] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.647295] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 383.652324] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 383.657375] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 383.661965] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 383.667514] ? pcpu_alloc+0x4f4/0x15d0 [ 383.671492] ? lock_downgrade+0x900/0x900 [ 383.675650] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 383.681237] ? find_next_bit+0x104/0x130 [ 383.685344] pcpu_populate_chunk+0xf9/0x910 [ 383.689665] ? find_next_bit+0x104/0x130 [ 383.693735] pcpu_alloc+0xe14/0x15d0 [ 383.697461] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 383.702220] ? fs_reclaim_acquire+0x20/0x20 [ 383.706541] ? lock_downgrade+0x900/0x900 [ 383.710697] ? trace_hardirqs_on+0xbd/0x310 [ 383.715018] ? __kmalloc_node+0x3c/0x70 [ 383.719025] ? kasan_unpoison_shadow+0x35/0x50 [ 383.723615] ? kasan_kmalloc+0xc7/0xe0 [ 383.727503] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 383.732787] ? kasan_unpoison_shadow+0x35/0x50 [ 383.737391] ? perf_trace_sched_process_exec+0x860/0x860 [ 383.742845] __alloc_percpu_gfp+0x27/0x30 [ 383.747006] array_map_alloc+0x46c/0x5f0 [ 383.751079] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 383.756358] map_create+0x3bd/0x1100 [ 383.760088] ? bpf_map_new_fd+0x70/0x70 [ 383.764092] ? __might_fault+0x12b/0x1e0 [ 383.768167] ? lock_downgrade+0x900/0x900 [ 383.772338] ? lock_release+0xa10/0xa10 [ 383.776334] ? perf_trace_sched_process_exec+0x860/0x860 [ 383.781791] ? usercopy_warn+0x110/0x110 [ 383.785861] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 383.791414] __x64_sys_bpf+0x303/0x510 [ 383.795300] ? bpf_prog_get+0x20/0x20 [ 383.799118] do_syscall_64+0x1b9/0x820 [ 383.803002] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 383.808364] ? syscall_return_slowpath+0x5e0/0x5e0 [ 383.813304] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.818156] ? trace_hardirqs_on_caller+0x310/0x310 [ 383.823178] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 383.828219] ? prepare_exit_to_usermode+0x291/0x3b0 [ 383.833358] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.838213] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 383.843405] RIP: 0033:0x457519 [ 383.846591] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 383.865491] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 383.873217] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:32 executing program 3 (fault-call:1 fault-nth:47): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:32 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050500a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 383.880494] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 383.887780] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 383.895066] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 383.902345] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 383.913112] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 383.921948] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:33 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050011a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 383.967524] FAULT_INJECTION: forcing a failure. [ 383.967524] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 383.997234] CPU: 1 PID: 20337 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 384.005787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.015168] Call Trace: [ 384.017776] dump_stack+0x244/0x3ab [ 384.021409] ? dump_stack_print_info.cold.2+0x52/0x52 [ 384.026599] ? perf_trace_lock_acquire+0x501/0x800 [ 384.031560] should_fail.cold.4+0xa/0x17 [ 384.035634] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 384.040739] ? check_preemption_disabled+0x48/0x200 [ 384.045757] ? memset+0x31/0x40 [ 384.049043] ? perf_trace_run_bpf_submit+0x267/0x330 [ 384.054141] ? perf_trace_lock_acquire+0x501/0x800 [ 384.059074] ? mark_held_locks+0x130/0x130 [ 384.063310] ? perf_tp_event+0xc20/0xc20 [ 384.067366] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 384.072907] ? fs_reclaim_acquire+0x20/0x20 [ 384.077224] ? lock_downgrade+0x900/0x900 [ 384.081372] ? lock_release+0xa10/0xa10 [ 384.085344] ? perf_trace_sched_process_exec+0x860/0x860 [ 384.090793] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 384.095398] ? __might_sleep+0x95/0x190 [ 384.099377] __alloc_pages_nodemask+0x34b/0xdd0 [ 384.104052] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 384.109595] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 384.114620] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 384.119636] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 384.124216] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 384.129757] ? pcpu_alloc+0x4f4/0x15d0 [ 384.133657] ? lock_downgrade+0x900/0x900 [ 384.137805] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 384.143342] ? find_next_bit+0x104/0x130 [ 384.147410] pcpu_populate_chunk+0xf9/0x910 [ 384.151734] ? find_next_bit+0x104/0x130 [ 384.155806] pcpu_alloc+0xe14/0x15d0 [ 384.159531] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 384.164284] ? fs_reclaim_acquire+0x20/0x20 [ 384.168617] ? lock_downgrade+0x900/0x900 [ 384.172772] ? trace_hardirqs_on+0xbd/0x310 [ 384.177206] ? __kmalloc_node+0x3c/0x70 [ 384.181190] ? kasan_unpoison_shadow+0x35/0x50 [ 384.185767] ? kasan_kmalloc+0xc7/0xe0 [ 384.189669] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 384.194943] ? kasan_unpoison_shadow+0x35/0x50 [ 384.199528] ? perf_trace_sched_process_exec+0x860/0x860 [ 384.204983] __alloc_percpu_gfp+0x27/0x30 [ 384.209150] array_map_alloc+0x46c/0x5f0 [ 384.213229] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 384.218507] map_create+0x3bd/0x1100 [ 384.222225] ? bpf_map_new_fd+0x70/0x70 [ 384.226209] ? __might_fault+0x12b/0x1e0 [ 384.230288] ? lock_downgrade+0x900/0x900 [ 384.234433] ? lock_release+0xa10/0xa10 [ 384.238407] ? perf_trace_sched_process_exec+0x860/0x860 [ 384.243857] ? usercopy_warn+0x110/0x110 [ 384.247937] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 384.253489] __x64_sys_bpf+0x303/0x510 [ 384.257373] ? bpf_prog_get+0x20/0x20 [ 384.261199] do_syscall_64+0x1b9/0x820 [ 384.265082] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 384.270462] ? syscall_return_slowpath+0x5e0/0x5e0 [ 384.275388] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.280231] ? trace_hardirqs_on_caller+0x310/0x310 [ 384.285257] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 384.290273] ? prepare_exit_to_usermode+0x291/0x3b0 [ 384.295294] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.300145] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 384.305334] RIP: 0033:0x457519 [ 384.308532] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 384.327530] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 384.335238] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 384.342504] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 384.349771] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 384.357040] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 12:15:33 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x800000000, 0x2, 0x3, "a77760f5a7645bc43c241d69912dda0c63c2a66702000000000000007ba44947a79015f0fe57917c7c2a93987a938fdedfce7bbba4fec2d8a09c41fb233245f2604b9e07b8ab79ec15ef3818a17900"}, 0xd8) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1, 0x7}, 0x8) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000080)={'team0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'erspan0\x00', r1}) getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000000c0)=""/39, &(0x7f0000000140)=0x27) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) close(r0) 12:15:33 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, 0xffffffffffffffff, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 384.364308] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:33 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x35f) 12:15:33 executing program 3 (fault-call:1 fault-nth:48): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 384.429147] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 384.439243] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 384.496167] FAULT_INJECTION: forcing a failure. [ 384.496167] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 384.515154] CPU: 1 PID: 20356 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 384.523798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.533165] Call Trace: [ 384.533192] dump_stack+0x244/0x3ab [ 384.533219] ? dump_stack_print_info.cold.2+0x52/0x52 [ 384.533237] ? perf_trace_lock_acquire+0x501/0x800 [ 384.533269] should_fail.cold.4+0xa/0x17 [ 384.553647] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 384.558787] ? check_preemption_disabled+0x48/0x200 [ 384.563907] ? memset+0x31/0x40 [ 384.567214] ? perf_trace_run_bpf_submit+0x267/0x330 [ 384.572337] ? perf_trace_lock_acquire+0x501/0x800 [ 384.577295] ? mark_held_locks+0x130/0x130 [ 384.581555] ? perf_tp_event+0xc20/0xc20 [ 384.585635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 384.591226] ? fs_reclaim_acquire+0x20/0x20 12:15:33 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050013a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:33 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050800a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 384.595569] ? lock_downgrade+0x900/0x900 [ 384.600085] ? lock_release+0xa10/0xa10 [ 384.604076] ? perf_trace_sched_process_exec+0x860/0x860 [ 384.609871] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 384.614487] ? __might_sleep+0x95/0x190 [ 384.618492] __alloc_pages_nodemask+0x34b/0xdd0 [ 384.623183] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 384.628759] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 384.633807] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 384.638850] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 384.643924] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 384.649500] ? pcpu_alloc+0x4f4/0x15d0 [ 384.653410] ? lock_downgrade+0x900/0x900 [ 384.657592] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 384.663146] ? find_next_bit+0x104/0x130 [ 384.667228] pcpu_populate_chunk+0xf9/0x910 [ 384.671546] ? find_next_bit+0x104/0x130 [ 384.675650] pcpu_alloc+0xe14/0x15d0 [ 384.679565] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 384.684310] ? fs_reclaim_acquire+0x20/0x20 [ 384.688630] ? lock_downgrade+0x900/0x900 [ 384.692782] ? trace_hardirqs_on+0xbd/0x310 [ 384.697104] ? __kmalloc_node+0x3c/0x70 [ 384.701107] ? kasan_unpoison_shadow+0x35/0x50 [ 384.705698] ? kasan_kmalloc+0xc7/0xe0 [ 384.709597] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 384.714869] ? kasan_unpoison_shadow+0x35/0x50 [ 384.719450] ? perf_trace_sched_process_exec+0x860/0x860 [ 384.724910] __alloc_percpu_gfp+0x27/0x30 [ 384.729058] array_map_alloc+0x46c/0x5f0 [ 384.733144] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 384.738427] map_create+0x3bd/0x1100 [ 384.742147] ? bpf_map_new_fd+0x70/0x70 [ 384.746132] ? __might_fault+0x12b/0x1e0 [ 384.750206] ? lock_downgrade+0x900/0x900 [ 384.754365] ? lock_release+0xa10/0xa10 [ 384.758359] ? perf_trace_sched_process_exec+0x860/0x860 [ 384.763819] ? usercopy_warn+0x110/0x110 [ 384.767893] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 384.773430] __x64_sys_bpf+0x303/0x510 [ 384.777323] ? bpf_prog_get+0x20/0x20 [ 384.781167] do_syscall_64+0x1b9/0x820 [ 384.785056] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 384.790427] ? syscall_return_slowpath+0x5e0/0x5e0 [ 384.795448] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.800389] ? trace_hardirqs_on_caller+0x310/0x310 [ 384.805413] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 384.810424] ? prepare_exit_to_usermode+0x291/0x3b0 [ 384.815477] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.820337] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 384.825521] RIP: 0033:0x457519 [ 384.828719] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 12:15:33 executing program 5: [ 384.847623] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 384.855351] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 384.862621] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 384.869887] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 384.877151] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 384.884421] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:33 executing program 5: 12:15:33 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050009a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 384.899960] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 384.912003] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:33 executing program 3 (fault-call:1 fault-nth:49): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:34 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050007a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:34 executing program 5: 12:15:34 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, 0xffffffffffffffff, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 384.999928] FAULT_INJECTION: forcing a failure. [ 384.999928] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:34 executing program 5: [ 385.045282] CPU: 1 PID: 20373 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 385.053843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.063220] Call Trace: [ 385.065842] dump_stack+0x244/0x3ab [ 385.069504] ? dump_stack_print_info.cold.2+0x52/0x52 [ 385.074721] ? perf_trace_lock_acquire+0x501/0x800 [ 385.079691] should_fail.cold.4+0xa/0x17 [ 385.083789] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 385.088915] ? check_preemption_disabled+0x48/0x200 [ 385.093930] ? memset+0x31/0x40 [ 385.097214] ? perf_trace_run_bpf_submit+0x267/0x330 [ 385.102315] ? perf_trace_lock_acquire+0x501/0x800 [ 385.107245] ? mark_held_locks+0x130/0x130 [ 385.111479] ? perf_tp_event+0xc20/0xc20 [ 385.115630] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 385.121185] ? fs_reclaim_acquire+0x20/0x20 [ 385.125504] ? lock_downgrade+0x900/0x900 [ 385.129651] ? lock_release+0xa10/0xa10 [ 385.133721] ? perf_trace_sched_process_exec+0x860/0x860 [ 385.139202] ? __might_sleep+0x95/0x190 [ 385.143178] __alloc_pages_nodemask+0x34b/0xdd0 [ 385.147841] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 385.153379] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 385.158408] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 385.163438] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 385.168021] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 385.173560] ? pcpu_alloc+0x4f4/0x15d0 [ 385.177448] ? lock_downgrade+0x900/0x900 [ 385.181596] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 385.187173] ? find_next_bit+0x104/0x130 [ 385.191240] pcpu_populate_chunk+0xf9/0x910 [ 385.195556] ? find_next_bit+0x104/0x130 [ 385.199632] pcpu_alloc+0xe14/0x15d0 [ 385.203358] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 385.208127] ? fs_reclaim_acquire+0x20/0x20 [ 385.212457] ? lock_downgrade+0x900/0x900 [ 385.216626] ? trace_hardirqs_on+0xbd/0x310 [ 385.220955] ? __kmalloc_node+0x3c/0x70 [ 385.224937] ? kasan_unpoison_shadow+0x35/0x50 [ 385.229517] ? kasan_kmalloc+0xc7/0xe0 [ 385.233419] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 385.238692] ? kasan_unpoison_shadow+0x35/0x50 [ 385.243277] ? perf_trace_sched_process_exec+0x860/0x860 [ 385.248731] __alloc_percpu_gfp+0x27/0x30 [ 385.252884] array_map_alloc+0x46c/0x5f0 [ 385.256961] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 385.262236] map_create+0x3bd/0x1100 [ 385.265952] ? bpf_map_new_fd+0x70/0x70 [ 385.269928] ? __might_fault+0x12b/0x1e0 [ 385.273991] ? lock_downgrade+0x900/0x900 [ 385.278141] ? lock_release+0xa10/0xa10 [ 385.282113] ? perf_trace_sched_process_exec+0x860/0x860 [ 385.287576] ? usercopy_warn+0x110/0x110 [ 385.291659] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 385.297296] __x64_sys_bpf+0x303/0x510 [ 385.301184] ? bpf_prog_get+0x20/0x20 [ 385.305006] do_syscall_64+0x1b9/0x820 [ 385.308893] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 385.314261] ? syscall_return_slowpath+0x5e0/0x5e0 [ 385.319188] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.324029] ? trace_hardirqs_on_caller+0x310/0x310 [ 385.329217] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 385.334343] ? prepare_exit_to_usermode+0x291/0x3b0 [ 385.339366] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.344219] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 385.349414] RIP: 0033:0x457519 [ 385.352612] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 385.371521] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 385.379231] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 385.386585] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 385.393854] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 385.401122] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 385.408393] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 385.424388] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 385.432855] IPv6: NLM_F_CREATE should be specified when creating new route 12:15:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x1a6) 12:15:34 executing program 5: 12:15:34 executing program 3 (fault-call:1 fault-nth:50): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 385.441209] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 385.447757] IPv6: NLM_F_CREATE should be set when creating new route [ 385.454330] IPv6: NLM_F_CREATE should be set when creating new route [ 385.460880] IPv6: NLM_F_CREATE should be set when creating new route 12:15:34 executing program 5: 12:15:34 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050002a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 385.516914] FAULT_INJECTION: forcing a failure. [ 385.516914] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:34 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'sit0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000040)={@remote, 0x0, r1}) [ 385.571269] IPv6: NLM_F_CREATE should be specified when creating new route [ 385.595190] CPU: 1 PID: 20393 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 385.603838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.613193] Call Trace: [ 385.615784] dump_stack+0x244/0x3ab [ 385.619427] ? dump_stack_print_info.cold.2+0x52/0x52 [ 385.624624] ? perf_trace_lock_acquire+0x501/0x800 [ 385.629558] should_fail.cold.4+0xa/0x17 [ 385.633616] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 385.638710] ? lock_acquire+0x1ed/0x520 [ 385.642674] ? pcpu_alloc+0xbc9/0x15d0 [ 385.646606] ? perf_trace_run_bpf_submit+0x267/0x330 [ 385.651719] ? perf_trace_lock_acquire+0x501/0x800 [ 385.656747] ? mark_held_locks+0x130/0x130 [ 385.660993] ? perf_tp_event+0xc20/0xc20 [ 385.665055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 385.670597] ? fs_reclaim_acquire+0x20/0x20 [ 385.674927] ? lock_downgrade+0x900/0x900 [ 385.679082] ? lock_release+0xa10/0xa10 [ 385.683060] ? perf_trace_sched_process_exec+0x860/0x860 [ 385.688513] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 385.693119] ? __might_sleep+0x95/0x190 [ 385.697100] __alloc_pages_nodemask+0x34b/0xdd0 [ 385.701786] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 385.707344] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 385.712370] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 385.717379] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 385.721959] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 385.727494] ? pcpu_alloc+0x4f4/0x15d0 [ 385.731373] ? lock_downgrade+0x900/0x900 [ 385.735511] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 385.740522] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 385.746057] ? find_next_bit+0x104/0x130 [ 385.750118] pcpu_populate_chunk+0xf9/0x910 [ 385.754436] ? find_next_bit+0x104/0x130 [ 385.758510] pcpu_alloc+0xe14/0x15d0 [ 385.762247] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 385.767008] ? lock_downgrade+0x900/0x900 [ 385.771164] ? trace_hardirqs_on+0xbd/0x310 [ 385.775494] ? __kmalloc_node+0x3c/0x70 [ 385.779475] ? kasan_unpoison_shadow+0x35/0x50 [ 385.784052] ? kasan_kmalloc+0xc7/0xe0 [ 385.787940] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 385.793208] ? kasan_unpoison_shadow+0x35/0x50 [ 385.797785] ? perf_trace_sched_process_exec+0x860/0x860 [ 385.803234] __alloc_percpu_gfp+0x27/0x30 [ 385.807391] array_map_alloc+0x46c/0x5f0 [ 385.811466] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 385.816736] map_create+0x3bd/0x1100 [ 385.820446] ? bpf_map_new_fd+0x70/0x70 [ 385.824417] ? __might_fault+0x12b/0x1e0 [ 385.828470] ? lock_downgrade+0x900/0x900 [ 385.832630] ? lock_release+0xa10/0xa10 [ 385.836600] ? perf_trace_sched_process_exec+0x860/0x860 [ 385.842050] ? usercopy_warn+0x110/0x110 [ 385.846123] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 385.851657] __x64_sys_bpf+0x303/0x510 [ 385.855535] ? bpf_prog_get+0x20/0x20 [ 385.859347] do_syscall_64+0x1b9/0x820 [ 385.863234] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 385.868602] ? syscall_return_slowpath+0x5e0/0x5e0 [ 385.873523] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.878361] ? trace_hardirqs_on_caller+0x310/0x310 [ 385.883368] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 385.888377] ? prepare_exit_to_usermode+0x291/0x3b0 [ 385.893388] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.898225] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 385.903403] RIP: 0033:0x457519 12:15:35 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a600580fea84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 385.906587] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 385.925493] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 385.933286] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 385.940631] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 385.947894] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 385.955371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 385.962757] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:35 executing program 3 (fault-call:1 fault-nth:51): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 385.980056] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 385.986731] IPv6: NLM_F_CREATE should be set when creating new route [ 385.993290] IPv6: NLM_F_CREATE should be set when creating new route [ 385.999916] IPv6: NLM_F_CREATE should be set when creating new route [ 386.010097] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 386.021727] FAULT_INJECTION: forcing a failure. [ 386.021727] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 386.034771] CPU: 1 PID: 20409 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 386.043294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.052664] Call Trace: [ 386.055279] dump_stack+0x244/0x3ab [ 386.058988] ? dump_stack_print_info.cold.2+0x52/0x52 [ 386.064234] ? perf_trace_lock_acquire+0x501/0x800 [ 386.069282] ? perf_trace_run_bpf_submit+0x267/0x330 [ 386.069309] should_fail.cold.4+0xa/0x17 12:15:35 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050004a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 386.069332] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 386.078481] ? lock_acquire+0x1ed/0x520 [ 386.087546] ? pcpu_alloc+0xbc9/0x15d0 [ 386.091462] ? check_preemption_disabled+0x48/0x200 [ 386.096519] ? perf_trace_run_bpf_submit+0x267/0x330 [ 386.100505] IPv6: NLM_F_CREATE should be specified when creating new route [ 386.101651] ? mark_held_locks+0x130/0x130 [ 386.101676] ? perf_tp_event+0xc20/0xc20 [ 386.116980] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.122577] ? fs_reclaim_acquire+0x20/0x20 [ 386.126907] ? lock_downgrade+0x900/0x900 [ 386.131059] ? lock_release+0xa10/0xa10 [ 386.135029] ? perf_trace_sched_process_exec+0x860/0x860 [ 386.140481] ? __might_sleep+0x95/0x190 [ 386.144453] __alloc_pages_nodemask+0x34b/0xdd0 [ 386.149114] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.154660] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 386.159673] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 386.164683] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 386.169258] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 386.174791] ? pcpu_alloc+0x4f4/0x15d0 [ 386.178672] ? lock_downgrade+0x900/0x900 [ 386.182811] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 386.187826] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 386.193355] ? find_next_bit+0x104/0x130 [ 386.197419] pcpu_populate_chunk+0xf9/0x910 [ 386.201819] ? find_next_bit+0x104/0x130 [ 386.205889] pcpu_alloc+0xe14/0x15d0 [ 386.209607] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 386.214354] ? fs_reclaim_acquire+0x20/0x20 [ 386.218668] ? lock_downgrade+0x900/0x900 [ 386.222817] ? trace_hardirqs_on+0xbd/0x310 [ 386.227132] ? __kmalloc_node+0x3c/0x70 [ 386.231101] ? kasan_unpoison_shadow+0x35/0x50 [ 386.235673] ? kasan_kmalloc+0xc7/0xe0 [ 386.239568] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 386.244841] ? kasan_unpoison_shadow+0x35/0x50 [ 386.249441] ? perf_trace_sched_process_exec+0x860/0x860 [ 386.254917] __alloc_percpu_gfp+0x27/0x30 [ 386.259073] array_map_alloc+0x46c/0x5f0 [ 386.263126] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 386.268394] map_create+0x3bd/0x1100 [ 386.272189] ? bpf_map_new_fd+0x70/0x70 [ 386.276157] ? __might_fault+0x12b/0x1e0 [ 386.280208] ? lock_downgrade+0x900/0x900 [ 386.284348] ? lock_release+0xa10/0xa10 [ 386.288325] ? perf_trace_sched_process_exec+0x860/0x860 [ 386.293765] ? usercopy_warn+0x110/0x110 [ 386.297834] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 386.303383] __x64_sys_bpf+0x303/0x510 [ 386.307261] ? bpf_prog_get+0x20/0x20 [ 386.311080] do_syscall_64+0x1b9/0x820 [ 386.314976] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 386.320363] ? syscall_return_slowpath+0x5e0/0x5e0 [ 386.325281] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.330119] ? trace_hardirqs_on_caller+0x310/0x310 [ 386.335127] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 386.340136] ? prepare_exit_to_usermode+0x291/0x3b0 [ 386.345186] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.350035] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 386.355228] RIP: 0033:0x457519 [ 386.358418] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 12:15:35 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000040)=0x400100000001, 0x4) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = dup2(r0, r1) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000440), 0x131f64) clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, &(0x7f0000000180), 0xffffffffffffffff) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) socket(0x0, 0x0, 0x0) exit_group(0x0) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000100), 0x4) 12:15:35 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r1, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r3, 0x0) io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 386.377319] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 386.385042] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 386.392327] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 386.399684] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 386.406946] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 386.414205] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:35 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60058002a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:35 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xd2) 12:15:35 executing program 3 (fault-call:1 fault-nth:52): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 386.455183] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 386.461803] IPv6: NLM_F_CREATE should be set when creating new route [ 386.468331] IPv6: NLM_F_CREATE should be set when creating new route [ 386.474889] IPv6: NLM_F_CREATE should be set when creating new route [ 386.534710] IPv6: NLM_F_CREATE should be specified when creating new route [ 386.560691] FAULT_INJECTION: forcing a failure. [ 386.560691] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 386.591753] CPU: 1 PID: 20434 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 386.600307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.609688] Call Trace: [ 386.612308] dump_stack+0x244/0x3ab [ 386.615981] ? dump_stack_print_info.cold.2+0x52/0x52 [ 386.621196] ? perf_trace_lock_acquire+0x501/0x800 [ 386.626149] ? __switch_to_asm+0x34/0x70 [ 386.630234] should_fail.cold.4+0xa/0x17 [ 386.634651] ? fault_create_debugfs_attr+0x1f0/0x1f0 12:15:35 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000584302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 386.639764] ? lock_acquire+0x1ed/0x520 [ 386.644260] ? pcpu_alloc+0xbc9/0x15d0 [ 386.648178] ? perf_trace_run_bpf_submit+0x267/0x330 [ 386.653306] ? mark_held_locks+0x130/0x130 [ 386.657562] ? perf_tp_event+0xc20/0xc20 [ 386.657586] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.667184] ? fs_reclaim_acquire+0x20/0x20 [ 386.671524] ? lock_downgrade+0x900/0x900 [ 386.671546] ? lock_release+0xa10/0xa10 [ 386.679662] ? perf_trace_sched_process_exec+0x860/0x860 [ 386.685136] ? __switch_to_asm+0x40/0x70 12:15:35 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x0, &(0x7f0000000540)) [ 386.689220] ? __switch_to_asm+0x34/0x70 [ 386.693297] ? __switch_to_asm+0x40/0x70 [ 386.697393] ? __might_sleep+0x95/0x190 [ 386.701389] __alloc_pages_nodemask+0x34b/0xdd0 [ 386.701410] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.711602] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 386.711625] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 386.711648] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 386.711669] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 386.711698] ? pcpu_alloc+0x4f4/0x15d0 [ 386.735705] ? lock_downgrade+0x900/0x900 [ 386.739881] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 386.744925] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 386.750501] ? find_next_bit+0x104/0x130 [ 386.754600] pcpu_populate_chunk+0xf9/0x910 [ 386.758958] ? find_next_bit+0x104/0x130 [ 386.763029] pcpu_alloc+0xe14/0x15d0 [ 386.766746] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 386.771507] ? fs_reclaim_acquire+0x20/0x20 [ 386.775835] ? lock_downgrade+0x900/0x900 [ 386.780003] ? trace_hardirqs_on+0xbd/0x310 [ 386.784407] ? __kmalloc_node+0x3c/0x70 [ 386.788375] ? kasan_unpoison_shadow+0x35/0x50 [ 386.792965] ? kasan_kmalloc+0xc7/0xe0 [ 386.796854] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 386.802138] ? kasan_unpoison_shadow+0x35/0x50 [ 386.806733] ? perf_trace_sched_process_exec+0x860/0x860 [ 386.812203] __alloc_percpu_gfp+0x27/0x30 [ 386.816351] array_map_alloc+0x46c/0x5f0 [ 386.820417] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 386.825704] map_create+0x3bd/0x1100 [ 386.829430] ? bpf_map_new_fd+0x70/0x70 [ 386.833405] ? __might_fault+0x12b/0x1e0 [ 386.837457] ? lock_downgrade+0x900/0x900 [ 386.841615] ? lock_release+0xa10/0xa10 [ 386.845617] ? perf_trace_sched_process_exec+0x860/0x860 [ 386.851065] ? usercopy_warn+0x110/0x110 [ 386.855135] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 386.860693] __x64_sys_bpf+0x303/0x510 [ 386.864574] ? bpf_prog_get+0x20/0x20 [ 386.868383] do_syscall_64+0x1b9/0x820 [ 386.872263] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 386.877632] ? syscall_return_slowpath+0x5e0/0x5e0 [ 386.882565] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.887401] ? trace_hardirqs_on_caller+0x310/0x310 [ 386.892427] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 386.897435] ? prepare_exit_to_usermode+0x291/0x3b0 [ 386.902454] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.907302] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 386.912482] RIP: 0033:0x457519 [ 386.915667] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 386.934559] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 386.942284] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 386.949554] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 386.956836] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 386.964098] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 386.971471] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 386.981228] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:36 executing program 3 (fault-call:1 fault-nth:53): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 386.987860] IPv6: NLM_F_CREATE should be set when creating new route [ 386.994441] IPv6: NLM_F_CREATE should be set when creating new route [ 387.000999] IPv6: NLM_F_CREATE should be set when creating new route [ 387.015899] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 387.032237] FAULT_INJECTION: forcing a failure. [ 387.032237] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 387.047491] CPU: 1 PID: 20450 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 387.056028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.056040] Call Trace: [ 387.068020] dump_stack+0x244/0x3ab [ 387.071670] ? dump_stack_print_info.cold.2+0x52/0x52 [ 387.076861] ? perf_trace_lock_acquire+0x501/0x800 [ 387.081791] ? perf_trace_run_bpf_submit+0x267/0x330 [ 387.086983] should_fail.cold.4+0xa/0x17 [ 387.091044] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 387.096141] ? lock_acquire+0x1ed/0x520 [ 387.100117] ? pcpu_alloc+0xbc9/0x15d0 [ 387.104014] ? perf_trace_run_bpf_submit+0x267/0x330 [ 387.109123] ? mark_held_locks+0x130/0x130 [ 387.113359] ? perf_tp_event+0xc20/0xc20 [ 387.117416] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.122961] ? fs_reclaim_acquire+0x20/0x20 [ 387.127282] ? lock_downgrade+0x900/0x900 [ 387.131430] ? lock_release+0xa10/0xa10 [ 387.135402] ? perf_trace_sched_process_exec+0x860/0x860 [ 387.140858] ? __might_sleep+0x95/0x190 [ 387.144829] __alloc_pages_nodemask+0x34b/0xdd0 [ 387.149492] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.155057] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 387.160089] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 387.165102] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 387.169694] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 387.175246] ? pcpu_alloc+0x4f4/0x15d0 [ 387.179226] ? lock_downgrade+0x900/0x900 [ 387.183369] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 387.188382] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 387.193923] ? find_next_bit+0x104/0x130 [ 387.197988] pcpu_populate_chunk+0xf9/0x910 [ 387.202303] ? find_next_bit+0x104/0x130 [ 387.206378] pcpu_alloc+0xe14/0x15d0 [ 387.210101] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 387.214953] ? fs_reclaim_acquire+0x20/0x20 [ 387.219273] ? lock_downgrade+0x900/0x900 [ 387.223427] ? trace_hardirqs_on+0xbd/0x310 [ 387.227858] ? __kmalloc_node+0x3c/0x70 [ 387.231947] ? kasan_unpoison_shadow+0x35/0x50 [ 387.236524] ? kasan_kmalloc+0xc7/0xe0 [ 387.240416] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 387.245692] ? kasan_unpoison_shadow+0x35/0x50 [ 387.250279] ? perf_trace_sched_process_exec+0x860/0x860 [ 387.255741] __alloc_percpu_gfp+0x27/0x30 [ 387.259892] array_map_alloc+0x46c/0x5f0 [ 387.263963] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 387.269237] map_create+0x3bd/0x1100 [ 387.272952] ? bpf_map_new_fd+0x70/0x70 [ 387.276932] ? __might_fault+0x12b/0x1e0 [ 387.280989] ? lock_downgrade+0x900/0x900 [ 387.285151] ? lock_release+0xa10/0xa10 [ 387.289128] ? perf_trace_sched_process_exec+0x860/0x860 [ 387.294578] ? usercopy_warn+0x110/0x110 [ 387.298653] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 387.304297] __x64_sys_bpf+0x303/0x510 [ 387.308180] ? bpf_prog_get+0x20/0x20 [ 387.312029] do_syscall_64+0x1b9/0x820 [ 387.315923] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 387.321285] ? syscall_return_slowpath+0x5e0/0x5e0 [ 387.326208] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.331071] ? trace_hardirqs_on_caller+0x310/0x310 [ 387.336083] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 387.341111] ? prepare_exit_to_usermode+0x291/0x3b0 [ 387.346130] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.350980] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 387.356166] RIP: 0033:0x457519 [ 387.359356] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 387.378254] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 387.385962] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:36 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x7) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f000014f000)={&(0x7f00003c7ff4), 0xc, &(0x7f00000bfff0)={&(0x7f0000006440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0) setsockopt$inet6_mtu(r1, 0x29, 0x6, &(0x7f0000000180), 0x24f) 12:15:36 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60051100a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:36 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050005a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 387.393227] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 387.400489] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 387.407752] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 387.415121] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:36 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2b7) 12:15:36 executing program 3 (fault-call:1 fault-nth:54): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 387.481694] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 387.510241] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:36 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005000ea84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:36 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000012c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r2, &(0x7f0000004380)=[{{&(0x7f00000002c0)=@sco, 0x80, &(0x7f0000000500), 0x0, &(0x7f0000000580)=""/246, 0xfffffffffffffeb7}}], 0x1, 0x0, &(0x7f00000044c0)) sendmsg$nl_generic(r2, &(0x7f0000000340)={&(0x7f0000000040), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[]}}, 0x0) clone(0x0, &(0x7f0000000180), &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000003c0)) dup2(r0, r1) 12:15:36 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050700a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 387.614755] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 387.619621] FAULT_INJECTION: forcing a failure. [ 387.619621] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 387.637499] CPU: 1 PID: 20478 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 387.646033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.655409] Call Trace: [ 387.658025] dump_stack+0x244/0x3ab 12:15:36 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050007a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 387.661695] ? dump_stack_print_info.cold.2+0x52/0x52 [ 387.666913] ? perf_trace_lock_acquire+0x501/0x800 [ 387.671856] ? perf_trace_run_bpf_submit+0x267/0x330 [ 387.677006] should_fail.cold.4+0xa/0x17 [ 387.681091] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 387.686210] ? lock_acquire+0x1ed/0x520 [ 387.690206] ? pcpu_alloc+0xbc9/0x15d0 [ 387.694135] ? perf_trace_run_bpf_submit+0x267/0x330 [ 387.699270] ? mark_held_locks+0x130/0x130 [ 387.703507] ? perf_tp_event+0xc20/0xc20 [ 387.707568] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.713107] ? fs_reclaim_acquire+0x20/0x20 [ 387.717422] ? lock_downgrade+0x900/0x900 [ 387.721574] ? lock_release+0xa10/0xa10 [ 387.725558] ? perf_trace_sched_process_exec+0x860/0x860 [ 387.731048] ? __might_sleep+0x95/0x190 [ 387.735027] __alloc_pages_nodemask+0x34b/0xdd0 [ 387.739690] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.745232] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 387.750245] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 387.755258] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 387.759830] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 387.765357] ? pcpu_alloc+0x4f4/0x15d0 [ 387.769234] ? lock_downgrade+0x900/0x900 [ 387.773370] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 387.778398] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 387.783924] ? find_next_bit+0x104/0x130 [ 387.787983] pcpu_populate_chunk+0xf9/0x910 [ 387.792316] ? find_next_bit+0x104/0x130 [ 387.796379] pcpu_alloc+0xe14/0x15d0 [ 387.800097] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 387.804872] ? fs_reclaim_acquire+0x20/0x20 [ 387.809203] ? lock_downgrade+0x900/0x900 [ 387.813359] ? trace_hardirqs_on+0xbd/0x310 [ 387.817675] ? __kmalloc_node+0x3c/0x70 [ 387.821640] ? kasan_unpoison_shadow+0x35/0x50 [ 387.826208] ? kasan_kmalloc+0xc7/0xe0 [ 387.830088] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 387.835370] ? kasan_unpoison_shadow+0x35/0x50 [ 387.839953] ? perf_trace_sched_process_exec+0x860/0x860 [ 387.845403] __alloc_percpu_gfp+0x27/0x30 [ 387.849542] array_map_alloc+0x46c/0x5f0 [ 387.853598] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 387.858979] map_create+0x3bd/0x1100 [ 387.862696] ? bpf_map_new_fd+0x70/0x70 [ 387.866669] ? __might_fault+0x12b/0x1e0 [ 387.870733] ? lock_downgrade+0x900/0x900 [ 387.874891] ? lock_release+0xa10/0xa10 [ 387.878875] ? perf_trace_sched_process_exec+0x860/0x860 [ 387.884338] ? usercopy_warn+0x110/0x110 [ 387.888457] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 387.894139] __x64_sys_bpf+0x303/0x510 [ 387.898015] ? bpf_prog_get+0x20/0x20 [ 387.901837] do_syscall_64+0x1b9/0x820 [ 387.905727] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 387.911080] ? syscall_return_slowpath+0x5e0/0x5e0 [ 387.916061] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.920911] ? trace_hardirqs_on_caller+0x310/0x310 [ 387.925929] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 387.930943] ? prepare_exit_to_usermode+0x291/0x3b0 [ 387.935949] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.940954] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 387.946147] RIP: 0033:0x457519 [ 387.949326] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 387.968234] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 387.982510] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 387.989783] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 387.997053] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 388.004316] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 12:15:37 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 388.011576] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:37 executing program 3 (fault-call:1 fault-nth:55): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 388.036712] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 388.054123] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:37 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050012a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:37 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050012a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 388.088445] FAULT_INJECTION: forcing a failure. [ 388.088445] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:37 executing program 5: r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000340)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000280)=ANY=[], 0x6c850ca3) rename(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file1\x00') getdents(r0, &(0x7f0000001980)=""/203, 0xcb) link(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00') [ 388.142756] CPU: 0 PID: 20494 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 388.151290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.160635] Call Trace: [ 388.163219] dump_stack+0x244/0x3ab [ 388.166933] ? dump_stack_print_info.cold.2+0x52/0x52 [ 388.172118] ? perf_trace_lock_acquire+0x501/0x800 [ 388.177050] should_fail.cold.4+0xa/0x17 [ 388.181108] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 388.186201] ? lock_acquire+0x1ed/0x520 [ 388.190167] ? pcpu_alloc+0xbc9/0x15d0 [ 388.194045] ? trace_hardirqs_on+0xbd/0x310 [ 388.198380] ? perf_trace_run_bpf_submit+0x267/0x330 [ 388.203481] ? mark_held_locks+0x130/0x130 [ 388.207833] ? perf_tp_event+0xc20/0xc20 [ 388.211896] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 388.217430] ? fs_reclaim_acquire+0x20/0x20 [ 388.221838] ? lock_downgrade+0x900/0x900 [ 388.225997] ? lock_release+0xa10/0xa10 [ 388.229966] ? perf_trace_sched_process_exec+0x860/0x860 [ 388.235593] ? __might_sleep+0x95/0x190 [ 388.239562] __alloc_pages_nodemask+0x34b/0xdd0 [ 388.244224] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 388.249755] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 388.254763] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 388.259776] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 388.264372] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 388.269905] ? pcpu_alloc+0x4f4/0x15d0 [ 388.273910] ? lock_downgrade+0x900/0x900 [ 388.278054] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 388.283579] ? find_next_bit+0x104/0x130 [ 388.287641] pcpu_populate_chunk+0xf9/0x910 [ 388.291951] ? find_next_bit+0x104/0x130 [ 388.296039] pcpu_alloc+0xe14/0x15d0 [ 388.299772] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 388.304518] ? fs_reclaim_acquire+0x20/0x20 [ 388.308833] ? lock_downgrade+0x900/0x900 [ 388.312986] ? trace_hardirqs_on+0xbd/0x310 [ 388.317299] ? __kmalloc_node+0x3c/0x70 [ 388.321265] ? kasan_unpoison_shadow+0x35/0x50 [ 388.325925] ? kasan_kmalloc+0xc7/0xe0 [ 388.329828] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 388.335114] ? kasan_unpoison_shadow+0x35/0x50 [ 388.339711] ? perf_trace_sched_process_exec+0x860/0x860 [ 388.345159] __alloc_percpu_gfp+0x27/0x30 [ 388.349298] array_map_alloc+0x46c/0x5f0 [ 388.353358] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 388.358627] map_create+0x3bd/0x1100 [ 388.362341] ? bpf_map_new_fd+0x70/0x70 [ 388.366313] ? __might_fault+0x12b/0x1e0 [ 388.370371] ? lock_downgrade+0x900/0x900 [ 388.374516] ? lock_release+0xa10/0xa10 [ 388.378517] ? perf_trace_sched_process_exec+0x860/0x860 [ 388.383963] ? usercopy_warn+0x110/0x110 [ 388.388033] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 388.393569] __x64_sys_bpf+0x303/0x510 [ 388.397446] ? bpf_prog_get+0x20/0x20 [ 388.401265] do_syscall_64+0x1b9/0x820 [ 388.405160] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 388.410513] ? syscall_return_slowpath+0x5e0/0x5e0 [ 388.415528] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.420364] ? trace_hardirqs_on_caller+0x310/0x310 [ 388.425371] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 388.430401] ? prepare_exit_to_usermode+0x291/0x3b0 [ 388.435414] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.440258] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 388.445550] RIP: 0033:0x457519 [ 388.448739] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 388.467631] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 388.475867] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 388.483131] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 12:15:37 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x195) [ 388.490392] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 388.497666] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 388.504931] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:37 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005000ba84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:37 executing program 3 (fault-call:1 fault-nth:56): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 388.578758] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 388.645088] IPv6: NLM_F_CREATE should be specified when creating new route [ 388.660593] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 388.667153] IPv6: NLM_F_CREATE should be set when creating new route [ 388.673007] FAULT_INJECTION: forcing a failure. [ 388.673007] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 388.673700] IPv6: NLM_F_CREATE should be set when creating new route 12:15:37 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000584302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:37 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xd2) [ 388.685566] CPU: 0 PID: 20518 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 388.692023] IPv6: NLM_F_CREATE should be set when creating new route [ 388.700459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.700466] Call Trace: [ 388.700489] dump_stack+0x244/0x3ab [ 388.716395] ? dump_stack_print_info.cold.2+0x52/0x52 [ 388.716414] ? perf_trace_lock_acquire+0x501/0x800 [ 388.716443] should_fail.cold.4+0xa/0x17 [ 388.732736] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 388.732754] ? lock_acquire+0x1ed/0x520 [ 388.745887] ? pcpu_alloc+0xbc9/0x15d0 [ 388.749819] ? perf_trace_run_bpf_submit+0x267/0x330 [ 388.754947] ? mark_held_locks+0x130/0x130 [ 388.759293] ? perf_tp_event+0xc20/0xc20 [ 388.763386] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 388.768952] ? fs_reclaim_acquire+0x20/0x20 [ 388.773292] ? lock_downgrade+0x900/0x900 [ 388.777460] ? lock_release+0xa10/0xa10 [ 388.781446] ? perf_trace_sched_process_exec+0x860/0x860 [ 388.786909] ? __switch_to_asm+0x40/0x70 [ 388.790979] ? __switch_to_asm+0x34/0x70 [ 388.795067] ? __might_sleep+0x95/0x190 [ 388.799073] __alloc_pages_nodemask+0x34b/0xdd0 [ 388.803760] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 388.809335] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 388.814373] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 388.819520] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 388.824127] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 388.829691] ? pcpu_alloc+0x4f4/0x15d0 [ 388.833701] ? lock_downgrade+0x900/0x900 [ 388.837869] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 388.842903] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 388.848450] ? find_next_bit+0x104/0x130 [ 388.852546] pcpu_populate_chunk+0xf9/0x910 [ 388.856878] ? find_next_bit+0x104/0x130 [ 388.860985] pcpu_alloc+0xe14/0x15d0 [ 388.864733] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 388.869505] ? fs_reclaim_acquire+0x20/0x20 [ 388.873848] ? lock_downgrade+0x900/0x900 [ 388.878026] ? trace_hardirqs_on+0xbd/0x310 [ 388.882364] ? __kmalloc_node+0x3c/0x70 [ 388.886356] ? kasan_unpoison_shadow+0x35/0x50 [ 388.890951] ? kasan_kmalloc+0xc7/0xe0 [ 388.894862] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 388.900178] ? kasan_unpoison_shadow+0x35/0x50 [ 388.904814] ? perf_trace_sched_process_exec+0x860/0x860 [ 388.910292] __alloc_percpu_gfp+0x27/0x30 [ 388.914463] array_map_alloc+0x46c/0x5f0 [ 388.918548] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 388.923839] map_create+0x3bd/0x1100 [ 388.927575] ? bpf_map_new_fd+0x70/0x70 [ 388.931565] ? __might_fault+0x12b/0x1e0 [ 388.935832] ? lock_downgrade+0x900/0x900 [ 388.940095] ? lock_release+0xa10/0xa10 [ 388.944097] ? perf_trace_sched_process_exec+0x860/0x860 [ 388.949571] ? usercopy_warn+0x110/0x110 [ 388.953677] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 388.959234] __x64_sys_bpf+0x303/0x510 [ 388.963134] ? bpf_prog_get+0x20/0x20 [ 388.966977] do_syscall_64+0x1b9/0x820 [ 388.970879] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 388.976263] ? syscall_return_slowpath+0x5e0/0x5e0 [ 388.981286] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.986143] ? trace_hardirqs_on_caller+0x310/0x310 [ 388.991172] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 388.996217] ? prepare_exit_to_usermode+0x291/0x3b0 [ 389.001249] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.006199] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 389.011480] RIP: 0033:0x457519 [ 389.014682] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 389.033588] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 12:15:38 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60051000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 389.041402] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 389.048706] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 389.056007] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 389.063284] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 389.070562] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 389.085135] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:38 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84802910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:38 executing program 3 (fault-call:1 fault-nth:57): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 389.120478] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:38 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x1c9) 12:15:38 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050200a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 389.170701] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 389.181255] FAULT_INJECTION: forcing a failure. [ 389.181255] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:38 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a80a02910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 389.258675] CPU: 0 PID: 20534 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 389.267238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.276610] Call Trace: [ 389.279230] dump_stack+0x244/0x3ab [ 389.282880] ? dump_stack_print_info.cold.2+0x52/0x52 [ 389.288225] ? perf_trace_lock_acquire+0x501/0x800 [ 389.293183] ? perf_trace_run_bpf_submit+0x267/0x330 [ 389.298316] should_fail.cold.4+0xa/0x17 [ 389.302401] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 389.307521] ? lock_acquire+0x1ed/0x520 [ 389.311517] ? pcpu_alloc+0xbc9/0x15d0 [ 389.315434] ? check_preemption_disabled+0x48/0x200 [ 389.320484] ? perf_trace_run_bpf_submit+0x267/0x330 [ 389.325615] ? mark_held_locks+0x130/0x130 [ 389.329877] ? perf_tp_event+0xc20/0xc20 [ 389.333950] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.339506] ? fs_reclaim_acquire+0x20/0x20 [ 389.343841] ? lock_downgrade+0x900/0x900 [ 389.348003] ? lock_release+0xa10/0xa10 [ 389.351991] ? perf_trace_sched_process_exec+0x860/0x860 [ 389.357472] ? __might_sleep+0x95/0x190 [ 389.361472] __alloc_pages_nodemask+0x34b/0xdd0 [ 389.366153] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.371707] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 389.376769] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 389.381800] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 389.386395] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 389.391957] ? pcpu_alloc+0x4f4/0x15d0 [ 389.395854] ? lock_downgrade+0x900/0x900 [ 389.400015] ? __sanitizer_cov_trace_cmp8+0x18/0x20 12:15:38 executing program 5: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050012a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:38 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 389.405065] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 389.410697] ? find_next_bit+0x104/0x130 [ 389.414812] pcpu_populate_chunk+0xf9/0x910 [ 389.419142] ? find_next_bit+0x104/0x130 [ 389.419173] pcpu_alloc+0xe14/0x15d0 [ 389.419207] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 389.431705] ? fs_reclaim_acquire+0x20/0x20 [ 389.436053] ? lock_downgrade+0x900/0x900 [ 389.440235] ? trace_hardirqs_on+0xbd/0x310 [ 389.444582] ? __kmalloc_node+0x3c/0x70 [ 389.448812] ? kasan_unpoison_shadow+0x35/0x50 [ 389.453411] ? kasan_kmalloc+0xc7/0xe0 [ 389.457322] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 389.462616] ? kasan_unpoison_shadow+0x35/0x50 [ 389.467227] ? perf_trace_sched_process_exec+0x860/0x860 [ 389.472706] __alloc_percpu_gfp+0x27/0x30 [ 389.476992] array_map_alloc+0x46c/0x5f0 [ 389.481072] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 389.486352] map_create+0x3bd/0x1100 [ 389.490093] ? bpf_map_new_fd+0x70/0x70 [ 389.494061] ? __might_fault+0x12b/0x1e0 [ 389.498111] ? lock_downgrade+0x900/0x900 [ 389.502272] ? lock_release+0xa10/0xa10 [ 389.506271] ? perf_trace_sched_process_exec+0x860/0x860 [ 389.511821] ? usercopy_warn+0x110/0x110 [ 389.515908] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 389.521449] __x64_sys_bpf+0x303/0x510 [ 389.525331] ? bpf_prog_get+0x20/0x20 [ 389.529157] do_syscall_64+0x1b9/0x820 [ 389.533063] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 389.538417] ? syscall_return_slowpath+0x5e0/0x5e0 [ 389.543465] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.548298] ? trace_hardirqs_on_caller+0x310/0x310 [ 389.553302] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 389.558305] ? prepare_exit_to_usermode+0x291/0x3b0 [ 389.563317] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.568154] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 389.573462] RIP: 0033:0x457519 [ 389.576653] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 389.595542] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 389.603241] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 389.610508] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 389.617774] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 389.625031] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 389.632298] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 389.643715] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:38 executing program 3 (fault-call:1 fault-nth:58): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:38 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005000aa84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 389.654759] IPv6: NLM_F_CREATE should be specified when creating new route [ 389.663468] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 389.670024] IPv6: NLM_F_CREATE should be set when creating new route [ 389.676529] IPv6: NLM_F_CREATE should be set when creating new route [ 389.683095] IPv6: NLM_F_CREATE should be set when creating new route [ 389.717814] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 389.725053] FAULT_INJECTION: forcing a failure. [ 389.725053] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 389.737251] IPv6: NLM_F_CREATE should be specified when creating new route [ 389.745330] CPU: 1 PID: 20558 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 389.753854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.763294] Call Trace: [ 389.763320] dump_stack+0x244/0x3ab [ 389.763348] ? dump_stack_print_info.cold.2+0x52/0x52 [ 389.763366] ? perf_trace_lock_acquire+0x501/0x800 [ 389.763389] ? perf_trace_run_bpf_submit+0x267/0x330 [ 389.784752] should_fail.cold.4+0xa/0x17 [ 389.788924] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 389.794107] ? lock_acquire+0x1ed/0x520 [ 389.798077] ? pcpu_alloc+0xbc9/0x15d0 [ 389.801969] ? perf_trace_run_bpf_submit+0x267/0x330 [ 389.807095] ? mark_held_locks+0x130/0x130 [ 389.811328] ? perf_tp_event+0xc20/0xc20 [ 389.815381] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.820918] ? fs_reclaim_acquire+0x20/0x20 [ 389.825233] ? lock_downgrade+0x900/0x900 [ 389.829385] ? lock_release+0xa10/0xa10 [ 389.833371] ? perf_trace_sched_process_exec+0x860/0x860 [ 389.838838] ? __might_sleep+0x95/0x190 [ 389.842898] __alloc_pages_nodemask+0x34b/0xdd0 [ 389.847659] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.853199] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 389.858256] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 389.863283] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 389.867889] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 389.873444] ? pcpu_alloc+0x4f4/0x15d0 [ 389.877341] ? lock_downgrade+0x900/0x900 [ 389.881480] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 389.886490] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 389.892018] ? find_next_bit+0x104/0x130 [ 389.896080] pcpu_populate_chunk+0xf9/0x910 [ 389.900408] ? find_next_bit+0x104/0x130 [ 389.904470] pcpu_alloc+0xe14/0x15d0 [ 389.908186] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 389.912932] ? fs_reclaim_acquire+0x20/0x20 [ 389.917244] ? lock_downgrade+0x900/0x900 [ 389.921397] ? trace_hardirqs_on+0xbd/0x310 [ 389.925716] ? __kmalloc_node+0x3c/0x70 [ 389.929705] ? kasan_unpoison_shadow+0x35/0x50 [ 389.934285] ? kasan_kmalloc+0xc7/0xe0 [ 389.938180] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 389.943452] ? kasan_unpoison_shadow+0x35/0x50 [ 389.948025] ? perf_trace_sched_process_exec+0x860/0x860 [ 389.953486] __alloc_percpu_gfp+0x27/0x30 [ 389.957628] array_map_alloc+0x46c/0x5f0 [ 389.961697] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 389.966970] map_create+0x3bd/0x1100 [ 389.970702] ? bpf_map_new_fd+0x70/0x70 [ 389.974677] ? __might_fault+0x12b/0x1e0 [ 389.978741] ? lock_downgrade+0x900/0x900 [ 389.982884] ? lock_release+0xa10/0xa10 [ 389.986848] ? perf_trace_sched_process_exec+0x860/0x860 [ 389.992310] ? usercopy_warn+0x110/0x110 [ 389.996384] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 390.001915] __x64_sys_bpf+0x303/0x510 [ 390.005790] ? bpf_prog_get+0x20/0x20 [ 390.009716] do_syscall_64+0x1b9/0x820 [ 390.013605] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 390.019055] ? syscall_return_slowpath+0x5e0/0x5e0 [ 390.023972] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.028809] ? trace_hardirqs_on_caller+0x310/0x310 [ 390.033815] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 390.038823] ? prepare_exit_to_usermode+0x291/0x3b0 [ 390.044239] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.049081] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 390.054258] RIP: 0033:0x457519 [ 390.057442] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 390.076349] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 390.084050] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 390.091322] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 390.098580] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 390.105840] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 12:15:38 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a82502910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:39 executing program 5: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050012a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 390.113109] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:39 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x0) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:39 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x209) 12:15:39 executing program 3 (fault-call:1 fault-nth:59): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 390.182706] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 390.189272] IPv6: NLM_F_CREATE should be set when creating new route [ 390.195873] IPv6: NLM_F_CREATE should be set when creating new route [ 390.202425] IPv6: NLM_F_CREATE should be set when creating new route [ 390.240069] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 390.246900] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 390.250079] FAULT_INJECTION: forcing a failure. [ 390.250079] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 390.267419] CPU: 1 PID: 20575 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 390.275932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.285294] Call Trace: [ 390.287894] dump_stack+0x244/0x3ab [ 390.291549] ? dump_stack_print_info.cold.2+0x52/0x52 [ 390.296788] ? perf_trace_lock_acquire+0x501/0x800 [ 390.301793] should_fail.cold.4+0xa/0x17 [ 390.305860] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 390.310975] ? lock_acquire+0x1ed/0x520 [ 390.311010] ? pcpu_alloc+0xbc9/0x15d0 [ 390.318857] ? perf_trace_run_bpf_submit+0x267/0x330 [ 390.318881] ? mark_held_locks+0x130/0x130 [ 390.318905] ? perf_tp_event+0xc20/0xc20 [ 390.332366] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 12:15:39 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84348910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:39 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84363910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:39 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430b910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 390.337934] ? fs_reclaim_acquire+0x20/0x20 [ 390.342284] ? lock_downgrade+0x900/0x900 [ 390.346467] ? lock_release+0xa10/0xa10 [ 390.350463] ? perf_trace_sched_process_exec+0x860/0x860 [ 390.355929] ? __switch_to_asm+0x40/0x70 [ 390.360039] ? __switch_to_asm+0x34/0x70 [ 390.364134] ? __might_sleep+0x95/0x190 [ 390.368142] __alloc_pages_nodemask+0x34b/0xdd0 [ 390.372836] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.378406] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 390.383449] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 390.388491] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 390.393192] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 390.398756] ? pcpu_alloc+0x4f4/0x15d0 [ 390.402673] ? lock_downgrade+0x900/0x900 [ 390.406853] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 390.412403] ? find_next_bit+0x104/0x130 [ 390.416491] pcpu_populate_chunk+0xf9/0x910 [ 390.420831] ? find_next_bit+0x104/0x130 [ 390.424921] pcpu_alloc+0xe14/0x15d0 [ 390.428680] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 390.433537] ? fs_reclaim_acquire+0x20/0x20 [ 390.437950] ? lock_downgrade+0x900/0x900 [ 390.442096] ? trace_hardirqs_on+0xbd/0x310 [ 390.446411] ? __kmalloc_node+0x3c/0x70 [ 390.450380] ? kasan_unpoison_shadow+0x35/0x50 [ 390.454970] ? kasan_kmalloc+0xc7/0xe0 [ 390.458854] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 390.464136] ? kasan_unpoison_shadow+0x35/0x50 [ 390.468716] ? perf_trace_sched_process_exec+0x860/0x860 [ 390.474164] __alloc_percpu_gfp+0x27/0x30 [ 390.478607] array_map_alloc+0x46c/0x5f0 [ 390.482667] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 390.488021] map_create+0x3bd/0x1100 [ 390.491728] ? bpf_map_new_fd+0x70/0x70 [ 390.495694] ? __might_fault+0x12b/0x1e0 [ 390.499743] ? lock_downgrade+0x900/0x900 [ 390.503878] ? lock_release+0xa10/0xa10 [ 390.507836] ? perf_trace_sched_process_exec+0x860/0x860 [ 390.513273] ? usercopy_warn+0x110/0x110 [ 390.517331] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 390.522857] __x64_sys_bpf+0x303/0x510 [ 390.526730] ? bpf_prog_get+0x20/0x20 [ 390.530551] do_syscall_64+0x1b9/0x820 [ 390.534424] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 390.539793] ? syscall_return_slowpath+0x5e0/0x5e0 [ 390.544710] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.549557] ? trace_hardirqs_on_caller+0x310/0x310 [ 390.554570] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 390.559572] ? prepare_exit_to_usermode+0x291/0x3b0 [ 390.564583] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.569417] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 390.574759] RIP: 0033:0x457519 12:15:39 executing program 5: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050005a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:39 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050280a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 390.577955] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 390.596964] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 390.604666] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 390.611928] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 390.619196] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 390.626447] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 390.633718] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:39 executing program 3 (fault-call:1 fault-nth:60): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 390.662249] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 390.691319] IPv6: NLM_F_CREATE should be specified when creating new route [ 390.705515] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:39 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84303910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 390.712090] IPv6: NLM_F_CREATE should be set when creating new route [ 390.718649] IPv6: NLM_F_CREATE should be set when creating new route [ 390.725191] IPv6: NLM_F_CREATE should be set when creating new route [ 390.731650] FAULT_INJECTION: forcing a failure. [ 390.731650] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 390.754977] CPU: 0 PID: 20593 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 390.763499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.768612] IPv6: NLM_F_CREATE should be specified when creating new route [ 390.772850] Call Trace: [ 390.772874] dump_stack+0x244/0x3ab [ 390.772897] ? dump_stack_print_info.cold.2+0x52/0x52 [ 390.791274] ? perf_trace_lock_acquire+0x501/0x800 [ 390.796207] should_fail.cold.4+0xa/0x17 [ 390.800265] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 390.805423] ? lock_acquire+0x1ed/0x520 [ 390.809390] ? pcpu_alloc+0xbc9/0x15d0 [ 390.813275] ? perf_trace_run_bpf_submit+0x267/0x330 [ 390.818375] ? mark_held_locks+0x130/0x130 [ 390.822609] ? perf_tp_event+0xc20/0xc20 [ 390.826671] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.832242] ? fs_reclaim_acquire+0x20/0x20 [ 390.836569] ? lock_downgrade+0x900/0x900 [ 390.840719] ? lock_release+0xa10/0xa10 [ 390.844681] ? perf_trace_sched_process_exec+0x860/0x860 [ 390.850117] ? __switch_to_asm+0x40/0x70 [ 390.854168] ? __switch_to_asm+0x34/0x70 [ 390.858222] ? __might_sleep+0x95/0x190 [ 390.862206] __alloc_pages_nodemask+0x34b/0xdd0 [ 390.866866] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.872395] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 390.877434] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 390.882441] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 390.887010] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 390.892583] ? pcpu_alloc+0x4f4/0x15d0 [ 390.896472] ? lock_downgrade+0x900/0x900 [ 390.900635] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 390.906161] ? find_next_bit+0x104/0x130 [ 390.910220] pcpu_populate_chunk+0xf9/0x910 [ 390.914527] ? find_next_bit+0x104/0x130 [ 390.918585] pcpu_alloc+0xe14/0x15d0 [ 390.922305] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 390.927066] ? fs_reclaim_acquire+0x20/0x20 [ 390.931372] ? lock_downgrade+0x900/0x900 [ 390.935513] ? trace_hardirqs_on+0xbd/0x310 [ 390.939820] ? __kmalloc_node+0x3c/0x70 [ 390.943782] ? kasan_unpoison_shadow+0x35/0x50 [ 390.948350] ? kasan_kmalloc+0xc7/0xe0 [ 390.952237] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 390.957501] ? kasan_unpoison_shadow+0x35/0x50 [ 390.962098] ? perf_trace_sched_process_exec+0x860/0x860 [ 390.967540] __alloc_percpu_gfp+0x27/0x30 [ 390.971673] array_map_alloc+0x46c/0x5f0 [ 390.975723] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 390.981003] map_create+0x3bd/0x1100 [ 390.984720] ? bpf_map_new_fd+0x70/0x70 [ 390.988683] ? __might_fault+0x12b/0x1e0 [ 390.992732] ? lock_downgrade+0x900/0x900 [ 390.996867] ? lock_release+0xa10/0xa10 [ 391.000827] ? perf_trace_sched_process_exec+0x860/0x860 [ 391.006273] ? usercopy_warn+0x110/0x110 [ 391.010341] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 391.015867] __x64_sys_bpf+0x303/0x510 [ 391.019740] ? bpf_prog_get+0x20/0x20 [ 391.023542] do_syscall_64+0x1b9/0x820 [ 391.027415] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 391.032783] ? syscall_return_slowpath+0x5e0/0x5e0 [ 391.037700] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.042541] ? trace_hardirqs_on_caller+0x310/0x310 [ 391.047550] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 391.052562] ? prepare_exit_to_usermode+0x291/0x3b0 [ 391.057581] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.062424] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 391.067611] RIP: 0033:0x457519 [ 391.070839] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 391.089726] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 391.097422] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 391.104683] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 12:15:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x198) [ 391.111938] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 391.119202] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 391.126467] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 391.153741] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:40 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a600500fca84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:40 executing program 4: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60140000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 391.160310] IPv6: NLM_F_CREATE should be set when creating new route [ 391.166877] IPv6: NLM_F_CREATE should be set when creating new route [ 391.173438] IPv6: NLM_F_CREATE should be set when creating new route 12:15:40 executing program 3 (fault-call:1 fault-nth:61): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 391.209980] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 391.231375] IPv6: NLM_F_CREATE should be specified when creating new route [ 391.246133] FAULT_INJECTION: forcing a failure. [ 391.246133] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:40 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84310910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 391.258949] CPU: 1 PID: 20609 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 391.267460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.276833] Call Trace: [ 391.279439] dump_stack+0x244/0x3ab [ 391.283078] ? dump_stack_print_info.cold.2+0x52/0x52 [ 391.283103] ? perf_trace_lock_acquire+0x501/0x800 [ 391.293204] should_fail.cold.4+0xa/0x17 [ 391.293226] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 391.293244] ? check_preemption_disabled+0x48/0x200 [ 391.307404] ? memset+0x31/0x40 [ 391.310709] ? perf_trace_run_bpf_submit+0x267/0x330 [ 391.315831] ? perf_trace_lock_acquire+0x501/0x800 [ 391.320756] ? mark_held_locks+0x130/0x130 [ 391.324998] ? perf_tp_event+0xc20/0xc20 [ 391.329050] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.334583] ? fs_reclaim_acquire+0x20/0x20 [ 391.338893] ? lock_downgrade+0x900/0x900 [ 391.343030] ? lock_release+0xa10/0xa10 [ 391.347010] ? perf_trace_sched_process_exec+0x860/0x860 [ 391.352728] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 391.357318] ? __might_sleep+0x95/0x190 [ 391.361313] __alloc_pages_nodemask+0x34b/0xdd0 [ 391.366067] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.371710] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 391.376720] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 391.381732] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 391.386304] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 391.391834] ? pcpu_alloc+0x4f4/0x15d0 [ 391.395735] ? lock_downgrade+0x900/0x900 [ 391.399878] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 391.405402] ? find_next_bit+0x104/0x130 [ 391.409469] pcpu_populate_chunk+0xf9/0x910 [ 391.413865] ? find_next_bit+0x104/0x130 [ 391.417918] pcpu_alloc+0xe14/0x15d0 [ 391.421652] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 391.426405] ? fs_reclaim_acquire+0x20/0x20 [ 391.430826] ? lock_downgrade+0x900/0x900 [ 391.435057] ? trace_hardirqs_on+0xbd/0x310 [ 391.439367] ? __kmalloc_node+0x3c/0x70 [ 391.443383] ? kasan_unpoison_shadow+0x35/0x50 [ 391.447977] ? kasan_kmalloc+0xc7/0xe0 [ 391.451873] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 391.457228] ? kasan_unpoison_shadow+0x35/0x50 [ 391.461809] ? perf_trace_sched_process_exec+0x860/0x860 [ 391.467254] __alloc_percpu_gfp+0x27/0x30 [ 391.471394] array_map_alloc+0x46c/0x5f0 [ 391.475445] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 391.480709] map_create+0x3bd/0x1100 [ 391.484417] ? bpf_map_new_fd+0x70/0x70 [ 391.488384] ? __might_fault+0x12b/0x1e0 [ 391.492447] ? lock_downgrade+0x900/0x900 [ 391.496598] ? lock_release+0xa10/0xa10 [ 391.500569] ? perf_trace_sched_process_exec+0x860/0x860 [ 391.506121] ? usercopy_warn+0x110/0x110 [ 391.510184] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 391.515723] __x64_sys_bpf+0x303/0x510 [ 391.519609] ? bpf_prog_get+0x20/0x20 [ 391.523432] do_syscall_64+0x1b9/0x820 [ 391.527304] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 391.532655] ? syscall_return_slowpath+0x5e0/0x5e0 [ 391.537575] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.542418] ? trace_hardirqs_on_caller+0x310/0x310 [ 391.547431] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 391.552545] ? prepare_exit_to_usermode+0x291/0x3b0 [ 391.557573] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.562512] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 391.567914] RIP: 0033:0x457519 [ 391.571169] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 391.590144] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 391.597847] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:40 executing program 5: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050005a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 391.605105] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 391.612364] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 391.619621] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 391.626880] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 391.643576] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 391.650166] IPv6: NLM_F_CREATE should be set when creating new route 12:15:40 executing program 3 (fault-call:1 fault-nth:62): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:40 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050013a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x39b) 12:15:40 executing program 4 (fault-call:11 fault-nth:0): r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 391.656682] IPv6: NLM_F_CREATE should be set when creating new route [ 391.663239] IPv6: NLM_F_CREATE should be set when creating new route [ 391.671674] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 391.678240] IPv6: NLM_F_CREATE should be set when creating new route [ 391.684922] IPv6: NLM_F_CREATE should be set when creating new route [ 391.696070] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:40 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84314910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 391.774530] FAULT_INJECTION: forcing a failure. [ 391.774530] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 391.790256] IPv6: NLM_F_CREATE should be specified when creating new route [ 391.801374] CPU: 1 PID: 20624 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 391.809904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.819360] Call Trace: [ 391.821984] dump_stack+0x244/0x3ab [ 391.825666] ? dump_stack_print_info.cold.2+0x52/0x52 [ 391.830916] ? perf_trace_lock_acquire+0x501/0x800 [ 391.835874] should_fail.cold.4+0xa/0x17 [ 391.839959] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 391.845080] ? lock_acquire+0x1ed/0x520 [ 391.849079] ? pcpu_alloc+0xbc9/0x15d0 [ 391.852998] ? perf_trace_run_bpf_submit+0x267/0x330 [ 391.858111] ? perf_trace_lock_acquire+0x501/0x800 [ 391.863064] ? mark_held_locks+0x130/0x130 [ 391.867327] ? perf_tp_event+0xc20/0xc20 [ 391.871403] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.876964] ? fs_reclaim_acquire+0x20/0x20 [ 391.881289] ? lock_downgrade+0x900/0x900 [ 391.885450] ? lock_release+0xa10/0xa10 [ 391.889414] ? perf_trace_sched_process_exec+0x860/0x860 [ 391.894859] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 391.899440] ? __might_sleep+0x95/0x190 [ 391.903424] __alloc_pages_nodemask+0x34b/0xdd0 [ 391.908084] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.913711] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 391.918735] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 391.923771] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 391.928360] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 391.933893] ? pcpu_alloc+0x4f4/0x15d0 [ 391.937793] ? lock_downgrade+0x900/0x900 [ 391.941944] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 391.946969] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 391.952689] ? find_next_bit+0x104/0x130 [ 391.956751] pcpu_populate_chunk+0xf9/0x910 [ 391.961102] ? find_next_bit+0x104/0x130 [ 391.965184] pcpu_alloc+0xe14/0x15d0 [ 391.968899] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 391.973671] ? fs_reclaim_acquire+0x20/0x20 [ 391.977984] ? lock_downgrade+0x900/0x900 [ 391.982127] ? trace_hardirqs_on+0xbd/0x310 [ 391.986438] ? __kmalloc_node+0x3c/0x70 [ 391.990422] ? kasan_unpoison_shadow+0x35/0x50 [ 391.995001] ? kasan_kmalloc+0xc7/0xe0 [ 391.998891] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 392.004157] ? kasan_unpoison_shadow+0x35/0x50 [ 392.008751] ? perf_trace_sched_process_exec+0x860/0x860 [ 392.014197] __alloc_percpu_gfp+0x27/0x30 [ 392.018339] array_map_alloc+0x46c/0x5f0 [ 392.022409] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 392.027687] map_create+0x3bd/0x1100 [ 392.031417] ? bpf_map_new_fd+0x70/0x70 [ 392.035412] ? __might_fault+0x12b/0x1e0 [ 392.039484] ? lock_downgrade+0x900/0x900 [ 392.043657] ? lock_release+0xa10/0xa10 [ 392.047635] ? perf_trace_sched_process_exec+0x860/0x860 [ 392.053080] ? usercopy_warn+0x110/0x110 [ 392.057147] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 392.062697] __x64_sys_bpf+0x303/0x510 [ 392.066576] ? bpf_prog_get+0x20/0x20 [ 392.070382] do_syscall_64+0x1b9/0x820 [ 392.074257] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 392.079607] ? syscall_return_slowpath+0x5e0/0x5e0 [ 392.084550] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.089397] ? trace_hardirqs_on_caller+0x310/0x310 [ 392.094507] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 392.099527] ? prepare_exit_to_usermode+0x291/0x3b0 [ 392.104542] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.109381] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 392.114560] RIP: 0033:0x457519 [ 392.117777] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 392.136784] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 392.144491] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 392.151749] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 392.159093] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 392.166352] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 12:15:41 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x60ea, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000180)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) getsockname(r0, &(0x7f00000000c0)=@ethernet={0x0, @remote}, &(0x7f0000000140)=0x80) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000840)="2f67726f75702e73746174003c23fb572a1f0294e6f378b41ad54b4d9d9a1f63f8785ad188a7e1c88875e05b18a4cb3a9cd12dcea440d899c22c652b3a471b4a7fa2f3fdf6e034d804e5f0df4b1dee483b157624c59c0100e89e6a357c001400", 0x2761, 0x0) write$cgroup_int(r1, &(0x7f0000000080), 0x297ef) [ 392.173608] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 392.183899] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 392.190492] IPv6: NLM_F_CREATE should be set when creating new route [ 392.197018] IPv6: NLM_F_CREATE should be set when creating new route [ 392.203546] IPv6: NLM_F_CREATE should be set when creating new route [ 392.216140] FAULT_INJECTION: forcing a failure. 12:15:41 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84309910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 392.216140] name failslab, interval 1, probability 0, space 0, times 0 [ 392.227635] CPU: 1 PID: 20628 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 392.236141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.245507] Call Trace: [ 392.248111] dump_stack+0x244/0x3ab [ 392.251746] ? dump_stack_print_info.cold.2+0x52/0x52 [ 392.251772] should_fail.cold.4+0xa/0x17 [ 392.251792] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 392.261021] ? perf_trace_lock+0x7a0/0x7a0 [ 392.261056] ? fs_reclaim_acquire+0x20/0x20 12:15:41 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029101ab003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 392.261073] ? lock_downgrade+0x900/0x900 [ 392.278841] ? perf_trace_sched_process_exec+0x860/0x860 [ 392.284305] ? lock_release+0xa10/0xa10 [ 392.288289] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 392.293853] __should_failslab+0x124/0x180 [ 392.298095] should_failslab+0x9/0x14 [ 392.301913] kmem_cache_alloc+0x2be/0x730 [ 392.306069] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 392.310209] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 392.311611] ? _copy_from_user+0xdf/0x150 [ 392.311633] io_submit_one+0x1a2/0xf80 12:15:41 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910013003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 392.311650] ? aio_poll+0x1420/0x1420 [ 392.311670] ? __might_fault+0x12b/0x1e0 [ 392.334034] ? lock_downgrade+0x900/0x900 [ 392.338193] ? lock_release+0xa10/0xa10 [ 392.342171] ? perf_trace_sched_process_exec+0x860/0x860 [ 392.345216] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 392.347632] ? __fsnotify_parent+0xcc/0x420 [ 392.347662] __x64_sys_io_submit+0x1b7/0x580 [ 392.347683] ? __ia32_sys_io_destroy+0x580/0x580 [ 392.367638] ? trace_hardirqs_on+0xbd/0x310 [ 392.371966] ? __ia32_sys_read+0xb0/0xb0 12:15:41 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000000300090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:41 executing program 3 (fault-call:1 fault-nth:63): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 392.376035] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 392.381410] ? trace_hardirqs_off_caller+0x300/0x300 [ 392.386527] do_syscall_64+0x1b9/0x820 [ 392.390419] ? __ia32_sys_io_destroy+0x580/0x580 [ 392.395202] ? do_syscall_64+0x1b9/0x820 [ 392.399269] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 392.404644] ? syscall_return_slowpath+0x5e0/0x5e0 [ 392.409588] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.414451] ? trace_hardirqs_on_caller+0x310/0x310 [ 392.419482] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 392.419498] ? prepare_exit_to_usermode+0x291/0x3b0 [ 392.419516] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.429518] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 392.429531] RIP: 0033:0x457519 [ 392.429546] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 392.429557] RSP: 002b:00007f9acddfcc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 392.469498] RAX: ffffffffffffffda RBX: 00007f9acddfcc90 RCX: 0000000000457519 12:15:41 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050600a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 392.477092] RDX: 0000000020000540 RSI: 0000000000000001 RDI: 00007f9acddbb000 [ 392.484346] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 392.491596] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9acddfd6d4 [ 392.498957] R13: 00000000004be6e0 R14: 00000000004ce320 R15: 0000000000000008 [ 392.514106] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. 12:15:41 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x76) 12:15:41 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000004800090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 392.563189] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 392.570871] FAULT_INJECTION: forcing a failure. [ 392.570871] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:41 executing program 5: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400000400200) socketpair$inet(0x2, 0x7, 0x8, &(0x7f0000001680)={0xffffffffffffffff}) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000003e40)={{0x2, 0x4e22, @local}, {0xdccedff59cd06cc7, @broadcast}, 0x44, {0x2, 0x4e21, @broadcast}, 'syzkaller1\x00'}) clock_adjtime(0x0, &(0x7f0000000180)={0x73db, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x26bd}) recvmmsg(r0, &(0x7f0000003bc0)=[{{&(0x7f0000000040)=@nfc, 0x80, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/20, 0x14}], 0x1, 0x0, 0x0, 0x80000000}, 0x9}, {{&(0x7f0000000280)=@can, 0x80, &(0x7f0000000480)=[{&(0x7f0000000300)=""/185, 0xb9}, {&(0x7f0000000140)=""/25, 0x19}, {&(0x7f00000003c0)=""/149, 0x95}], 0x3, &(0x7f00000004c0)=""/72, 0x48, 0xfc2}, 0x8}, {{&(0x7f0000000540)=@alg, 0x80, &(0x7f0000001640)=[{&(0x7f00000005c0)=""/85, 0x55}, {&(0x7f0000000640)=""/4096, 0x1000}], 0x2, &(0x7f0000001680), 0x0, 0x7fff}, 0xfffffffffffff001}, {{&(0x7f00000016c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000001e80)=[{&(0x7f0000001740)=""/184, 0xb8}, {&(0x7f0000001800)=""/87, 0x57}, {&(0x7f0000001880)=""/210, 0xd2}, {&(0x7f0000001980)=""/148, 0x94}, {&(0x7f0000001a40)=""/35, 0x23}, {&(0x7f0000001a80)=""/140, 0x8c}, {&(0x7f0000001b40)=""/120, 0x78}, {&(0x7f0000001bc0)=""/227, 0xe3}, {&(0x7f0000001cc0)=""/164, 0xa4}, {&(0x7f0000001d80)=""/246, 0xf6}], 0xa, &(0x7f0000001f40)=""/4096, 0x1000, 0x3}, 0x40}, {{&(0x7f0000002f40)=@nfc, 0x80, &(0x7f0000003180)=[{&(0x7f0000002fc0)=""/250, 0xfa}, {&(0x7f00000030c0)=""/135, 0x87}], 0x2, &(0x7f00000031c0)=""/139, 0x8b, 0xffffffff}, 0x5}, {{&(0x7f0000003280)=@pppoe={0x18, 0x0, {0x0, @link_local}}, 0x80, &(0x7f0000003500)=[{&(0x7f0000003300)=""/147, 0x93}, {&(0x7f00000033c0)=""/19, 0x13}, {&(0x7f0000003400)=""/227, 0xe3}], 0x3, &(0x7f0000003540)=""/122, 0x7a, 0x8}, 0x6}, {{&(0x7f00000035c0)=@l2, 0x80, &(0x7f0000003680)=[{&(0x7f0000003640)}], 0x1, &(0x7f00000036c0)=""/103, 0x67, 0x4}, 0x3ff}, {{&(0x7f0000003740)=@l2, 0x80, &(0x7f0000003b40)=[{&(0x7f00000037c0)=""/159, 0x9f}, {&(0x7f0000003880)=""/113, 0x71}, {&(0x7f0000003900)=""/118, 0x76}, {&(0x7f0000003980)=""/53, 0x35}, {&(0x7f00000039c0)=""/167, 0xa7}, {&(0x7f0000003a80)}, {&(0x7f0000003ac0)=""/128, 0x80}], 0x7, 0x0, 0x0, 0x970}, 0x8}], 0x8, 0x100, 0x0) getsockopt$bt_BT_POWER(r2, 0x112, 0x9, &(0x7f0000003dc0)=0x1, &(0x7f0000003e00)=0x1) [ 392.606923] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 392.620918] CPU: 1 PID: 20657 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 392.629529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.638974] Call Trace: [ 392.641575] dump_stack+0x244/0x3ab [ 392.645761] ? dump_stack_print_info.cold.2+0x52/0x52 [ 392.650987] ? debug_smp_processor_id+0x1c/0x20 [ 392.655783] ? perf_trace_lock_acquire+0x15b/0x800 [ 392.660725] ? perf_trace_sched_process_exec+0x860/0x860 [ 392.666166] should_fail.cold.4+0xa/0x17 [ 392.670220] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 392.670238] ? lock_acquire+0x1ed/0x520 [ 392.670256] ? pcpu_alloc+0xbc9/0x15d0 [ 392.679298] ? perf_trace_lock_acquire+0x15b/0x800 [ 392.679314] ? lock_release+0xa10/0xa10 [ 392.679331] ? perf_trace_sched_process_exec+0x860/0x860 [ 392.697501] ? mark_held_locks+0x130/0x130 [ 392.701756] ? fs_reclaim_acquire+0x20/0x20 [ 392.706077] ? lock_downgrade+0x900/0x900 [ 392.710228] ? lock_release+0xa10/0xa10 [ 392.714195] ? perf_trace_sched_process_exec+0x860/0x860 [ 392.719641] ? __might_sleep+0x95/0x190 [ 392.723612] __alloc_pages_nodemask+0x34b/0xdd0 [ 392.728271] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.733803] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 392.738821] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 392.743932] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 392.748516] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 392.754046] ? pcpu_alloc+0x4f4/0x15d0 [ 392.757924] ? lock_downgrade+0x900/0x900 [ 392.762059] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 392.767081] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 392.772604] ? find_next_bit+0x104/0x130 [ 392.776659] pcpu_populate_chunk+0xf9/0x910 [ 392.780971] ? find_next_bit+0x104/0x130 [ 392.785025] pcpu_alloc+0xe14/0x15d0 [ 392.788733] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 392.793590] ? fs_reclaim_acquire+0x20/0x20 [ 392.797916] ? lock_downgrade+0x900/0x900 [ 392.802140] ? trace_hardirqs_on+0xbd/0x310 [ 392.806455] ? __kmalloc_node+0x3c/0x70 [ 392.810445] ? kasan_unpoison_shadow+0x35/0x50 [ 392.815018] ? kasan_kmalloc+0xc7/0xe0 [ 392.819015] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 392.824276] ? kasan_unpoison_shadow+0x35/0x50 [ 392.828847] ? perf_trace_sched_process_exec+0x860/0x860 [ 392.834305] __alloc_percpu_gfp+0x27/0x30 [ 392.838475] array_map_alloc+0x46c/0x5f0 [ 392.842533] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 392.847796] map_create+0x3bd/0x1100 [ 392.851498] ? bpf_map_new_fd+0x70/0x70 [ 392.855548] ? __might_fault+0x12b/0x1e0 [ 392.859616] ? lock_downgrade+0x900/0x900 [ 392.863757] ? lock_release+0xa10/0xa10 [ 392.867718] ? perf_trace_sched_process_exec+0x860/0x860 [ 392.873163] ? usercopy_warn+0x110/0x110 [ 392.877221] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 392.882748] __x64_sys_bpf+0x303/0x510 [ 392.886633] ? bpf_prog_get+0x20/0x20 [ 392.890435] do_syscall_64+0x1b9/0x820 [ 392.894313] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 392.899677] ? syscall_return_slowpath+0x5e0/0x5e0 [ 392.904593] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.909432] ? trace_hardirqs_on_caller+0x310/0x310 [ 392.914441] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 392.919447] ? prepare_exit_to_usermode+0x291/0x3b0 [ 392.924457] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.929379] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 392.934554] RIP: 0033:0x457519 [ 392.937734] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 12:15:42 executing program 4 (fault-call:11 fault-nth:1): r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:42 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050040a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 392.956622] RSP: 002b:00007f6d2a361c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 392.964320] RAX: ffffffffffffffda RBX: 00007f6d2a361c90 RCX: 0000000000457519 [ 392.971578] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 392.978840] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 392.986100] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3626d4 [ 392.993353] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:42 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291fec0003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 393.037558] IPv6: NLM_F_CREATE should be specified when creating new route [ 393.049843] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 393.056417] IPv6: NLM_F_CREATE should be set when creating new route [ 393.062985] IPv6: NLM_F_CREATE should be set when creating new route [ 393.069587] IPv6: NLM_F_CREATE should be set when creating new route 12:15:42 executing program 3 (fault-call:1 fault-nth:64): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 393.083688] FAULT_INJECTION: forcing a failure. [ 393.083688] name failslab, interval 1, probability 0, space 0, times 0 [ 393.111599] FAULT_INJECTION: forcing a failure. [ 393.111599] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 393.129687] CPU: 0 PID: 20682 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 393.138241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.147638] Call Trace: [ 393.150235] dump_stack+0x244/0x3ab [ 393.153890] ? dump_stack_print_info.cold.2+0x52/0x52 [ 393.159091] ? perf_trace_lock_acquire+0x501/0x800 [ 393.164017] ? perf_trace_run_bpf_submit+0x267/0x330 [ 393.169116] should_fail.cold.4+0xa/0x17 [ 393.173173] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 393.178264] ? lock_acquire+0x1ed/0x520 [ 393.182252] ? pcpu_alloc+0xbc9/0x15d0 [ 393.186134] ? check_preemption_disabled+0x48/0x200 [ 393.191146] ? perf_trace_run_bpf_submit+0x267/0x330 [ 393.196240] ? mark_held_locks+0x130/0x130 [ 393.200469] ? perf_tp_event+0xc20/0xc20 [ 393.204518] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.210052] ? fs_reclaim_acquire+0x20/0x20 [ 393.214366] ? lock_downgrade+0x900/0x900 [ 393.218510] ? lock_release+0xa10/0xa10 [ 393.222479] ? perf_trace_sched_process_exec+0x860/0x860 [ 393.227950] ? __might_sleep+0x95/0x190 [ 393.231917] __alloc_pages_nodemask+0x34b/0xdd0 [ 393.236585] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.242139] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 393.247153] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 393.252165] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 393.256738] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 393.262276] ? pcpu_alloc+0x4f4/0x15d0 [ 393.266156] ? lock_downgrade+0x900/0x900 [ 393.270297] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 393.275412] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 393.280937] ? find_next_bit+0x104/0x130 [ 393.284999] pcpu_populate_chunk+0xf9/0x910 [ 393.289321] ? find_next_bit+0x104/0x130 [ 393.293377] pcpu_alloc+0xe14/0x15d0 [ 393.297100] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 393.301844] ? fs_reclaim_acquire+0x20/0x20 [ 393.306157] ? lock_downgrade+0x900/0x900 [ 393.310307] ? trace_hardirqs_on+0xbd/0x310 [ 393.314621] ? __kmalloc_node+0x3c/0x70 [ 393.318586] ? kasan_unpoison_shadow+0x35/0x50 [ 393.323160] ? kasan_kmalloc+0xc7/0xe0 [ 393.327042] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 393.332306] ? kasan_unpoison_shadow+0x35/0x50 [ 393.336881] ? perf_trace_sched_process_exec+0x860/0x860 [ 393.342333] __alloc_percpu_gfp+0x27/0x30 [ 393.346475] array_map_alloc+0x46c/0x5f0 [ 393.350544] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 393.355807] map_create+0x3bd/0x1100 [ 393.359515] ? bpf_map_new_fd+0x70/0x70 [ 393.363487] ? __might_fault+0x12b/0x1e0 [ 393.367538] ? lock_downgrade+0x900/0x900 [ 393.371681] ? lock_release+0xa10/0xa10 [ 393.375665] ? perf_trace_sched_process_exec+0x860/0x860 [ 393.381124] ? usercopy_warn+0x110/0x110 [ 393.385198] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 393.390748] __x64_sys_bpf+0x303/0x510 [ 393.394623] ? bpf_prog_get+0x20/0x20 [ 393.398436] do_syscall_64+0x1b9/0x820 [ 393.402333] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 393.407687] ? syscall_return_slowpath+0x5e0/0x5e0 [ 393.412611] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.417443] ? trace_hardirqs_on_caller+0x310/0x310 [ 393.422473] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 393.427482] ? prepare_exit_to_usermode+0x291/0x3b0 [ 393.432491] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.437328] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 393.442505] RIP: 0033:0x457519 [ 393.445691] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 393.464687] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 393.472396] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 393.479652] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 12:15:42 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005f000a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 393.486909] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 393.494166] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 393.501426] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 393.508830] CPU: 1 PID: 20676 Comm: syz-executor4 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 393.517432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.517437] Call Trace: [ 393.517456] dump_stack+0x244/0x3ab [ 393.517477] ? dump_stack_print_info.cold.2+0x52/0x52 12:15:42 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910f00003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 393.538302] should_fail.cold.4+0xa/0x17 [ 393.538317] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 393.538333] ? debug_smp_processor_id+0x1c/0x20 [ 393.552143] ? alloc_set_pte+0xdee/0x1f40 [ 393.556304] ? do_swap_page+0x3660/0x3660 [ 393.560452] ? perf_trace_lock_acquire+0x15b/0x800 [ 393.565421] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 393.570964] ? mark_held_locks+0x130/0x130 [ 393.575203] ? filemap_map_pages+0xd11/0x19b0 [ 393.579701] ? lock_downgrade+0x900/0x900 [ 393.583854] ? perf_trace_sched_process_exec+0x860/0x860 [ 393.589323] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 393.594275] __should_failslab+0x124/0x180 [ 393.598514] should_failslab+0x9/0x14 [ 393.602407] kmem_cache_alloc+0x2be/0x730 [ 393.606569] jbd2__journal_start+0x1e7/0xa80 [ 393.610982] ? perf_trace_sched_process_exec+0x860/0x860 [ 393.616428] ? jbd2_write_access_granted.part.8+0x410/0x410 [ 393.622144] ? __might_sleep+0x95/0x190 [ 393.626105] ? check_preemption_disabled+0x48/0x200 [ 393.631110] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.636635] __ext4_journal_start_sb+0x1a0/0x5e0 [ 393.641481] ? ext4_dirty_inode+0x62/0xc0 [ 393.645616] ? ext4_journal_abort_handle.isra.5+0x260/0x260 [ 393.651309] ? perf_trace_lock+0x7a0/0x7a0 [ 393.655538] ? ext4_xattr_get+0x1a8/0xb30 [ 393.659668] ? lock_downgrade+0x900/0x900 [ 393.663801] ? ext4_setattr+0x28e0/0x28e0 [ 393.667936] ext4_dirty_inode+0x62/0xc0 [ 393.671901] __mark_inode_dirty+0x7b9/0x1500 [ 393.676296] ? __inode_attach_wb+0x13f0/0x13f0 [ 393.680877] ? kasan_check_write+0x14/0x20 [ 393.685112] ? up_read+0x225/0x2c0 [ 393.688634] ? down_read+0x8d/0x120 [ 393.692243] ? current_time+0x72/0x1b0 [ 393.696114] ? lock_downgrade+0x900/0x900 [ 393.700271] ? trace_hardirqs_on+0xbd/0x310 [ 393.704590] ? current_time+0x72/0x1b0 [ 393.708462] ? trace_hardirqs_off_caller+0x300/0x300 [ 393.713546] ? ext4_xattr_ibody_get+0x620/0x620 [ 393.718203] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 393.723305] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 393.728477] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.734011] ? timespec64_trunc+0xea/0x180 [ 393.738228] ? inode_init_owner+0x340/0x340 [ 393.742540] generic_update_time+0x26a/0x450 [ 393.746933] ? file_remove_privs+0x540/0x540 [ 393.751326] ? timespec64_trunc+0x180/0x180 [ 393.755640] ? preempt_count_add+0x7d/0x160 [ 393.759952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.765484] ? mnt_clone_write+0x11d/0x150 [ 393.769703] ? file_remove_privs+0x540/0x540 [ 393.774189] file_update_time+0x390/0x640 [ 393.778321] ? current_time+0x1b0/0x1b0 [ 393.782372] ? iov_iter_alignment+0x1ef/0xb60 [ 393.786858] ? generic_write_checks+0x382/0x5d0 [ 393.791520] ? ext4_file_write_iter+0x2a1/0x1420 [ 393.796283] __generic_file_write_iter+0x1dc/0x630 [ 393.801201] ext4_file_write_iter+0x390/0x1420 [ 393.805769] ? __fget+0x4d1/0x740 [ 393.809212] ? ext4_file_mmap+0x410/0x410 [ 393.813357] ? lock_acquire+0x1ed/0x520 [ 393.817328] ? aio_write+0x4e1/0x610 [ 393.821033] ? aio_write+0x4ce/0x610 [ 393.824735] ? lock_downgrade+0x900/0x900 [ 393.828875] ? perf_trace_lock+0x7a0/0x7a0 [ 393.833106] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.838628] ? check_preemption_disabled+0x48/0x200 [ 393.843736] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.849260] ? __sb_start_write+0x1b2/0x370 [ 393.853568] aio_write+0x3b1/0x610 [ 393.857099] ? aio_complete_rw+0x640/0x640 [ 393.861321] ? lock_downgrade+0x900/0x900 [ 393.865482] ? lock_downgrade+0x900/0x900 [ 393.869622] ? lock_release+0xa10/0xa10 [ 393.873591] io_submit_one+0xaa1/0xf80 [ 393.877569] ? aio_poll+0x1420/0x1420 [ 393.881361] ? __might_fault+0x12b/0x1e0 [ 393.885407] ? lock_downgrade+0x900/0x900 [ 393.889543] ? perf_trace_sched_process_exec+0x860/0x860 [ 393.894975] ? __fsnotify_parent+0xcc/0x420 [ 393.899290] __x64_sys_io_submit+0x1b7/0x580 [ 393.903697] ? __ia32_sys_io_destroy+0x580/0x580 [ 393.908440] ? trace_hardirqs_on+0xbd/0x310 [ 393.912746] ? __ia32_sys_read+0xb0/0xb0 [ 393.916794] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 393.922141] ? trace_hardirqs_off_caller+0x300/0x300 [ 393.927237] do_syscall_64+0x1b9/0x820 [ 393.931214] ? __ia32_sys_io_destroy+0x580/0x580 [ 393.935959] ? do_syscall_64+0x1b9/0x820 [ 393.940008] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 393.945360] ? syscall_return_slowpath+0x5e0/0x5e0 [ 393.950284] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.955115] ? trace_hardirqs_on_caller+0x310/0x310 [ 393.960117] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 393.965123] ? prepare_exit_to_usermode+0x291/0x3b0 [ 393.970144] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.974984] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 393.980155] RIP: 0033:0x457519 [ 393.983342] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 394.002224] RSP: 002b:00007f9acddfcc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 394.009914] RAX: ffffffffffffffda RBX: 00007f9acddfcc90 RCX: 0000000000457519 [ 394.017182] RDX: 0000000020000540 RSI: 0000000000000001 RDI: 00007f9acdddc000 [ 394.024434] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 394.031686] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9acddfd6d4 12:15:43 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x1c7) 12:15:43 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050300a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 394.038940] R13: 00000000004be6e0 R14: 00000000004ce320 R15: 0000000000000008 [ 394.053531] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:43 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291fc00003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:43 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005c0fea84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 394.113381] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 394.138100] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:43 executing program 3 (fault-call:1 fault-nth:65): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:43 executing program 5: clone(0x4000000010004, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r0 = msgget$private(0x0, 0x0) msgrcv(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00cde491a71135881af85eb0438098dc0cee0bdc02931f56cb1fa46a3af75a3e0ca57d8fed6dadd5ba72f73c29214486d7027d985579a15863db747591b9f4aa2ecf6097891d3b1415b8e00a250eb84c5362e16619f8da2236f6c1031c943566126b8e49c35af7977f6784c2031a55a9000000000000000000000000"], 0x30, 0x0, 0x800) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000200)) clock_nanosleep(0x9, 0x2, &(0x7f0000000000)={0x0, 0x1c9c380}, &(0x7f0000000040)) [ 394.163861] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 394.237640] FAULT_INJECTION: forcing a failure. [ 394.237640] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 394.249961] CPU: 0 PID: 20709 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 394.258476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.267947] Call Trace: [ 394.267973] dump_stack+0x244/0x3ab [ 394.268000] ? dump_stack_print_info.cold.2+0x52/0x52 [ 394.274189] ? perf_trace_lock_acquire+0x501/0x800 [ 394.274216] ? perf_trace_run_bpf_submit+0x267/0x330 [ 394.289546] should_fail.cold.4+0xa/0x17 [ 394.293642] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 394.298752] ? lock_acquire+0x1ed/0x520 [ 394.302736] ? pcpu_alloc+0xbc9/0x15d0 [ 394.306614] ? check_preemption_disabled+0x48/0x200 [ 394.311628] ? perf_trace_run_bpf_submit+0x267/0x330 [ 394.316813] ? mark_held_locks+0x130/0x130 [ 394.321150] ? perf_tp_event+0xc20/0xc20 [ 394.325200] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.330727] ? fs_reclaim_acquire+0x20/0x20 [ 394.335033] ? lock_downgrade+0x900/0x900 [ 394.339186] ? lock_release+0xa10/0xa10 [ 394.343180] ? perf_trace_sched_process_exec+0x860/0x860 [ 394.348646] ? __might_sleep+0x95/0x190 [ 394.352630] __alloc_pages_nodemask+0x34b/0xdd0 [ 394.357295] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.362839] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 394.367857] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 394.372862] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 394.377431] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 394.382997] ? pcpu_alloc+0x4f4/0x15d0 [ 394.386869] ? lock_downgrade+0x900/0x900 [ 394.391000] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 394.396003] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 394.401553] ? find_next_bit+0x104/0x130 [ 394.405615] pcpu_populate_chunk+0xf9/0x910 [ 394.410042] ? find_next_bit+0x104/0x130 [ 394.414096] pcpu_alloc+0xe14/0x15d0 [ 394.417821] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 394.422574] ? fs_reclaim_acquire+0x20/0x20 [ 394.426894] ? lock_downgrade+0x900/0x900 [ 394.431034] ? trace_hardirqs_on+0xbd/0x310 [ 394.435344] ? __kmalloc_node+0x3c/0x70 [ 394.439315] ? kasan_unpoison_shadow+0x35/0x50 [ 394.443889] ? kasan_kmalloc+0xc7/0xe0 [ 394.447794] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 394.453058] ? kasan_unpoison_shadow+0x35/0x50 [ 394.457646] ? perf_trace_sched_process_exec+0x860/0x860 [ 394.463089] __alloc_percpu_gfp+0x27/0x30 [ 394.467321] array_map_alloc+0x46c/0x5f0 [ 394.471388] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 394.476664] map_create+0x3bd/0x1100 [ 394.480392] ? bpf_map_new_fd+0x70/0x70 [ 394.484378] ? __might_fault+0x12b/0x1e0 [ 394.488428] ? lock_downgrade+0x900/0x900 [ 394.492653] ? lock_release+0xa10/0xa10 [ 394.496612] ? perf_trace_sched_process_exec+0x860/0x860 [ 394.502048] ? usercopy_warn+0x110/0x110 [ 394.506127] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 394.511663] __x64_sys_bpf+0x303/0x510 [ 394.515541] ? bpf_prog_get+0x20/0x20 [ 394.519350] do_syscall_64+0x1b9/0x820 [ 394.523228] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 394.528585] ? syscall_return_slowpath+0x5e0/0x5e0 [ 394.533503] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.538337] ? trace_hardirqs_on_caller+0x310/0x310 [ 394.543345] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 394.548370] ? prepare_exit_to_usermode+0x291/0x3b0 [ 394.553381] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.558219] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 394.563396] RIP: 0033:0x457519 [ 394.566581] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 394.585472] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 394.593192] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 394.600457] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 394.607717] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 394.615061] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 394.622318] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:43 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:43 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910006003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:43 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050020a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:43 executing program 5: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r1 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r0, 0x6) connect$inet(r1, &(0x7f0000000180)={0x2, 0x8000000000004e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) sendto$inet(r1, &(0x7f0000000140)="9d", 0x1, 0x0, &(0x7f00000001c0), 0x10) r2 = socket$inet6(0xa, 0x80000, 0x800000000000002) ioctl(r2, 0x8912, &(0x7f0000000000)="153f6234488dd25d766070") r3 = accept(r0, 0x0, &(0x7f0000000080)=0x3cb) close(r3) 12:15:43 executing program 3 (fault-call:1 fault-nth:66): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:43 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xa) [ 394.725723] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 394.735319] FAULT_INJECTION: forcing a failure. [ 394.735319] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 394.738411] IPv6: NLM_F_CREATE should be specified when creating new route [ 394.757228] CPU: 1 PID: 20728 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 394.765802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 12:15:43 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029180fe003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 394.775202] Call Trace: [ 394.777836] dump_stack+0x244/0x3ab [ 394.781499] ? dump_stack_print_info.cold.2+0x52/0x52 [ 394.786725] ? perf_trace_lock_acquire+0x501/0x800 [ 394.791689] ? perf_trace_run_bpf_submit+0x267/0x330 [ 394.796941] should_fail.cold.4+0xa/0x17 [ 394.801057] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 394.806193] ? lock_acquire+0x1ed/0x520 [ 394.810204] ? pcpu_alloc+0xbc9/0x15d0 [ 394.814134] ? check_preemption_disabled+0x48/0x200 [ 394.816156] dccp_close: ABORT with 1 bytes unread [ 394.819174] ? perf_trace_run_bpf_submit+0x267/0x330 [ 394.819201] ? mark_held_locks+0x130/0x130 [ 394.833367] ? perf_tp_event+0xc20/0xc20 [ 394.837454] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.843144] ? fs_reclaim_acquire+0x20/0x20 [ 394.847473] ? lock_downgrade+0x900/0x900 [ 394.851617] ? lock_release+0xa10/0xa10 [ 394.855675] ? perf_trace_sched_process_exec+0x860/0x860 [ 394.861124] ? __might_sleep+0x95/0x190 [ 394.865287] __alloc_pages_nodemask+0x34b/0xdd0 [ 394.869971] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.875529] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 394.880548] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 394.885568] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 394.890160] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 394.895742] ? pcpu_alloc+0x4f4/0x15d0 [ 394.899651] ? lock_downgrade+0x900/0x900 [ 394.903829] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 394.908847] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 394.914376] ? find_next_bit+0x104/0x130 [ 394.918439] pcpu_populate_chunk+0xf9/0x910 [ 394.922760] ? find_next_bit+0x104/0x130 [ 394.926844] pcpu_alloc+0xe14/0x15d0 [ 394.930593] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 394.935343] ? fs_reclaim_acquire+0x20/0x20 [ 394.939655] ? lock_downgrade+0x900/0x900 [ 394.943804] ? trace_hardirqs_on+0xbd/0x310 [ 394.948118] ? __kmalloc_node+0x3c/0x70 [ 394.952087] ? kasan_unpoison_shadow+0x35/0x50 [ 394.956659] ? kasan_kmalloc+0xc7/0xe0 [ 394.960573] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 394.965846] ? kasan_unpoison_shadow+0x35/0x50 [ 394.970427] ? perf_trace_sched_process_exec+0x860/0x860 [ 394.975900] __alloc_percpu_gfp+0x27/0x30 [ 394.980047] array_map_alloc+0x46c/0x5f0 [ 394.984106] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 394.989401] map_create+0x3bd/0x1100 [ 394.993121] ? bpf_map_new_fd+0x70/0x70 [ 394.997092] ? __might_fault+0x12b/0x1e0 [ 395.001150] ? lock_downgrade+0x900/0x900 [ 395.005314] ? lock_release+0xa10/0xa10 [ 395.009280] ? perf_trace_sched_process_exec+0x860/0x860 [ 395.014722] ? usercopy_warn+0x110/0x110 [ 395.018799] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 395.024333] __x64_sys_bpf+0x303/0x510 [ 395.028222] ? bpf_prog_get+0x20/0x20 [ 395.032046] do_syscall_64+0x1b9/0x820 [ 395.035939] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 395.041323] ? syscall_return_slowpath+0x5e0/0x5e0 [ 395.046258] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.051102] ? trace_hardirqs_on_caller+0x310/0x310 [ 395.056121] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 395.061133] ? prepare_exit_to_usermode+0x291/0x3b0 [ 395.066168] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.071022] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 395.076214] RIP: 0033:0x457519 [ 395.079415] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 395.098390] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 395.106100] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 395.113377] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 12:15:44 executing program 5: setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000100)="84e618c56edd3c093b5eb3b4ff470a5cdf15f3e66323", 0x16) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000280)="153f62") clone(0x10020002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="153f2234488dd25d766070") sendto$inet6(0xffffffffffffffff, &(0x7f0000000140)="fffc50a440589ff69e9c61583d637e33fb74a623", 0x14, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000040)={0x0, 0x34, 0x7, @tid=0xffffffffffffffff}, &(0x7f0000000180)=0x0) timer_gettime(r1, &(0x7f00000001c0)) add_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0), &(0x7f0000000100), 0x390, 0xfffffffffffffffb) recvfrom(0xffffffffffffffff, &(0x7f0000f9cf9b)=""/101, 0xffffff24, 0x122, 0x0, 0x4f) [ 395.120648] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 395.127917] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 395.135187] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 395.144988] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 395.151564] IPv6: NLM_F_CREATE should be set when creating new route [ 395.151603] IPv6: NLM_F_CREATE should be set when creating new route [ 395.164590] IPv6: NLM_F_CREATE should be set when creating new route 12:15:44 executing program 5: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r0, 0x8912, &(0x7f00000000c0)="153f6234488dd25d766070") syz_emit_ethernet(0x2e, &(0x7f0000000000)=ANY=[@ANYBLOB="1180c20000000000007c49f1cf80e2231290862b3b0fa50000008100000008060006080006040006000000001414bbaaaaaaaaaa00ac1414bb000000"], &(0x7f0000000040)={0x0, 0x5, [0x0, 0xe18]}) 12:15:44 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910e00003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:44 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050006a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:44 executing program 3 (fault-call:1 fault-nth:67): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 395.176650] Option ' ' to dns_resolver key: bad/missing value [ 395.187331] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 395.253753] IPv6: NLM_F_CREATE should be specified when creating new route [ 395.264804] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 395.271873] IPv6: NLM_F_CREATE should be set when creating new route [ 395.278414] IPv6: NLM_F_CREATE should be set when creating new route [ 395.284932] IPv6: NLM_F_CREATE should be set when creating new route [ 395.295797] FAULT_INJECTION: forcing a failure. 12:15:44 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x730000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 395.295797] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 395.322925] CPU: 0 PID: 20757 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 395.331453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.340828] Call Trace: [ 395.343451] dump_stack+0x244/0x3ab [ 395.347106] ? dump_stack_print_info.cold.2+0x52/0x52 12:15:44 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a600500f0a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:44 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xaa) 12:15:44 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0xfff, 0x408000) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000200)=ANY=[@ANYBLOB="01cf85ef4aba733f3670"], 0x2) r1 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x5, 0x2000) ioctl$KDSETLED(r1, 0x4b32, 0x0) r2 = syz_open_dev$rtc(&(0x7f0000000100)='/dev/rtc#\x00', 0x0, 0x0) ioctl$RTC_RD_TIME(r2, 0x40247007, &(0x7f0000000140)) [ 395.352316] ? perf_trace_lock_acquire+0x501/0x800 [ 395.357280] ? perf_trace_run_bpf_submit+0x267/0x330 [ 395.362424] should_fail.cold.4+0xa/0x17 [ 395.366515] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 395.371654] ? lock_acquire+0x1ed/0x520 [ 395.375814] ? pcpu_alloc+0xbc9/0x15d0 [ 395.379727] ? check_preemption_disabled+0x48/0x200 [ 395.384765] ? perf_trace_run_bpf_submit+0x267/0x330 [ 395.389909] ? mark_held_locks+0x130/0x130 [ 395.394177] ? perf_tp_event+0xc20/0xc20 [ 395.398274] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.403845] ? fs_reclaim_acquire+0x20/0x20 [ 395.408237] ? lock_downgrade+0x900/0x900 [ 395.412416] ? lock_release+0xa10/0xa10 [ 395.416427] ? perf_trace_sched_process_exec+0x860/0x860 [ 395.421917] ? __might_sleep+0x95/0x190 [ 395.425923] __alloc_pages_nodemask+0x34b/0xdd0 [ 395.430618] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.436205] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 395.441284] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 395.446320] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 395.447856] IPv6: NLM_F_CREATE should be specified when creating new route [ 395.450918] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 395.450944] ? pcpu_alloc+0x4f4/0x15d0 [ 395.467378] ? lock_downgrade+0x900/0x900 [ 395.471685] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 395.476742] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 395.482271] ? find_next_bit+0x104/0x130 [ 395.486334] pcpu_populate_chunk+0xf9/0x910 [ 395.490659] ? find_next_bit+0x104/0x130 [ 395.494734] pcpu_alloc+0xe14/0x15d0 [ 395.498473] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 395.503229] ? fs_reclaim_acquire+0x20/0x20 [ 395.507553] ? lock_downgrade+0x900/0x900 [ 395.511727] ? trace_hardirqs_on+0xbd/0x310 [ 395.516060] ? __kmalloc_node+0x3c/0x70 [ 395.520040] ? kasan_unpoison_shadow+0x35/0x50 [ 395.524696] ? kasan_kmalloc+0xc7/0xe0 [ 395.528586] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 395.533854] ? kasan_unpoison_shadow+0x35/0x50 [ 395.538452] ? perf_trace_sched_process_exec+0x860/0x860 [ 395.543909] __alloc_percpu_gfp+0x27/0x30 [ 395.548064] array_map_alloc+0x46c/0x5f0 [ 395.552124] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 395.557409] map_create+0x3bd/0x1100 [ 395.561144] ? bpf_map_new_fd+0x70/0x70 [ 395.565137] ? __might_fault+0x12b/0x1e0 [ 395.569224] ? lock_downgrade+0x900/0x900 [ 395.573367] ? lock_release+0xa10/0xa10 [ 395.577335] ? perf_trace_sched_process_exec+0x860/0x860 [ 395.582789] ? usercopy_warn+0x110/0x110 [ 395.586862] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 395.592401] __x64_sys_bpf+0x303/0x510 [ 395.596282] ? bpf_prog_get+0x20/0x20 [ 395.600114] do_syscall_64+0x1b9/0x820 [ 395.603997] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 395.609352] ? syscall_return_slowpath+0x5e0/0x5e0 [ 395.614274] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.619145] ? trace_hardirqs_on_caller+0x310/0x310 [ 395.624186] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 395.629217] ? prepare_exit_to_usermode+0x291/0x3b0 [ 395.634258] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.639111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 395.644296] RIP: 0033:0x457519 [ 395.647484] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 395.666394] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 395.674129] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 395.681581] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 395.688862] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 395.696126] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 12:15:44 executing program 3 (fault-call:1 fault-nth:68): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:44 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050a00a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 395.703382] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 395.715100] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 395.721790] IPv6: NLM_F_CREATE should be set when creating new route [ 395.728286] IPv6: NLM_F_CREATE should be set when creating new route [ 395.734794] IPv6: NLM_F_CREATE should be set when creating new route 12:15:44 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910b00003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:44 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291ab01003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:44 executing program 5: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x200803, 0x0) r1 = getpid() getpriority(0x2, r1) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x1c, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0xfff, @mcast1, 0x4}]}, &(0x7f00000001c0)=0x10) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000200)={r2, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x16}}}, 0x10001, 0x1ff, 0x401, 0xde6, 0x41}, &(0x7f00000002c0)=0x98) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f00000000c0)={0x0, @in={{0x2, 0x0, @rand_addr}}}, &(0x7f0000000180)=0x84) [ 395.775744] FAULT_INJECTION: forcing a failure. [ 395.775744] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 395.853921] CPU: 1 PID: 20775 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 395.862555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.871919] Call Trace: [ 395.874525] dump_stack+0x244/0x3ab [ 395.878191] ? dump_stack_print_info.cold.2+0x52/0x52 [ 395.883399] ? perf_trace_lock_acquire+0x501/0x800 [ 395.888349] ? perf_trace_run_bpf_submit+0x267/0x330 [ 395.893479] should_fail.cold.4+0xa/0x17 [ 395.897565] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 395.902679] ? lock_acquire+0x1ed/0x520 [ 395.906668] ? pcpu_alloc+0xbc9/0x15d0 [ 395.910591] ? check_preemption_disabled+0x48/0x200 [ 395.915626] ? perf_trace_run_bpf_submit+0x267/0x330 [ 395.920726] ? mark_held_locks+0x130/0x130 [ 395.924970] ? perf_tp_event+0xc20/0xc20 [ 395.929107] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.934663] ? fs_reclaim_acquire+0x20/0x20 [ 395.938978] ? lock_downgrade+0x900/0x900 [ 395.943226] ? lock_release+0xa10/0xa10 [ 395.947287] ? perf_trace_sched_process_exec+0x860/0x860 [ 395.952736] ? __might_sleep+0x95/0x190 [ 395.956716] __alloc_pages_nodemask+0x34b/0xdd0 [ 395.961380] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.966919] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 395.971932] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 395.976950] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 395.981526] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 395.987075] ? pcpu_alloc+0x4f4/0x15d0 [ 395.990971] ? lock_downgrade+0x900/0x900 [ 395.995124] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 396.000136] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 396.005764] ? find_next_bit+0x104/0x130 [ 396.009830] pcpu_populate_chunk+0xf9/0x910 [ 396.014154] ? find_next_bit+0x104/0x130 [ 396.018220] pcpu_alloc+0xe14/0x15d0 [ 396.021939] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 396.026689] ? fs_reclaim_acquire+0x20/0x20 [ 396.031000] ? lock_downgrade+0x900/0x900 [ 396.035153] ? trace_hardirqs_on+0xbd/0x310 [ 396.039468] ? __kmalloc_node+0x3c/0x70 [ 396.043444] ? kasan_unpoison_shadow+0x35/0x50 [ 396.048020] ? kasan_kmalloc+0xc7/0xe0 [ 396.051910] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 396.057186] ? kasan_unpoison_shadow+0x35/0x50 [ 396.061766] ? perf_trace_sched_process_exec+0x860/0x860 [ 396.067218] __alloc_percpu_gfp+0x27/0x30 [ 396.071366] array_map_alloc+0x46c/0x5f0 [ 396.075426] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 396.080699] map_create+0x3bd/0x1100 [ 396.084411] ? bpf_map_new_fd+0x70/0x70 [ 396.088388] ? __might_fault+0x12b/0x1e0 [ 396.092447] ? lock_downgrade+0x900/0x900 [ 396.096688] ? lock_release+0xa10/0xa10 [ 396.100673] ? perf_trace_sched_process_exec+0x860/0x860 [ 396.106119] ? usercopy_warn+0x110/0x110 [ 396.110199] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 396.115739] __x64_sys_bpf+0x303/0x510 [ 396.119637] ? bpf_prog_get+0x20/0x20 [ 396.123471] do_syscall_64+0x1b9/0x820 [ 396.127353] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 396.132730] ? syscall_return_slowpath+0x5e0/0x5e0 [ 396.137654] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.142498] ? trace_hardirqs_on_caller+0x310/0x310 [ 396.147510] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 396.152524] ? prepare_exit_to_usermode+0x291/0x3b0 [ 396.157542] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.162483] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 396.167668] RIP: 0033:0x457519 [ 396.170854] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 396.189744] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 396.197447] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:45 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x3b8) [ 396.204707] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 396.211986] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 396.219246] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 396.226507] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:45 executing program 5: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x2301c0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x26, 0x0, 0x0, 0x50d, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xba, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0xffffffffffffffff, r0, 0x0) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000200)) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)) shmget$private(0x0, 0x2000, 0x54001100, &(0x7f0000ffb000/0x2000)=nil) shmat(0x0, &(0x7f0000ffb000/0x1000)=nil, 0x5000) getegid() lsetxattr$security_ima(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='security.ima\x00', &(0x7f0000000280)=@ng={0x4, 0xa, "b7cf471cc7471b8f"}, 0xa, 0x2) mlockall(0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x2010, r0, 0x0) 12:15:45 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291f000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 396.278718] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 396.368987] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:45 executing program 5: ioctl$TCGETA(0xffffffffffffffff, 0x5405, &(0x7f0000000200)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x20000000) r1 = socket$inet6(0xa, 0x6, 0x402) connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = accept4(r0, &(0x7f00004d4000)=@nl=@proc, &(0x7f0000000000)=0x80, 0x0) setsockopt$inet6_int(r2, 0x29, 0x33, &(0x7f0000000040)=0x100000000001f, 0x87) sendmmsg(r2, &(0x7f0000003d40)=[{{&(0x7f0000001b00)=@l2, 0x80, &(0x7f0000001d00), 0x0, &(0x7f0000001d40)}}, {{&(0x7f0000002300)=@nl, 0x80, &(0x7f0000003740), 0x0, &(0x7f00000037c0)}}], 0x4000000000001eb, 0x0) 12:15:45 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050f00a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:45 executing program 3 (fault-call:1 fault-nth:69): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:45 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100fc003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:45 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x930000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 396.641744] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 396.660589] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:45 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100ff003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:45 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) lsetxattr$trusted_overlay_opaque(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.opaque\x00', &(0x7f0000000080)='y\x00', 0x2, 0x2) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) r1 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendto(r1, &(0x7f0000000200), 0x20020, 0x0, &(0x7f00000002c0)=@ethernet={0x0, @remote}, 0x80) 12:15:45 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005000fa84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:45 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000a003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 396.689202] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 396.715230] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 396.779601] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 396.786382] IPv6: NLM_F_CREATE should be specified when creating new route [ 396.800002] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 396.806533] IPv6: NLM_F_CREATE should be set when creating new route [ 396.813093] IPv6: NLM_F_CREATE should be set when creating new route [ 396.819622] IPv6: NLM_F_CREATE should be set when creating new route [ 396.854332] FAULT_INJECTION: forcing a failure. [ 396.854332] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 396.885942] CPU: 0 PID: 20839 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 396.894465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 12:15:45 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x251) 12:15:45 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302911000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:45 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050900a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:45 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) accept4$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, &(0x7f00000000c0)=0x1c, 0x807fc) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$inet(0x10, 0x3, 0x0) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000000)=0x3) read(r2, &(0x7f00000002c0)=""/233, 0xe9) sendmsg(r2, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000006000)="1b0000005200030f07fffd946fa283bc04eee6d87986c497271d85", 0x1b}], 0x1}, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) [ 396.894475] Call Trace: [ 396.894502] dump_stack+0x244/0x3ab [ 396.894530] ? dump_stack_print_info.cold.2+0x52/0x52 [ 396.894549] ? perf_trace_lock_acquire+0x501/0x800 [ 396.894575] ? perf_trace_run_bpf_submit+0x267/0x330 [ 396.894598] should_fail.cold.4+0xa/0x17 [ 396.894619] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 396.929524] ? lock_acquire+0x1ed/0x520 [ 396.929541] ? pcpu_alloc+0xbc9/0x15d0 [ 396.942589] ? check_preemption_disabled+0x48/0x200 [ 396.947649] ? perf_trace_run_bpf_submit+0x267/0x330 [ 396.952902] ? mark_held_locks+0x130/0x130 [ 396.952925] ? perf_tp_event+0xc20/0xc20 [ 396.952944] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.966752] ? fs_reclaim_acquire+0x20/0x20 [ 396.966772] ? lock_downgrade+0x900/0x900 [ 396.975258] ? lock_release+0xa10/0xa10 [ 396.979249] ? perf_trace_sched_process_exec+0x860/0x860 [ 396.984731] ? __might_sleep+0x95/0x190 [ 396.988736] __alloc_pages_nodemask+0x34b/0xdd0 [ 396.993423] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.998992] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 397.004039] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 397.009091] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 397.013713] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 397.019276] ? pcpu_alloc+0x4f4/0x15d0 [ 397.023186] ? lock_downgrade+0x900/0x900 [ 397.027350] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 397.032385] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.037939] ? find_next_bit+0x104/0x130 [ 397.042030] pcpu_populate_chunk+0xf9/0x910 [ 397.046389] ? find_next_bit+0x104/0x130 [ 397.050498] pcpu_alloc+0xe14/0x15d0 [ 397.054279] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 397.059046] ? fs_reclaim_acquire+0x20/0x20 [ 397.063402] ? lock_downgrade+0x900/0x900 [ 397.067593] ? trace_hardirqs_on+0xbd/0x310 [ 397.071936] ? __kmalloc_node+0x3c/0x70 [ 397.075935] ? kasan_unpoison_shadow+0x35/0x50 [ 397.080535] ? kasan_kmalloc+0xc7/0xe0 [ 397.084453] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 397.089744] ? kasan_unpoison_shadow+0x35/0x50 [ 397.094460] ? perf_trace_sched_process_exec+0x860/0x860 [ 397.099942] __alloc_percpu_gfp+0x27/0x30 [ 397.104115] array_map_alloc+0x46c/0x5f0 [ 397.108202] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 397.113514] map_create+0x3bd/0x1100 [ 397.117251] ? bpf_map_new_fd+0x70/0x70 [ 397.121255] ? __might_fault+0x12b/0x1e0 [ 397.125333] ? lock_downgrade+0x900/0x900 [ 397.129506] ? lock_release+0xa10/0xa10 [ 397.133500] ? perf_trace_sched_process_exec+0x860/0x860 [ 397.138967] ? usercopy_warn+0x110/0x110 [ 397.143083] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.148640] __x64_sys_bpf+0x303/0x510 [ 397.152542] ? bpf_prog_get+0x20/0x20 [ 397.156387] do_syscall_64+0x1b9/0x820 [ 397.160304] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 397.165688] ? syscall_return_slowpath+0x5e0/0x5e0 [ 397.170637] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.175501] ? trace_hardirqs_on_caller+0x310/0x310 [ 397.180539] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 397.185577] ? prepare_exit_to_usermode+0x291/0x3b0 [ 397.190621] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.195494] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 397.200686] RIP: 0033:0x457519 [ 397.203880] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 397.222916] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 397.230631] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 397.237895] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 397.245152] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 12:15:46 executing program 3 (fault-call:1 fault-nth:70): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:46 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050400a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 397.252409] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 397.259721] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 397.275680] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 397.289674] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:46 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910400003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 397.338505] FAULT_INJECTION: forcing a failure. [ 397.338505] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 397.375947] CPU: 0 PID: 20854 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 397.384501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.393862] Call Trace: [ 397.396448] dump_stack+0x244/0x3ab [ 397.400074] ? dump_stack_print_info.cold.2+0x52/0x52 [ 397.405356] ? perf_trace_lock_acquire+0x501/0x800 [ 397.410375] should_fail.cold.4+0xa/0x17 [ 397.414549] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 397.419655] ? lock_acquire+0x1ed/0x520 [ 397.423619] ? pcpu_alloc+0xbc9/0x15d0 [ 397.427507] ? perf_trace_run_bpf_submit+0x267/0x330 [ 397.432625] ? mark_held_locks+0x130/0x130 [ 397.436855] ? perf_tp_event+0xc20/0xc20 [ 397.440910] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.446445] ? fs_reclaim_acquire+0x20/0x20 [ 397.450759] ? lock_downgrade+0x900/0x900 [ 397.454901] ? lock_release+0xa10/0xa10 [ 397.458866] ? perf_trace_sched_process_exec+0x860/0x860 [ 397.464302] ? __switch_to_asm+0x40/0x70 [ 397.468370] ? __switch_to_asm+0x34/0x70 [ 397.472435] ? __might_sleep+0x95/0x190 [ 397.476406] __alloc_pages_nodemask+0x34b/0xdd0 [ 397.481071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.486621] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 397.491629] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 397.496736] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 397.501333] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 397.506866] ? pcpu_alloc+0x4f4/0x15d0 [ 397.510748] ? lock_downgrade+0x900/0x900 [ 397.514892] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.520423] ? find_next_bit+0x104/0x130 [ 397.524498] pcpu_populate_chunk+0xf9/0x910 [ 397.528810] ? find_next_bit+0x104/0x130 [ 397.532875] pcpu_alloc+0xe14/0x15d0 [ 397.536599] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 397.541362] ? fs_reclaim_acquire+0x20/0x20 [ 397.545676] ? lock_downgrade+0x900/0x900 [ 397.549831] ? trace_hardirqs_on+0xbd/0x310 [ 397.554160] ? __kmalloc_node+0x3c/0x70 [ 397.558128] ? kasan_unpoison_shadow+0x35/0x50 [ 397.562705] ? kasan_kmalloc+0xc7/0xe0 [ 397.566604] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 397.571874] ? kasan_unpoison_shadow+0x35/0x50 [ 397.576469] ? perf_trace_sched_process_exec+0x860/0x860 [ 397.581924] __alloc_percpu_gfp+0x27/0x30 [ 397.586071] array_map_alloc+0x46c/0x5f0 [ 397.590140] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 397.595413] map_create+0x3bd/0x1100 [ 397.599123] ? bpf_map_new_fd+0x70/0x70 [ 397.603093] ? __might_fault+0x12b/0x1e0 [ 397.607151] ? lock_downgrade+0x900/0x900 [ 397.611313] ? lock_release+0xa10/0xa10 [ 397.615276] ? perf_trace_sched_process_exec+0x860/0x860 [ 397.620719] ? usercopy_warn+0x110/0x110 [ 397.624816] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.630354] __x64_sys_bpf+0x303/0x510 [ 397.634239] ? bpf_prog_get+0x20/0x20 [ 397.638063] do_syscall_64+0x1b9/0x820 [ 397.641960] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 397.647320] ? syscall_return_slowpath+0x5e0/0x5e0 [ 397.652239] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.657176] ? trace_hardirqs_on_caller+0x310/0x310 [ 397.662187] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 397.667201] ? prepare_exit_to_usermode+0x291/0x3b0 [ 397.672218] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.677065] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 397.682252] RIP: 0033:0x457519 [ 397.685442] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 397.704332] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 397.712039] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 397.719304] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 397.726567] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 397.733826] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 397.741082] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 397.751068] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 397.762107] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:46 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910500003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:46 executing program 3 (fault-call:1 fault-nth:71): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:46 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x440800, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000300)={0x0, 0x0, 0x4, 0x0, [], [{0x7, 0x9, 0x0, 0x101, 0x200, 0x5}, {0x3, 0x4f948fa0, 0xffffffff, 0x6, 0x120000000000000, 0x9}], [[], [], [], []]}) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = inotify_init1(0x80000) r2 = getpid() fcntl$setown(r1, 0x8, r2) r3 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x10000) getpid() ioctl$BLKRAGET(r3, 0x1263, &(0x7f0000000200)) fcntl$getownex(r1, 0x10, &(0x7f00000002c0)={0x0, 0x0}) kcmp$KCMP_EPOLL_TFD(r4, r2, 0x3, 0xffffffffffffffff, &(0x7f0000000040)) syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x400, 0x408000) ioctl$BLKRAGET(r3, 0x1263, &(0x7f0000000080)) 12:15:46 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x31b) 12:15:46 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050009a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:47 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x7fffffffefff, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 398.000035] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 398.030812] IPv6: NLM_F_CREATE should be specified when creating new route [ 398.038822] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:47 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302916000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 398.045379] IPv6: NLM_F_CREATE should be set when creating new route [ 398.051923] IPv6: NLM_F_CREATE should be set when creating new route [ 398.058437] IPv6: NLM_F_CREATE should be set when creating new route [ 398.075138] FAULT_INJECTION: forcing a failure. [ 398.075138] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 398.100708] CPU: 0 PID: 20888 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 398.109224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.118574] Call Trace: [ 398.121160] dump_stack+0x244/0x3ab [ 398.124781] ? dump_stack_print_info.cold.2+0x52/0x52 [ 398.129957] ? debug_smp_processor_id+0x1c/0x20 [ 398.134620] ? perf_trace_lock_acquire+0x15b/0x800 [ 398.139537] should_fail.cold.4+0xa/0x17 [ 398.143671] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 398.148758] ? lock_acquire+0x1ed/0x520 [ 398.152805] ? pcpu_alloc+0xbc9/0x15d0 [ 398.156679] ? lock_release+0xa10/0xa10 [ 398.160636] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.166069] ? debug_smp_processor_id+0x1c/0x20 [ 398.170720] ? mark_held_locks+0x130/0x130 [ 398.174970] ? fs_reclaim_acquire+0x20/0x20 [ 398.179282] ? lock_downgrade+0x900/0x900 [ 398.183416] ? lock_release+0xa10/0xa10 [ 398.187372] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.192810] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 398.197381] ? __might_sleep+0x95/0x190 [ 398.201348] __alloc_pages_nodemask+0x34b/0xdd0 [ 398.206007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.211537] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 398.216547] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 398.221546] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 398.226113] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 398.231639] ? pcpu_alloc+0x4f4/0x15d0 [ 398.235512] ? lock_downgrade+0x900/0x900 [ 398.239644] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 398.244646] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.250168] ? find_next_bit+0x104/0x130 [ 398.254231] pcpu_populate_chunk+0xf9/0x910 [ 398.258541] ? find_next_bit+0x104/0x130 [ 398.262621] pcpu_alloc+0xe14/0x15d0 [ 398.266339] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 398.271077] ? fs_reclaim_acquire+0x20/0x20 [ 398.275384] ? lock_downgrade+0x900/0x900 [ 398.279523] ? trace_hardirqs_on+0xbd/0x310 [ 398.283828] ? __kmalloc_node+0x3c/0x70 [ 398.287800] ? kasan_unpoison_shadow+0x35/0x50 [ 398.292367] ? kasan_kmalloc+0xc7/0xe0 [ 398.296243] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 398.301527] ? kasan_unpoison_shadow+0x35/0x50 [ 398.306116] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.311553] __alloc_percpu_gfp+0x27/0x30 [ 398.315824] array_map_alloc+0x46c/0x5f0 [ 398.319873] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 398.325131] map_create+0x3bd/0x1100 [ 398.328840] ? bpf_map_new_fd+0x70/0x70 [ 398.332804] ? __might_fault+0x12b/0x1e0 [ 398.336852] ? lock_downgrade+0x900/0x900 [ 398.340987] ? lock_release+0xa10/0xa10 [ 398.344953] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.350392] ? usercopy_warn+0x110/0x110 [ 398.354445] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.359974] __x64_sys_bpf+0x303/0x510 [ 398.363846] ? bpf_prog_get+0x20/0x20 [ 398.367641] do_syscall_64+0x1b9/0x820 [ 398.371519] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 398.376873] ? syscall_return_slowpath+0x5e0/0x5e0 [ 398.381786] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.386699] ? trace_hardirqs_on_caller+0x310/0x310 [ 398.391701] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 398.396705] ? prepare_exit_to_usermode+0x291/0x3b0 [ 398.401712] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.406542] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.411713] RIP: 0033:0x457519 [ 398.414915] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 398.433803] RSP: 002b:00007f6d2a361c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 398.441513] RAX: ffffffffffffffda RBX: 00007f6d2a361c90 RCX: 0000000000457519 12:15:47 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0xf0ffff, 0xffffff7f}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0xff8e}}, 0x0) 12:15:47 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050011a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 398.448762] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 398.456012] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 398.463262] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3626d4 [ 398.470513] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:47 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000200)) write$smack_current(r0, &(0x7f0000000000)='}[\x00', 0x3) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000080), 0x4) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x103000, 0x0) sysfs$1(0x1, &(0x7f00000001c0)='\x00') 12:15:47 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x8, 0x40c000) ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000080)=0x4) r1 = memfd_create(&(0x7f0000000400)="e83779d80efa45bb7f48bebc95870bd0cd39bd2830ee47afe7b33fc778bde252c50d2e", 0x0) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @remote={0xac, 0x14, 0x223}}, @icmp=@timestamp_reply}}}}, &(0x7f0000000040)={0x1, 0x1, [0x4]}) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x8000, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) perf_event_open(&(0x7f0000aaa000)={0x0, 0x70, 0x85b, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) clone(0x80000, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) r3 = gettid() tkill(r3, 0x14) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000180)={{{@in=@loopback, @in6=@ipv4}}, {{@in=@remote}, 0x0, @in=@broadcast}}, &(0x7f00000000c0)=0xe8) lseek(0xffffffffffffffff, 0x0, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000000180)=0x1fd) setsockopt$nfc_llcp_NFC_LLCP_RW(r2, 0x118, 0x0, &(0x7f00000000c0)=0x400, 0x4) r4 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x0) dup2(r4, r1) write$sndseq(r1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0xfffffffe, @tick, {}, {}, @connect}], 0xffffff76) 12:15:47 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910300003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 398.552305] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 398.563508] IPv6: NLM_F_CREATE should be specified when creating new route [ 398.572008] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 398.578570] IPv6: NLM_F_CREATE should be set when creating new route [ 398.585103] IPv6: NLM_F_CREATE should be set when creating new route [ 398.591624] IPv6: NLM_F_CREATE should be set when creating new route 12:15:47 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2bd) 12:15:47 executing program 3 (fault-call:1 fault-nth:72): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:47 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050060a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:47 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910060003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 398.752979] FAULT_INJECTION: forcing a failure. [ 398.752979] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 398.769026] CPU: 1 PID: 20916 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 398.777573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.786962] Call Trace: [ 398.789581] dump_stack+0x244/0x3ab [ 398.793266] ? dump_stack_print_info.cold.2+0x52/0x52 [ 398.798479] ? perf_trace_lock_acquire+0x501/0x800 [ 398.803445] ? perf_trace_run_bpf_submit+0x267/0x330 [ 398.808587] should_fail.cold.4+0xa/0x17 [ 398.812671] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 398.817784] ? lock_acquire+0x1ed/0x520 [ 398.821777] ? pcpu_alloc+0xbc9/0x15d0 [ 398.825685] ? check_preemption_disabled+0x48/0x200 [ 398.830746] ? perf_trace_run_bpf_submit+0x267/0x330 [ 398.835893] ? mark_held_locks+0x130/0x130 [ 398.840160] ? perf_tp_event+0xc20/0xc20 [ 398.844240] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.849803] ? fs_reclaim_acquire+0x20/0x20 [ 398.854143] ? lock_downgrade+0x900/0x900 [ 398.858314] ? lock_release+0xa10/0xa10 [ 398.862302] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.867782] ? __might_sleep+0x95/0x190 [ 398.871781] __alloc_pages_nodemask+0x34b/0xdd0 [ 398.876480] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.882046] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 398.887084] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 398.892125] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 398.896726] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 398.902305] ? pcpu_alloc+0x4f4/0x15d0 [ 398.906208] ? lock_downgrade+0x900/0x900 [ 398.910376] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 398.915404] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.921170] ? find_next_bit+0x104/0x130 [ 398.925267] pcpu_populate_chunk+0xf9/0x910 [ 398.929606] ? find_next_bit+0x104/0x130 [ 398.933697] pcpu_alloc+0xe14/0x15d0 [ 398.937575] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 398.942431] ? fs_reclaim_acquire+0x20/0x20 [ 398.946769] ? lock_downgrade+0x900/0x900 [ 398.950961] ? trace_hardirqs_on+0xbd/0x310 [ 398.955314] ? __kmalloc_node+0x3c/0x70 [ 398.959307] ? kasan_unpoison_shadow+0x35/0x50 [ 398.963911] ? kasan_kmalloc+0xc7/0xe0 [ 398.967843] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 398.973142] ? kasan_unpoison_shadow+0x35/0x50 [ 398.977747] ? perf_trace_sched_process_exec+0x860/0x860 [ 398.983224] __alloc_percpu_gfp+0x27/0x30 [ 398.987409] array_map_alloc+0x46c/0x5f0 [ 398.991497] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 398.996789] map_create+0x3bd/0x1100 [ 399.000531] ? bpf_map_new_fd+0x70/0x70 [ 399.004644] ? __might_fault+0x12b/0x1e0 [ 399.008728] ? lock_downgrade+0x900/0x900 [ 399.012905] ? lock_release+0xa10/0xa10 [ 399.016902] ? perf_trace_sched_process_exec+0x860/0x860 [ 399.022373] ? usercopy_warn+0x110/0x110 [ 399.026487] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 399.032069] __x64_sys_bpf+0x303/0x510 [ 399.035979] ? bpf_prog_get+0x20/0x20 [ 399.039824] do_syscall_64+0x1b9/0x820 [ 399.043724] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 399.049198] ? syscall_return_slowpath+0x5e0/0x5e0 12:15:48 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x31b) [ 399.054154] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.059036] ? trace_hardirqs_on_caller+0x310/0x310 [ 399.064064] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 399.064087] ? prepare_exit_to_usermode+0x291/0x3b0 [ 399.064140] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.074249] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.074266] RIP: 0033:0x457519 [ 399.074282] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 399.074294] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 399.114079] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 399.121361] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 399.128619] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 399.135884] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 399.143153] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 399.169860] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 399.184543] IPv6: NLM_F_CREATE should be specified when creating new route [ 399.220108] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 399.226651] IPv6: NLM_F_CREATE should be set when creating new route [ 399.233202] IPv6: NLM_F_CREATE should be set when creating new route [ 399.239718] IPv6: NLM_F_CREATE should be set when creating new route 12:15:48 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910005003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:48 executing program 3 (fault-call:1 fault-nth:73): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:48 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050005a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:48 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x309) 12:15:48 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0xe07000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 399.400942] FAULT_INJECTION: forcing a failure. [ 399.400942] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 399.428582] CPU: 0 PID: 20944 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 399.437206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.446767] Call Trace: [ 399.449353] dump_stack+0x244/0x3ab [ 399.452981] ? dump_stack_print_info.cold.2+0x52/0x52 [ 399.458163] ? perf_trace_lock_acquire+0x501/0x800 [ 399.463219] ? perf_trace_run_bpf_submit+0x267/0x330 [ 399.468332] should_fail.cold.4+0xa/0x17 [ 399.472390] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 399.477481] ? lock_acquire+0x1ed/0x520 [ 399.481444] ? pcpu_alloc+0xbc9/0x15d0 [ 399.485340] ? check_preemption_disabled+0x48/0x200 [ 399.490356] ? perf_trace_run_bpf_submit+0x267/0x330 [ 399.495477] ? mark_held_locks+0x130/0x130 [ 399.499716] ? perf_tp_event+0xc20/0xc20 [ 399.503766] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.509312] ? fs_reclaim_acquire+0x20/0x20 [ 399.513622] ? lock_downgrade+0x900/0x900 [ 399.517764] ? lock_release+0xa10/0xa10 [ 399.521730] ? perf_trace_sched_process_exec+0x860/0x860 [ 399.527181] ? __might_sleep+0x95/0x190 [ 399.531154] __alloc_pages_nodemask+0x34b/0xdd0 [ 399.535815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.541355] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 399.546367] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 399.551376] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 399.555952] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 399.561506] ? pcpu_alloc+0x4f4/0x15d0 [ 399.565390] ? lock_downgrade+0x900/0x900 [ 399.569530] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 399.574541] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 399.580072] ? find_next_bit+0x104/0x130 [ 399.584131] pcpu_populate_chunk+0xf9/0x910 [ 399.588445] ? find_next_bit+0x104/0x130 [ 399.592521] pcpu_alloc+0xe14/0x15d0 [ 399.596246] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 399.600996] ? fs_reclaim_acquire+0x20/0x20 [ 399.605800] ? lock_downgrade+0x900/0x900 [ 399.609952] ? trace_hardirqs_on+0xbd/0x310 [ 399.614270] ? __kmalloc_node+0x3c/0x70 [ 399.618239] ? kasan_unpoison_shadow+0x35/0x50 [ 399.622814] ? kasan_kmalloc+0xc7/0xe0 [ 399.626703] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 399.631994] ? kasan_unpoison_shadow+0x35/0x50 [ 399.636576] ? perf_trace_sched_process_exec+0x860/0x860 [ 399.642055] __alloc_percpu_gfp+0x27/0x30 [ 399.646200] array_map_alloc+0x46c/0x5f0 [ 399.650348] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 399.655723] map_create+0x3bd/0x1100 [ 399.659461] ? bpf_map_new_fd+0x70/0x70 [ 399.663430] ? __might_fault+0x12b/0x1e0 [ 399.667483] ? lock_downgrade+0x900/0x900 [ 399.671627] ? lock_release+0xa10/0xa10 [ 399.675593] ? perf_trace_sched_process_exec+0x860/0x860 [ 399.681039] ? usercopy_warn+0x110/0x110 [ 399.685110] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 399.690647] __x64_sys_bpf+0x303/0x510 [ 399.694528] ? bpf_prog_get+0x20/0x20 [ 399.698337] do_syscall_64+0x1b9/0x820 [ 399.702214] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 399.707573] ? syscall_return_slowpath+0x5e0/0x5e0 [ 399.712492] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.717329] ? trace_hardirqs_on_caller+0x310/0x310 [ 399.722341] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 399.727355] ? prepare_exit_to_usermode+0x291/0x3b0 [ 399.732368] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.737209] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.742388] RIP: 0033:0x457519 [ 399.745585] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 399.764487] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 399.772192] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 399.779470] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 399.786745] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 399.794010] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 399.801292] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 399.816304] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 399.828389] IPv6: NLM_F_CREATE should be specified when creating new route [ 399.842371] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:48 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910007003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:48 executing program 3 (fault-call:1 fault-nth:74): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:48 executing program 5: r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = getpgrp(0x0) syz_open_procfs$namespace(r1, &(0x7f0000000040)='ns/user\x00') setsockopt$inet6_dccp_int(r0, 0x21, 0xf, &(0x7f00000001c0)=0x1, 0x4) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x5, 0x0, "913fa7c292d3d3841feaa73b24735180b4fadafbd0ae8fdf06dc1c0fffaedf7b3cf0239733e29abbc5d501554cc12846eb3ebd34bab758954fc222777a53c4c0a8e473b6e9bb9bd5b5f2ee63c9774539"}, 0xd8) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f00000007c0), 0xffffffffffffffba) ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000180)=@generic) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000240)={0x0, 0x0, 0x7}, 0x8) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8937, &(0x7f0000000000)={'bridge_slave_1\x00', @random="01003a1e2410"}) getpeername(0xffffffffffffffff, &(0x7f0000000100)=@hci, &(0x7f0000000580)=0x80) r2 = dup2(0xffffffffffffffff, r0) ioctl$KVM_GET_PIT2(r2, 0x8070ae9f, &(0x7f0000000340)) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000003c0)={{{@in6=@local, @in=@broadcast}}, {{}, 0x0, @in6=@dev}}, &(0x7f0000000300)=0xe8) openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0) getpeername$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2}, &(0x7f00000004c0)=0x1c) getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0x486, &(0x7f0000000680), &(0x7f00000006c0)=0xc) socket$nl_route(0x10, 0x3, 0x0) open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) [ 399.848976] IPv6: NLM_F_CREATE should be set when creating new route [ 399.855515] IPv6: NLM_F_CREATE should be set when creating new route [ 399.862039] IPv6: NLM_F_CREATE should be set when creating new route [ 399.879782] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:48 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005fc00a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:48 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910a00003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 399.930258] FAULT_INJECTION: forcing a failure. [ 399.930258] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 400.003636] CPU: 1 PID: 20961 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 400.012196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.021568] Call Trace: [ 400.024194] dump_stack+0x244/0x3ab [ 400.027852] ? dump_stack_print_info.cold.2+0x52/0x52 [ 400.033069] ? perf_trace_lock_acquire+0x501/0x800 [ 400.038038] should_fail.cold.4+0xa/0x17 [ 400.042124] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 400.047240] ? lock_acquire+0x1ed/0x520 [ 400.051229] ? pcpu_alloc+0xbc9/0x15d0 [ 400.055133] ? trace_hardirqs_on+0xbd/0x310 [ 400.059483] ? perf_trace_run_bpf_submit+0x267/0x330 [ 400.064611] ? mark_held_locks+0x130/0x130 [ 400.068873] ? perf_tp_event+0xc20/0xc20 [ 400.072969] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.078536] ? fs_reclaim_acquire+0x20/0x20 [ 400.082877] ? lock_downgrade+0x900/0x900 [ 400.087047] ? lock_release+0xa10/0xa10 [ 400.091036] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.096518] ? __might_sleep+0x95/0x190 [ 400.100521] __alloc_pages_nodemask+0x34b/0xdd0 [ 400.105209] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.110772] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 400.115848] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 400.120884] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 400.125503] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 400.131066] ? pcpu_alloc+0x4f4/0x15d0 [ 400.134976] ? lock_downgrade+0x900/0x900 [ 400.139140] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 400.144179] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.149755] ? find_next_bit+0x104/0x130 [ 400.153861] pcpu_populate_chunk+0xf9/0x910 [ 400.158201] ? find_next_bit+0x104/0x130 [ 400.162295] pcpu_alloc+0xe14/0x15d0 [ 400.166066] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 400.170832] ? fs_reclaim_acquire+0x20/0x20 [ 400.175187] ? lock_downgrade+0x900/0x900 [ 400.179366] ? trace_hardirqs_on+0xbd/0x310 [ 400.183702] ? __kmalloc_node+0x3c/0x70 [ 400.187692] ? kasan_unpoison_shadow+0x35/0x50 [ 400.192287] ? kasan_kmalloc+0xc7/0xe0 [ 400.196200] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 400.201496] ? kasan_unpoison_shadow+0x35/0x50 [ 400.206111] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.211617] __alloc_percpu_gfp+0x27/0x30 [ 400.215800] array_map_alloc+0x46c/0x5f0 [ 400.219888] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 400.225186] map_create+0x3bd/0x1100 [ 400.228931] ? bpf_map_new_fd+0x70/0x70 [ 400.232921] ? __might_fault+0x12b/0x1e0 [ 400.237007] ? lock_downgrade+0x900/0x900 [ 400.241196] ? lock_release+0xa10/0xa10 [ 400.245187] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.250657] ? usercopy_warn+0x110/0x110 12:15:49 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2a9) [ 400.254784] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.260352] __x64_sys_bpf+0x303/0x510 [ 400.264262] ? bpf_prog_get+0x20/0x20 [ 400.268106] do_syscall_64+0x1b9/0x820 [ 400.272011] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 400.277396] ? syscall_return_slowpath+0x5e0/0x5e0 [ 400.282350] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.287214] ? trace_hardirqs_on_caller+0x310/0x310 [ 400.292331] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 400.292350] ? prepare_exit_to_usermode+0x291/0x3b0 [ 400.292375] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.302431] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 400.302446] RIP: 0033:0x457519 [ 400.302462] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 400.334733] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 400.342475] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:49 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x140042, 0x0) mmap(&(0x7f0000004000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0) seccomp(0x0, 0x1, &(0x7f0000000640)={0x3, &(0x7f0000000600)=[{0x5, 0x97c5, 0x7ff, 0x7}, {0x7, 0xd9c, 0xffffffff80000000, 0x8}, {0x7ff, 0xffffffffffffff3b, 0x8001, 0x2}]}) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000deb000)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r1, &(0x7f0000000680)="23ff67a053bcf56abb33e2a0117f2671772244fae2f9898ec42b081ed496cafe63a57b2f0b377a54b1de6b8a9fc017f651042dc7e6ad73ebe4bbb589b6104289c9711cd54e4560f617379d432af9bfacb7d2dcd48141e1f2c3588866a8b0eeb8deb25c7c46800014276c799f306562dcf459eed70fdb2d0d56fbe3d679bc317d38bd7bc52fbb33916e2d4730dbb3cb1ea7b58d9a7ab97a0bddebcd9e550a7e374d186c91d3f27a35a47bb89e", 0xac, 0x20000000, &(0x7f0000e68000)={0x2, 0x4e22, @loopback}, 0x10) link(&(0x7f0000000240)='./file0\x00', &(0x7f0000000080)='./file0\x00') setsockopt$sock_int(r2, 0x1, 0x29, &(0x7f00000001c0)=0x4, 0x4) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000180)=0x800, 0x4) setsockopt$inet_buf(r2, 0x0, 0x2f, &(0x7f00000005c0)="d23e005ca5a20ea958d255953e61b7f0a5893e1af982d0a209f98d70d27689da", 0x20) setsockopt$inet_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000440), 0x4) ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f00000002c0)={{0x2, 0x4e23}, {0x1, @dev={[], 0x1a}}, 0x10, {0x2, 0x4e20, @local}, 'gre0\x00'}) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ppp\x00', 0x100000001fff, 0x0) epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r2) r4 = socket$inet6(0xa, 0x80001, 0x0) ioctl(r4, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") setsockopt$inet_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000200), 0x4) r5 = socket(0x10, 0x2, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000000)='net/softnet_stat\x00') ioctl$PIO_FONTRESET(r3, 0x4b6d, 0x0) sendfile(r5, r6, &(0x7f00000000c0), 0x0) ioctl$BLKPBSZGET(0xffffffffffffffff, 0x127b, &(0x7f00000007c0)) getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000540)={'filter\x00', 0x0, 0x0, 0x45, [], 0x0, &(0x7f0000000440), &(0x7f00000004c0)=""/69}, &(0x7f00000003c0)=0x78) setsockopt$inet6_MRT6_DEL_MFC(0xffffffffffffffff, 0x29, 0xcd, &(0x7f0000000340)={{0xa, 0x0, 0x0, @remote}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) setsockopt$sock_void(r5, 0x1, 0x3f, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.net/syz1\x00', 0x200002, 0x0) r7 = fcntl$dupfd(r2, 0x406, r2) writev(r7, &(0x7f0000000400)=[{&(0x7f0000000100)="da", 0x1}], 0x1) [ 400.349756] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 400.357042] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 400.364340] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 400.371625] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 400.384648] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:49 executing program 3 (fault-call:1 fault-nth:75): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:49 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000b003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:49 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005fe80a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:49 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000a00)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f0000000080)='./file0\x00', 0x48000, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) utimensat(r0, &(0x7f0000000100)="2e2f66692e65318c00", &(0x7f00000001c0)={{r1, r2/1000+10000}, {0x77359400}}, 0x0) r3 = fanotify_init(0x0, 0x0) fanotify_mark(r3, 0x1, 0x1, r0, &(0x7f0000000300)="2e2f66692e65318c00") r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r4, 0x54a3) fanotify_mark(r3, 0x2, 0x9, r0, &(0x7f00000000c0)="2e2f66692e65318c00") bind$pptp(r4, &(0x7f0000000200)={0x18, 0x2, {0x2, @multicast1}}, 0x1e) [ 400.479519] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 400.500732] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 400.537297] FAT-fs (loop5): bogus number of reserved sectors [ 400.544077] FAT-fs (loop5): Can't find a valid FAT filesystem [ 400.560095] FAULT_INJECTION: forcing a failure. [ 400.560095] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 400.580625] CPU: 1 PID: 20996 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 400.589159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.598523] Call Trace: [ 400.601148] dump_stack+0x244/0x3ab [ 400.604814] ? dump_stack_print_info.cold.2+0x52/0x52 [ 400.610030] ? perf_trace_lock_acquire+0x501/0x800 [ 400.614980] should_fail.cold.4+0xa/0x17 [ 400.619040] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 400.624133] ? lock_acquire+0x1ed/0x520 [ 400.628099] ? pcpu_alloc+0xbc9/0x15d0 [ 400.631986] ? perf_trace_run_bpf_submit+0x267/0x330 [ 400.637101] ? mark_held_locks+0x130/0x130 [ 400.641329] ? perf_tp_event+0xc20/0xc20 [ 400.645773] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.651312] ? fs_reclaim_acquire+0x20/0x20 [ 400.655626] ? lock_downgrade+0x900/0x900 [ 400.659776] ? lock_release+0xa10/0xa10 [ 400.663752] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.669195] ? __switch_to_asm+0x40/0x70 [ 400.673245] ? __switch_to_asm+0x34/0x70 [ 400.677314] ? __might_sleep+0x95/0x190 [ 400.681288] __alloc_pages_nodemask+0x34b/0xdd0 [ 400.685948] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.691487] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 400.696499] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 400.701523] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 400.706113] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 400.711650] ? pcpu_alloc+0x4f4/0x15d0 [ 400.715532] ? lock_downgrade+0x900/0x900 [ 400.719828] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 400.724851] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.730400] ? find_next_bit+0x104/0x130 [ 400.734472] pcpu_populate_chunk+0xf9/0x910 [ 400.738782] ? find_next_bit+0x104/0x130 [ 400.742842] pcpu_alloc+0xe14/0x15d0 [ 400.746596] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 400.751339] ? fs_reclaim_acquire+0x20/0x20 [ 400.755657] ? lock_downgrade+0x900/0x900 [ 400.759807] ? trace_hardirqs_on+0xbd/0x310 [ 400.764155] ? __kmalloc_node+0x3c/0x70 [ 400.768221] ? kasan_unpoison_shadow+0x35/0x50 [ 400.772920] ? kasan_kmalloc+0xc7/0xe0 [ 400.776802] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 400.782071] ? kasan_unpoison_shadow+0x35/0x50 [ 400.786645] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.792190] __alloc_percpu_gfp+0x27/0x30 [ 400.796331] array_map_alloc+0x46c/0x5f0 [ 400.800387] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 400.805655] map_create+0x3bd/0x1100 [ 400.809367] ? bpf_map_new_fd+0x70/0x70 [ 400.813353] ? __might_fault+0x12b/0x1e0 [ 400.817424] ? lock_downgrade+0x900/0x900 [ 400.821603] ? lock_release+0xa10/0xa10 [ 400.825583] ? perf_trace_sched_process_exec+0x860/0x860 [ 400.831029] ? usercopy_warn+0x110/0x110 [ 400.835102] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.840640] __x64_sys_bpf+0x303/0x510 [ 400.844530] ? bpf_prog_get+0x20/0x20 [ 400.848338] do_syscall_64+0x1b9/0x820 [ 400.852217] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 400.857577] ? syscall_return_slowpath+0x5e0/0x5e0 [ 400.862607] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.867467] ? trace_hardirqs_on_caller+0x310/0x310 [ 400.872477] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 400.877489] ? prepare_exit_to_usermode+0x291/0x3b0 [ 400.882502] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.887343] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 400.892521] RIP: 0033:0x457519 [ 400.895703] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 400.914615] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 400.922367] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 400.929635] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 400.936991] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 400.944252] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 400.951511] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:50 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x1000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:50 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910011003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:50 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050b00a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:50 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x15b) [ 400.983482] FAT-fs (loop5): bogus number of reserved sectors [ 400.990811] FAT-fs (loop5): Can't find a valid FAT filesystem 12:15:50 executing program 3 (fault-call:1 fault-nth:76): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:50 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2a9) [ 401.056760] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 401.067491] FAULT_INJECTION: forcing a failure. [ 401.067491] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:50 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291003f003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 401.103730] CPU: 1 PID: 21018 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 401.112275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.121635] Call Trace: [ 401.121662] dump_stack+0x244/0x3ab [ 401.121690] ? dump_stack_print_info.cold.2+0x52/0x52 [ 401.127889] ? perf_trace_lock_acquire+0x501/0x800 [ 401.127912] ? perf_trace_run_bpf_submit+0x267/0x330 [ 401.127941] should_fail.cold.4+0xa/0x17 [ 401.147217] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 401.152355] ? lock_acquire+0x1ed/0x520 [ 401.156359] ? pcpu_alloc+0xbc9/0x15d0 [ 401.160259] ? check_preemption_disabled+0x48/0x200 [ 401.165305] ? perf_trace_run_bpf_submit+0x267/0x330 [ 401.170437] ? mark_held_locks+0x130/0x130 [ 401.174716] ? perf_tp_event+0xc20/0xc20 [ 401.178810] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.184463] ? fs_reclaim_acquire+0x20/0x20 [ 401.188807] ? lock_downgrade+0x900/0x900 [ 401.192977] ? lock_release+0xa10/0xa10 [ 401.196963] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.202449] ? __might_sleep+0x95/0x190 [ 401.206532] __alloc_pages_nodemask+0x34b/0xdd0 [ 401.211218] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.216782] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 401.221821] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 401.226856] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 401.231455] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 401.237022] ? pcpu_alloc+0x4f4/0x15d0 [ 401.240926] ? lock_downgrade+0x900/0x900 [ 401.245078] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 401.250089] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.255615] ? find_next_bit+0x104/0x130 [ 401.259674] pcpu_populate_chunk+0xf9/0x910 [ 401.263992] ? find_next_bit+0x104/0x130 [ 401.268050] pcpu_alloc+0xe14/0x15d0 [ 401.271765] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 401.276519] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 401.281273] ? retint_kernel+0x2d/0x2d [ 401.285157] ? kasan_unpoison_shadow+0x35/0x50 [ 401.289735] ? kasan_kmalloc+0xc7/0xe0 [ 401.293614] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 401.298879] ? kasan_unpoison_shadow+0x35/0x50 [ 401.303457] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.308962] __alloc_percpu_gfp+0x27/0x30 [ 401.313106] array_map_alloc+0x46c/0x5f0 [ 401.317164] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 401.322454] map_create+0x3bd/0x1100 [ 401.326189] ? bpf_map_new_fd+0x70/0x70 [ 401.330201] ? __might_fault+0x12b/0x1e0 [ 401.334271] ? lock_downgrade+0x900/0x900 [ 401.338410] ? lock_release+0xa10/0xa10 [ 401.342373] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.347835] ? usercopy_warn+0x110/0x110 [ 401.351923] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.357455] __x64_sys_bpf+0x303/0x510 [ 401.361332] ? bpf_prog_get+0x20/0x20 [ 401.365139] do_syscall_64+0x1b9/0x820 [ 401.369049] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 401.374447] ? syscall_return_slowpath+0x5e0/0x5e0 [ 401.379372] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.384212] ? trace_hardirqs_on_caller+0x310/0x310 [ 401.389223] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 401.394229] ? prepare_exit_to_usermode+0x291/0x3b0 [ 401.399326] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.404164] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.409345] RIP: 0033:0x457519 [ 401.412529] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 401.431419] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 401.439228] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 401.446484] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 12:15:50 executing program 3 (fault-call:1 fault-nth:77): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 401.453738] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 401.461087] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 401.468355] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 401.477845] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 401.485072] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:50 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000f003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:50 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60051200a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 401.520515] FAULT_INJECTION: forcing a failure. [ 401.520515] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 401.570647] CPU: 1 PID: 21031 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 401.579210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.588580] Call Trace: [ 401.591210] dump_stack+0x244/0x3ab [ 401.594874] ? dump_stack_print_info.cold.2+0x52/0x52 [ 401.600087] ? perf_trace_lock_acquire+0x501/0x800 [ 401.605052] should_fail.cold.4+0xa/0x17 [ 401.609139] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 401.614257] ? lock_acquire+0x1ed/0x520 [ 401.618251] ? pcpu_alloc+0xbc9/0x15d0 [ 401.622158] ? trace_hardirqs_on+0xbd/0x310 [ 401.626511] ? perf_trace_run_bpf_submit+0x267/0x330 [ 401.631639] ? mark_held_locks+0x130/0x130 [ 401.635908] ? perf_tp_event+0xc20/0xc20 [ 401.640004] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.645605] ? fs_reclaim_acquire+0x20/0x20 [ 401.649966] ? lock_downgrade+0x900/0x900 [ 401.654132] ? lock_release+0xa10/0xa10 [ 401.658122] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.663606] ? __might_sleep+0x95/0x190 [ 401.667614] __alloc_pages_nodemask+0x34b/0xdd0 [ 401.672296] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.677858] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 401.682898] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 401.687938] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 401.692541] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 401.698104] ? pcpu_alloc+0x4f4/0x15d0 [ 401.702022] ? lock_downgrade+0x900/0x900 [ 401.707674] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 401.712708] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.718260] ? find_next_bit+0x104/0x130 [ 401.722344] pcpu_populate_chunk+0xf9/0x910 [ 401.726701] ? find_next_bit+0x104/0x130 [ 401.730795] pcpu_alloc+0xe14/0x15d0 [ 401.734589] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 401.739396] ? fs_reclaim_acquire+0x20/0x20 [ 401.743737] ? lock_downgrade+0x900/0x900 [ 401.747917] ? trace_hardirqs_on+0xbd/0x310 [ 401.752266] ? __kmalloc_node+0x3c/0x70 [ 401.756259] ? kasan_unpoison_shadow+0x35/0x50 [ 401.760855] ? kasan_kmalloc+0xc7/0xe0 [ 401.764893] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 401.770191] ? kasan_unpoison_shadow+0x35/0x50 [ 401.774807] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.780281] __alloc_percpu_gfp+0x27/0x30 [ 401.784445] array_map_alloc+0x46c/0x5f0 [ 401.788633] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 401.793942] map_create+0x3bd/0x1100 [ 401.797686] ? bpf_map_new_fd+0x70/0x70 [ 401.801689] ? __might_fault+0x12b/0x1e0 [ 401.805773] ? lock_downgrade+0x900/0x900 [ 401.809950] ? lock_release+0xa10/0xa10 [ 401.813944] ? perf_trace_sched_process_exec+0x860/0x860 [ 401.819416] ? usercopy_warn+0x110/0x110 [ 401.823555] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.829124] __x64_sys_bpf+0x303/0x510 [ 401.833031] ? bpf_prog_get+0x20/0x20 [ 401.836878] do_syscall_64+0x1b9/0x820 [ 401.840779] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 401.846148] ? syscall_return_slowpath+0x5e0/0x5e0 [ 401.851081] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.855930] ? trace_hardirqs_on_caller+0x310/0x310 [ 401.860958] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 401.865971] ? prepare_exit_to_usermode+0x291/0x3b0 [ 401.871003] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.875861] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.881039] RIP: 0033:0x457519 [ 401.884223] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 401.903117] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 401.910813] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 401.918091] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 401.925358] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 401.932742] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 401.940002] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:50 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050003a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 401.969112] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 401.976404] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:51 executing program 3 (fault-call:1 fault-nth:78): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 402.013554] IPv6: NLM_F_CREATE should be specified when creating new route [ 402.024096] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 402.030656] IPv6: NLM_F_CREATE should be set when creating new route [ 402.037233] IPv6: NLM_F_CREATE should be set when creating new route [ 402.043779] IPv6: NLM_F_CREATE should be set when creating new route [ 402.085954] FAULT_INJECTION: forcing a failure. [ 402.085954] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 402.130104] CPU: 1 PID: 21050 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 402.138652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.148023] Call Trace: [ 402.150643] dump_stack+0x244/0x3ab [ 402.154300] ? dump_stack_print_info.cold.2+0x52/0x52 [ 402.159508] ? perf_trace_lock_acquire+0x501/0x800 [ 402.164454] ? perf_trace_run_bpf_submit+0x267/0x330 [ 402.169584] should_fail.cold.4+0xa/0x17 [ 402.173685] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 402.178781] ? lock_acquire+0x1ed/0x520 [ 402.182745] ? pcpu_alloc+0xbc9/0x15d0 [ 402.186641] ? check_preemption_disabled+0x48/0x200 [ 402.191680] ? perf_trace_run_bpf_submit+0x267/0x330 [ 402.196805] ? mark_held_locks+0x130/0x130 [ 402.201054] ? perf_tp_event+0xc20/0xc20 [ 402.205115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.210652] ? fs_reclaim_acquire+0x20/0x20 [ 402.214965] ? lock_downgrade+0x900/0x900 [ 402.219110] ? lock_release+0xa10/0xa10 [ 402.223173] ? perf_trace_sched_process_exec+0x860/0x860 [ 402.228624] ? __might_sleep+0x95/0x190 [ 402.232616] __alloc_pages_nodemask+0x34b/0xdd0 [ 402.237275] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.242810] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 402.247817] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 402.252821] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 402.257393] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 402.262922] ? pcpu_alloc+0x4f4/0x15d0 [ 402.266802] ? lock_downgrade+0x900/0x900 [ 402.270937] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 402.275940] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.281578] ? find_next_bit+0x104/0x130 [ 402.285642] pcpu_populate_chunk+0xf9/0x910 [ 402.289953] ? find_next_bit+0x104/0x130 [ 402.294054] pcpu_alloc+0xe14/0x15d0 [ 402.297777] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 402.302518] ? fs_reclaim_acquire+0x20/0x20 [ 402.306825] ? lock_downgrade+0x900/0x900 [ 402.310967] ? trace_hardirqs_on+0xbd/0x310 [ 402.315277] ? __kmalloc_node+0x3c/0x70 [ 402.319259] ? kasan_unpoison_shadow+0x35/0x50 [ 402.323840] ? kasan_kmalloc+0xc7/0xe0 [ 402.327725] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 402.332991] ? kasan_unpoison_shadow+0x35/0x50 [ 402.337580] ? perf_trace_sched_process_exec+0x860/0x860 [ 402.343031] __alloc_percpu_gfp+0x27/0x30 [ 402.347179] array_map_alloc+0x46c/0x5f0 [ 402.351228] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 402.356511] map_create+0x3bd/0x1100 [ 402.360341] ? bpf_map_new_fd+0x70/0x70 [ 402.364306] ? __might_fault+0x12b/0x1e0 [ 402.368373] ? lock_downgrade+0x900/0x900 [ 402.372518] ? lock_release+0xa10/0xa10 [ 402.376479] ? perf_trace_sched_process_exec+0x860/0x860 [ 402.381923] ? usercopy_warn+0x110/0x110 [ 402.385997] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.391527] __x64_sys_bpf+0x303/0x510 [ 402.395405] ? bpf_prog_get+0x20/0x20 [ 402.399210] do_syscall_64+0x1b9/0x820 [ 402.403089] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 402.408526] ? syscall_return_slowpath+0x5e0/0x5e0 [ 402.413439] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.418273] ? trace_hardirqs_on_caller+0x310/0x310 [ 402.423276] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 402.428279] ? prepare_exit_to_usermode+0x291/0x3b0 [ 402.433290] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.438129] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.443313] RIP: 0033:0x457519 [ 402.446494] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 402.465381] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 402.473078] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:51 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xa6) 12:15:51 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910600003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:51 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005003fa84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:51 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2a9) [ 402.480332] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 402.487886] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 402.495141] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 402.502412] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:51 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x70e000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:51 executing program 3 (fault-call:1 fault-nth:79): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 402.577121] FAULT_INJECTION: forcing a failure. [ 402.577121] name failslab, interval 1, probability 0, space 0, times 0 [ 402.591182] IPv6: NLM_F_CREATE should be specified when creating new route [ 402.600618] CPU: 1 PID: 21064 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 402.609140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.618505] Call Trace: [ 402.621120] dump_stack+0x244/0x3ab [ 402.624769] ? dump_stack_print_info.cold.2+0x52/0x52 [ 402.629970] should_fail.cold.4+0xa/0x17 [ 402.634028] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 402.639133] ? save_stack+0xa9/0xd0 [ 402.643219] ? save_stack+0x43/0xd0 [ 402.646838] ? kasan_kmalloc+0xc7/0xe0 [ 402.650722] ? __kmalloc+0x15b/0x760 [ 402.654431] ? pcpu_get_vm_areas+0x4e8/0x12c0 [ 402.658917] ? pcpu_create_chunk+0x40a/0xad0 [ 402.663315] ? pcpu_alloc+0x12fa/0x15d0 [ 402.667293] ? array_map_alloc+0x46c/0x5f0 [ 402.671522] ? map_create+0x3bd/0x1100 [ 402.675403] ? __x64_sys_bpf+0x303/0x510 [ 402.679459] ? do_syscall_64+0x1b9/0x820 [ 402.683515] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.688891] ? lock_release+0xa10/0xa10 [ 402.692861] ? perf_trace_sched_process_exec+0x860/0x860 [ 402.698319] ? fs_reclaim_acquire+0x20/0x20 [ 402.702636] ? lock_downgrade+0x900/0x900 [ 402.706786] ? perf_trace_sched_process_exec+0x860/0x860 [ 402.712230] ? trace_hardirqs_on+0xbd/0x310 [ 402.716587] __should_failslab+0x124/0x180 [ 402.720830] should_failslab+0x9/0x14 [ 402.724644] __kmalloc+0x2e0/0x760 [ 402.728189] ? pcpu_get_vm_areas+0x4ff/0x12c0 [ 402.732687] pcpu_get_vm_areas+0x4ff/0x12c0 [ 402.737022] ? perf_trace_sched_process_exec+0x860/0x860 [ 402.742490] ? vm_map_ram+0xf60/0xf60 [ 402.746310] ? __vmalloc+0x45/0x50 [ 402.749869] ? pcpu_mem_zalloc+0x8f/0xe0 [ 402.753930] pcpu_create_chunk+0x40a/0xad0 [ 402.758166] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 402.765091] ? trace_hardirqs_on+0xbd/0x310 [ 402.769405] ? kasan_check_read+0x11/0x20 [ 402.773542] ? pcpu_alloc+0x943/0x15d0 [ 402.777428] ? trace_hardirqs_off_caller+0x300/0x300 [ 402.782526] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 402.787533] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 402.792566] pcpu_alloc+0x12fa/0x15d0 [ 402.796406] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 402.801154] ? fs_reclaim_acquire+0x20/0x20 [ 402.805470] ? lock_downgrade+0x900/0x900 [ 402.809639] ? trace_hardirqs_on+0xbd/0x310 [ 402.813958] ? __kmalloc_node+0x3c/0x70 [ 402.817927] ? kasan_unpoison_shadow+0x35/0x50 [ 402.822513] ? kasan_kmalloc+0xc7/0xe0 [ 402.826395] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 402.831750] ? kasan_unpoison_shadow+0x35/0x50 [ 402.836330] ? perf_trace_sched_process_exec+0x860/0x860 [ 402.841780] __alloc_percpu_gfp+0x27/0x30 [ 402.845922] array_map_alloc+0x46c/0x5f0 [ 402.849979] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 402.855244] map_create+0x3bd/0x1100 [ 402.858952] ? bpf_map_new_fd+0x70/0x70 [ 402.862948] ? __might_fault+0x12b/0x1e0 [ 402.867007] ? lock_downgrade+0x900/0x900 [ 402.871153] ? lock_release+0xa10/0xa10 [ 402.875128] ? perf_trace_sched_process_exec+0x860/0x860 [ 402.880681] ? usercopy_warn+0x110/0x110 [ 402.884752] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.890289] __x64_sys_bpf+0x303/0x510 [ 402.894173] ? bpf_prog_get+0x20/0x20 [ 402.898017] do_syscall_64+0x1b9/0x820 [ 402.901896] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 402.907251] ? syscall_return_slowpath+0x5e0/0x5e0 [ 402.912176] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.917014] ? trace_hardirqs_on_caller+0x310/0x310 [ 402.922021] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 402.927033] ? prepare_exit_to_usermode+0x291/0x3b0 [ 402.932048] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.936905] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.942089] RIP: 0033:0x457519 [ 402.945276] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 402.964167] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 402.971882] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 402.979141] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 402.986402] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 402.993659] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 403.000916] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 403.012121] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 403.018698] IPv6: NLM_F_CREATE should be set when creating new route 12:15:51 executing program 3 (fault-call:1 fault-nth:80): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 403.025252] IPv6: NLM_F_CREATE should be set when creating new route [ 403.031799] IPv6: NLM_F_CREATE should be set when creating new route 12:15:52 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a600500ffa84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:52 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302911300003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 403.071428] FAULT_INJECTION: forcing a failure. [ 403.071428] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 403.122783] CPU: 0 PID: 21076 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 403.131329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.140695] Call Trace: [ 403.143303] dump_stack+0x244/0x3ab [ 403.146960] ? dump_stack_print_info.cold.2+0x52/0x52 [ 403.152174] ? perf_trace_lock_acquire+0x501/0x800 [ 403.157137] should_fail.cold.4+0xa/0x17 [ 403.161230] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 403.166348] ? lock_acquire+0x1ed/0x520 [ 403.170339] ? pcpu_alloc+0xbc9/0x15d0 [ 403.174259] ? perf_trace_run_bpf_submit+0x267/0x330 [ 403.179376] ? perf_trace_lock_acquire+0x501/0x800 [ 403.184328] ? mark_held_locks+0x130/0x130 [ 403.188587] ? perf_tp_event+0xc20/0xc20 [ 403.192660] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.198227] ? fs_reclaim_acquire+0x20/0x20 [ 403.202578] ? lock_downgrade+0x900/0x900 [ 403.206768] ? lock_release+0xa10/0xa10 [ 403.210753] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.216235] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 403.220856] ? __might_sleep+0x95/0x190 [ 403.224850] __alloc_pages_nodemask+0x34b/0xdd0 [ 403.229620] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.235183] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 403.240223] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 403.245260] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 403.249864] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 403.255447] ? pcpu_alloc+0x4f4/0x15d0 [ 403.259357] ? lock_downgrade+0x900/0x900 [ 403.263528] ? __sanitizer_cov_trace_cmp8+0x18/0x20 12:15:52 executing program 5: socket$inet6(0xa, 0x0, 0x80000000) sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setflags(0xffffffffffffffff, 0x2, 0x1) r0 = socket$inet6(0xa, 0x400000000001, 0x0) r1 = dup(r0) setsockopt$inet6_tcp_int(r1, 0x6, 0x12, &(0x7f0000000000)=0x7f, 0x4) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x0, 0x6}, &(0x7f0000000240)=0x8) sendto$inet6(r0, &(0x7f00000004c0), 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x4) socket$inet6(0xa, 0x1000000000002, 0x0) r2 = syz_open_dev$binder(&(0x7f0000872936)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000200)={0x4, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0c630053b2d8a76b68738ff5d14bcc1500"], 0x1, 0x0, &(0x7f0000000180)='T'}) r3 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r3, 0x1004000000016) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000000)={0x10, 0x0, &(0x7f0000005fd4)=[@acquire, @acquire={0x400c630e}], 0xfffffffffffffced, 0x0, &(0x7f0000000040)}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000008fd0)={0x8, 0x0, &(0x7f00000000c0)=[@release={0x400c630f}], 0x0, 0x0, &(0x7f0000000f4d)}) [ 403.268581] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 403.274134] ? find_next_bit+0x104/0x130 [ 403.278217] pcpu_populate_chunk+0xf9/0x910 [ 403.282559] ? find_next_bit+0x104/0x130 [ 403.286652] pcpu_alloc+0xe14/0x15d0 [ 403.290399] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 403.295169] ? fs_reclaim_acquire+0x20/0x20 [ 403.299637] ? lock_downgrade+0x900/0x900 [ 403.303816] ? trace_hardirqs_on+0xbd/0x310 [ 403.308170] ? __kmalloc_node+0x3c/0x70 [ 403.312166] ? kasan_unpoison_shadow+0x35/0x50 [ 403.316764] ? kasan_kmalloc+0xc7/0xe0 [ 403.320674] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 403.325965] ? kasan_unpoison_shadow+0x35/0x50 [ 403.330574] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.336052] __alloc_percpu_gfp+0x27/0x30 [ 403.339381] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 403.340217] array_map_alloc+0x46c/0x5f0 [ 403.340241] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 403.367202] map_create+0x3bd/0x1100 [ 403.370934] ? __schedule+0x8d7/0x21d0 [ 403.374841] ? bpf_map_new_fd+0x70/0x70 [ 403.378840] ? __might_fault+0x12b/0x1e0 [ 403.382921] ? lock_downgrade+0x900/0x900 [ 403.387091] ? lock_release+0xa10/0xa10 [ 403.387576] binder: 21084:21087 unknown command 1392534284 [ 403.391068] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.391090] ? usercopy_warn+0x110/0x110 [ 403.391130] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 403.411854] __x64_sys_bpf+0x303/0x510 [ 403.412074] binder: 21084:21087 ioctl c0306201 20000200 returned -22 12:15:52 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xb) [ 403.415750] ? bpf_prog_get+0x20/0x20 [ 403.415766] ? retint_kernel+0x2d/0x2d [ 403.415791] ? bpf_prog_get+0x20/0x20 [ 403.415810] ? do_syscall_64+0x179/0x820 [ 403.433752] do_syscall_64+0x1b9/0x820 [ 403.433770] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 403.447072] ? syscall_return_slowpath+0x5e0/0x5e0 [ 403.452008] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.456862] ? trace_hardirqs_on_caller+0x310/0x310 [ 403.461896] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 403.466930] ? prepare_exit_to_usermode+0x291/0x3b0 [ 403.471973] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.476837] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 403.482043] RIP: 0033:0x457519 [ 403.485251] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 403.504161] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 403.511892] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:52 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291fe80003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 403.519174] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 403.526460] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 403.533768] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 403.541071] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 403.552240] binder: BINDER_SET_CONTEXT_MGR already set [ 403.557838] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 403.564402] IPv6: NLM_F_CREATE should be set when creating new route 12:15:52 executing program 3 (fault-call:1 fault-nth:81): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:52 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910800003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 403.570991] IPv6: NLM_F_CREATE should be set when creating new route [ 403.590353] binder: 21084:21091 unknown command 1392534284 [ 403.604098] binder: 21084:21087 ioctl 40046207 0 returned -16 [ 403.604953] binder: 21084:21091 ioctl c0306201 20000200 returned -22 12:15:52 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60051300a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 403.652763] FAULT_INJECTION: forcing a failure. [ 403.652763] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 403.686478] CPU: 0 PID: 21107 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 403.695030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.698367] binder: 21084:21086 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0 [ 403.704388] Call Trace: [ 403.704415] dump_stack+0x244/0x3ab [ 403.704443] ? dump_stack_print_info.cold.2+0x52/0x52 [ 403.722732] ? perf_trace_lock_acquire+0x501/0x800 [ 403.727705] should_fail.cold.4+0xa/0x17 [ 403.731897] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 403.737009] ? lock_acquire+0x1ed/0x520 [ 403.740987] ? pcpu_alloc+0xbc9/0x15d0 [ 403.744875] ? trace_hardirqs_on+0xbd/0x310 [ 403.749204] ? perf_trace_run_bpf_submit+0x267/0x330 [ 403.754326] ? mark_held_locks+0x130/0x130 [ 403.755351] binder: undelivered death notification, 0000000000000000 [ 403.758572] ? perf_tp_event+0xc20/0xc20 [ 403.758592] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.758620] ? fs_reclaim_acquire+0x20/0x20 [ 403.778998] ? lock_downgrade+0x900/0x900 [ 403.783148] ? lock_release+0xa10/0xa10 [ 403.787123] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.792575] ? __might_sleep+0x95/0x190 [ 403.796544] __alloc_pages_nodemask+0x34b/0xdd0 [ 403.801220] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.806750] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 403.811759] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 403.816767] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 403.821357] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 403.826913] ? pcpu_alloc+0x4f4/0x15d0 [ 403.830802] ? lock_downgrade+0x900/0x900 [ 403.834939] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 403.839945] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 403.845479] ? find_next_bit+0x104/0x130 [ 403.849550] pcpu_populate_chunk+0xf9/0x910 [ 403.853861] ? find_next_bit+0x104/0x130 [ 403.857914] pcpu_alloc+0xe14/0x15d0 [ 403.861627] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 403.866368] ? fs_reclaim_acquire+0x20/0x20 [ 403.870676] ? lock_downgrade+0x900/0x900 [ 403.874847] ? trace_hardirqs_on+0xbd/0x310 [ 403.879154] ? __kmalloc_node+0x3c/0x70 [ 403.883132] ? kasan_unpoison_shadow+0x35/0x50 [ 403.887724] ? kasan_kmalloc+0xc7/0xe0 [ 403.891620] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 403.896910] ? kasan_unpoison_shadow+0x35/0x50 [ 403.901487] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.906931] __alloc_percpu_gfp+0x27/0x30 [ 403.911082] array_map_alloc+0x46c/0x5f0 [ 403.915163] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 403.920543] map_create+0x3bd/0x1100 [ 403.924253] ? bpf_map_new_fd+0x70/0x70 [ 403.928215] ? __might_fault+0x12b/0x1e0 [ 403.932266] ? lock_downgrade+0x900/0x900 [ 403.936402] ? lock_release+0xa10/0xa10 [ 403.940387] ? perf_trace_sched_process_exec+0x860/0x860 [ 403.945843] ? usercopy_warn+0x110/0x110 [ 403.949909] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 403.955524] __x64_sys_bpf+0x303/0x510 [ 403.959401] ? bpf_prog_get+0x20/0x20 [ 403.963202] do_syscall_64+0x1b9/0x820 [ 403.967076] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 403.972436] ? syscall_return_slowpath+0x5e0/0x5e0 [ 403.977360] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.982190] ? trace_hardirqs_on_caller+0x310/0x310 [ 403.987193] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 403.992244] ? prepare_exit_to_usermode+0x291/0x3b0 [ 403.997301] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.002148] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 404.007340] RIP: 0033:0x457519 [ 404.010534] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 404.029425] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 404.037308] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 404.044573] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 12:15:53 executing program 5: r0 = socket$pppoe(0x18, 0x1, 0x0) open_by_handle_at(r0, &(0x7f0000000080)={0x33, 0x527c, "825c1e18183368088a4806bda726246d75fd8b77ec92facd3ea11e0e356a83a36bd22f8b566e7cff9b948c"}, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x10, 0x0, 0x10001, 0x0, 0x3f00}}) [ 404.051833] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 404.059090] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 404.066347] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 404.080518] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 404.087207] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:53 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x730000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:53 executing program 3 (fault-call:1 fault-nth:82): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:53 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910020003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:53 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005fec0a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 404.164773] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 404.193076] FAULT_INJECTION: forcing a failure. [ 404.193076] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:53 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x302) 12:15:53 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910040003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 404.222408] CPU: 1 PID: 21123 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 404.230952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.240335] Call Trace: [ 404.242948] dump_stack+0x244/0x3ab [ 404.246622] ? dump_stack_print_info.cold.2+0x52/0x52 [ 404.251836] ? perf_trace_lock_acquire+0x501/0x800 [ 404.256785] should_fail.cold.4+0xa/0x17 [ 404.256806] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 404.265934] ? lock_acquire+0x1ed/0x520 [ 404.265952] ? pcpu_alloc+0xbc9/0x15d0 [ 404.265990] ? perf_trace_run_bpf_submit+0x267/0x330 [ 404.273814] ? mark_held_locks+0x130/0x130 [ 404.273839] ? perf_tp_event+0xc20/0xc20 [ 404.273858] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.283190] ? fs_reclaim_acquire+0x20/0x20 [ 404.283211] ? lock_downgrade+0x900/0x900 [ 404.283234] ? lock_release+0xa10/0xa10 [ 404.305247] ? perf_trace_sched_process_exec+0x860/0x860 [ 404.310723] ? __switch_to_asm+0x40/0x70 [ 404.314795] ? __switch_to_asm+0x34/0x70 [ 404.318873] ? __might_sleep+0x95/0x190 [ 404.322868] __alloc_pages_nodemask+0x34b/0xdd0 [ 404.327549] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.333109] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 404.338143] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 404.343271] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 404.347885] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 404.353456] ? pcpu_alloc+0x4f4/0x15d0 [ 404.357358] ? lock_downgrade+0x900/0x900 [ 404.361520] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 404.366553] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 404.372095] ? find_next_bit+0x104/0x130 [ 404.376156] pcpu_populate_chunk+0xf9/0x910 [ 404.380469] ? find_next_bit+0x104/0x130 [ 404.384526] pcpu_alloc+0xe14/0x15d0 [ 404.388245] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 404.392998] ? fs_reclaim_acquire+0x20/0x20 [ 404.397327] ? lock_downgrade+0x900/0x900 [ 404.401509] ? trace_hardirqs_on+0xbd/0x310 [ 404.405819] ? __kmalloc_node+0x3c/0x70 [ 404.409779] ? kasan_unpoison_shadow+0x35/0x50 [ 404.414345] ? kasan_kmalloc+0xc7/0xe0 [ 404.418234] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 404.423499] ? kasan_unpoison_shadow+0x35/0x50 [ 404.428098] ? perf_trace_sched_process_exec+0x860/0x860 [ 404.433587] __alloc_percpu_gfp+0x27/0x30 [ 404.437746] array_map_alloc+0x46c/0x5f0 [ 404.441821] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 404.447091] map_create+0x3bd/0x1100 [ 404.450802] ? bpf_map_new_fd+0x70/0x70 [ 404.454788] ? __might_fault+0x12b/0x1e0 [ 404.458851] ? lock_downgrade+0x900/0x900 [ 404.463102] ? lock_release+0xa10/0xa10 [ 404.467189] ? perf_trace_sched_process_exec+0x860/0x860 [ 404.472638] ? usercopy_warn+0x110/0x110 [ 404.477005] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 404.482533] __x64_sys_bpf+0x303/0x510 [ 404.486432] ? bpf_prog_get+0x20/0x20 [ 404.490242] do_syscall_64+0x1b9/0x820 [ 404.494119] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 404.499473] ? syscall_return_slowpath+0x5e0/0x5e0 [ 404.504429] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.509262] ? trace_hardirqs_on_caller+0x310/0x310 [ 404.514267] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 404.519279] ? prepare_exit_to_usermode+0x291/0x3b0 [ 404.524300] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.529135] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 404.534310] RIP: 0033:0x457519 [ 404.537488] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 404.556410] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 404.564111] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:53 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f0000000140)=0x2, 0x4) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000000)='trusted.overlay.redirect\x00', &(0x7f00000000c0)='./file0\x00', 0x8, 0x3) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0) sendto$inet6(r0, &(0x7f0000000340), 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) [ 404.571367] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 404.578620] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 404.585875] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 404.593142] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:53 executing program 3 (fault-call:1 fault-nth:83): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 404.623581] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 404.635819] IPv6: NLM_F_CREATE should be specified when creating new route [ 404.643393] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 404.643415] IPv6: NLM_F_CREATE should be set when creating new route [ 404.656511] IPv6: NLM_F_CREATE should be set when creating new route [ 404.663037] IPv6: NLM_F_CREATE should be set when creating new route 12:15:53 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910009003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 404.670986] FAULT_INJECTION: forcing a failure. [ 404.670986] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 404.684129] CPU: 1 PID: 21143 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 404.692656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.702104] Call Trace: [ 404.704715] dump_stack+0x244/0x3ab [ 404.708384] ? dump_stack_print_info.cold.2+0x52/0x52 [ 404.713595] ? perf_trace_lock_acquire+0x501/0x800 [ 404.718606] should_fail.cold.4+0xa/0x17 [ 404.722775] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 404.727893] ? lock_acquire+0x1ed/0x520 [ 404.731877] ? pcpu_alloc+0xbc9/0x15d0 [ 404.735761] ? perf_trace_run_bpf_submit+0x267/0x330 [ 404.740892] ? mark_held_locks+0x130/0x130 [ 404.745244] ? perf_tp_event+0xc20/0xc20 [ 404.749301] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.754826] ? fs_reclaim_acquire+0x20/0x20 [ 404.759139] ? lock_downgrade+0x900/0x900 [ 404.763290] ? lock_release+0xa10/0xa10 [ 404.767356] ? perf_trace_sched_process_exec+0x860/0x860 [ 404.772795] ? __switch_to_asm+0x40/0x70 [ 404.776866] ? __switch_to_asm+0x34/0x70 [ 404.780926] ? __might_sleep+0x95/0x190 [ 404.784886] __alloc_pages_nodemask+0x34b/0xdd0 [ 404.789570] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.795117] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 404.800122] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 404.805128] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 404.809697] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 404.815222] ? pcpu_alloc+0x4f4/0x15d0 [ 404.819099] ? lock_downgrade+0x900/0x900 [ 404.823232] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 404.828233] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 404.833841] ? find_next_bit+0x104/0x130 [ 404.837914] pcpu_populate_chunk+0xf9/0x910 [ 404.842336] ? find_next_bit+0x104/0x130 [ 404.846395] pcpu_alloc+0xe14/0x15d0 [ 404.850114] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 404.854858] ? fs_reclaim_acquire+0x20/0x20 [ 404.859161] ? lock_downgrade+0x900/0x900 [ 404.863303] ? trace_hardirqs_on+0xbd/0x310 [ 404.867616] ? __kmalloc_node+0x3c/0x70 [ 404.871595] ? kasan_unpoison_shadow+0x35/0x50 [ 404.876166] ? kasan_kmalloc+0xc7/0xe0 [ 404.880043] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 404.885306] ? kasan_unpoison_shadow+0x35/0x50 [ 404.889880] ? perf_trace_sched_process_exec+0x860/0x860 [ 404.895416] __alloc_percpu_gfp+0x27/0x30 [ 404.899556] array_map_alloc+0x46c/0x5f0 [ 404.903714] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 404.908978] map_create+0x3bd/0x1100 [ 404.912695] ? bpf_map_new_fd+0x70/0x70 [ 404.916663] ? __might_fault+0x12b/0x1e0 [ 404.920710] ? lock_downgrade+0x900/0x900 [ 404.924942] ? lock_release+0xa10/0xa10 [ 404.928904] ? perf_trace_sched_process_exec+0x860/0x860 [ 404.934341] ? usercopy_warn+0x110/0x110 [ 404.938417] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 404.943946] __x64_sys_bpf+0x303/0x510 [ 404.947847] ? bpf_prog_get+0x20/0x20 [ 404.951664] do_syscall_64+0x1b9/0x820 [ 404.955550] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 404.960914] ? syscall_return_slowpath+0x5e0/0x5e0 [ 404.965833] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.970663] ? trace_hardirqs_on_caller+0x310/0x310 [ 404.975667] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 404.980671] ? prepare_exit_to_usermode+0x291/0x3b0 [ 404.985677] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.990525] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 404.995719] RIP: 0033:0x457519 [ 404.998903] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 405.017787] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 12:15:54 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050010a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 405.025480] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 405.032732] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 405.039984] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 405.047236] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 405.054491] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:54 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000080)=ANY=[@ANYBLOB="b701000000000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b7020000000000006a0a00ff00000000850000001c000000b700000000000000950000000000f500"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40000000000}, 0x48) 12:15:54 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x329) [ 405.092677] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 405.116676] IPv6: NLM_F_CREATE should be specified when creating new route 12:15:54 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x60500000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:54 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000240)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) r1 = fanotify_init(0x0, 0x0) fanotify_mark(r1, 0x1, 0x2, r0, &(0x7f0000000200)="2e2f66692e65318c00") fanotify_mark(r1, 0x26, 0x40000000, r0, &(0x7f0000000080)="2e2f66692e65318c00") fanotify_mark(r1, 0x2, 0x40000000, r0, &(0x7f0000000040)="2e2f66692e65318c00") r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x400000, 0x0) ioctl$IOC_PR_PREEMPT(r2, 0x401870cb, &(0x7f0000000100)={0x7f, 0x9, 0x2, 0x4f}) 12:15:54 executing program 3 (fault-call:1 fault-nth:84): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:54 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050004a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:54 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000e003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 405.144897] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 405.151477] IPv6: NLM_F_CREATE should be set when creating new route [ 405.158002] IPv6: NLM_F_CREATE should be set when creating new route [ 405.164529] IPv6: NLM_F_CREATE should be set when creating new route [ 405.235437] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 405.236674] FAULT_INJECTION: forcing a failure. [ 405.236674] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 405.267127] CPU: 1 PID: 21170 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 405.275665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.285198] Call Trace: [ 405.285224] dump_stack+0x244/0x3ab [ 405.285247] ? dump_stack_print_info.cold.2+0x52/0x52 [ 405.285270] ? perf_trace_lock_acquire+0x501/0x800 [ 405.301718] should_fail.cold.4+0xa/0x17 [ 405.305790] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 405.310887] ? lock_acquire+0x1ed/0x520 [ 405.314850] ? pcpu_alloc+0xbc9/0x15d0 [ 405.318735] ? trace_hardirqs_on+0xbd/0x310 [ 405.323055] ? perf_trace_run_bpf_submit+0x267/0x330 [ 405.328150] ? mark_held_locks+0x130/0x130 [ 405.332381] ? perf_tp_event+0xc20/0xc20 [ 405.336436] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.341967] ? fs_reclaim_acquire+0x20/0x20 [ 405.346279] ? lock_downgrade+0x900/0x900 [ 405.350421] ? lock_release+0xa10/0xa10 [ 405.354474] ? perf_trace_sched_process_exec+0x860/0x860 [ 405.359956] ? __might_sleep+0x95/0x190 [ 405.363934] __alloc_pages_nodemask+0x34b/0xdd0 [ 405.368613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.374149] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 405.379175] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 405.384185] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 405.388851] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 405.394391] ? pcpu_alloc+0x4f4/0x15d0 [ 405.398308] ? lock_downgrade+0x900/0x900 [ 405.402465] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 405.407473] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.413001] ? find_next_bit+0x104/0x130 [ 405.417061] pcpu_populate_chunk+0xf9/0x910 [ 405.421378] ? find_next_bit+0x104/0x130 [ 405.425440] pcpu_alloc+0xe14/0x15d0 [ 405.429159] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 405.433904] ? fs_reclaim_acquire+0x20/0x20 [ 405.438481] ? lock_downgrade+0x900/0x900 [ 405.442632] ? trace_hardirqs_on+0xbd/0x310 [ 405.446945] ? __kmalloc_node+0x3c/0x70 [ 405.450913] ? kasan_unpoison_shadow+0x35/0x50 [ 405.455485] ? kasan_kmalloc+0xc7/0xe0 [ 405.459374] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 405.464646] ? kasan_unpoison_shadow+0x35/0x50 [ 405.469226] ? perf_trace_sched_process_exec+0x860/0x860 [ 405.474677] __alloc_percpu_gfp+0x27/0x30 [ 405.478910] array_map_alloc+0x46c/0x5f0 [ 405.482978] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 405.488247] map_create+0x3bd/0x1100 [ 405.491965] ? bpf_map_new_fd+0x70/0x70 [ 405.496037] ? __might_fault+0x12b/0x1e0 [ 405.500094] ? lock_downgrade+0x900/0x900 [ 405.504240] ? lock_release+0xa10/0xa10 [ 405.508204] ? perf_trace_sched_process_exec+0x860/0x860 [ 405.513652] ? usercopy_warn+0x110/0x110 [ 405.517720] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.523257] __x64_sys_bpf+0x303/0x510 [ 405.527135] ? bpf_prog_get+0x20/0x20 [ 405.530944] do_syscall_64+0x1b9/0x820 [ 405.534820] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 405.540178] ? syscall_return_slowpath+0x5e0/0x5e0 [ 405.545222] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.550058] ? trace_hardirqs_on_caller+0x310/0x310 [ 405.555067] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 405.560076] ? prepare_exit_to_usermode+0x291/0x3b0 [ 405.565090] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.569935] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 405.575114] RIP: 0033:0x457519 [ 405.578301] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 405.597199] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 405.604902] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 405.612160] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 405.619503] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 405.626761] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 12:15:54 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910700003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 405.634128] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 405.647008] IPv6: NLM_F_CREATE should be specified when creating new route [ 405.667631] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 405.674330] IPv6: NLM_F_CREATE should be set when creating new route [ 405.680862] IPv6: NLM_F_CREATE should be set when creating new route 12:15:54 executing program 3 (fault-call:1 fault-nth:85): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 405.687388] IPv6: NLM_F_CREATE should be set when creating new route [ 405.694354] FAT-fs (loop5): bogus number of reserved sectors [ 405.714173] FAT-fs (loop5): Can't find a valid FAT filesystem 12:15:54 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x145) 12:15:54 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302911200003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 405.752889] FAULT_INJECTION: forcing a failure. [ 405.752889] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 405.780592] CPU: 1 PID: 21187 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 405.789260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.798715] Call Trace: 12:15:54 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x4000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 405.798741] dump_stack+0x244/0x3ab [ 405.798769] ? dump_stack_print_info.cold.2+0x52/0x52 [ 405.798791] ? perf_trace_lock_acquire+0x501/0x800 [ 405.798822] should_fail.cold.4+0xa/0x17 [ 405.798848] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 405.805048] ? lock_acquire+0x1ed/0x520 [ 405.805082] ? pcpu_alloc+0xbc9/0x15d0 [ 405.805115] ? perf_trace_run_bpf_submit+0x267/0x330 [ 405.837312] ? mark_held_locks+0x130/0x130 [ 405.841568] ? perf_tp_event+0xc20/0xc20 [ 405.845670] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 12:15:54 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302911100003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 405.851238] ? fs_reclaim_acquire+0x20/0x20 [ 405.855580] ? lock_downgrade+0x900/0x900 [ 405.859852] ? lock_release+0xa10/0xa10 [ 405.863849] ? perf_trace_sched_process_exec+0x860/0x860 [ 405.869371] ? __might_sleep+0x95/0x190 [ 405.873371] __alloc_pages_nodemask+0x34b/0xdd0 [ 405.878041] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.878064] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 405.878084] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 405.893846] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 405.898448] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 405.898476] ? pcpu_alloc+0x4f4/0x15d0 [ 405.907990] ? lock_downgrade+0x900/0x900 [ 405.912150] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 405.917192] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.922751] ? find_next_bit+0x104/0x130 [ 405.926853] pcpu_populate_chunk+0xf9/0x910 [ 405.931204] ? find_next_bit+0x104/0x130 [ 405.935308] pcpu_alloc+0xe14/0x15d0 [ 405.939066] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 405.943851] ? fs_reclaim_acquire+0x20/0x20 [ 405.948223] ? lock_downgrade+0x900/0x900 [ 405.952397] ? trace_hardirqs_on+0xbd/0x310 [ 405.956732] ? __kmalloc_node+0x3c/0x70 [ 405.960721] ? kasan_unpoison_shadow+0x35/0x50 [ 405.965339] ? kasan_kmalloc+0xc7/0xe0 [ 405.969250] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 405.974553] ? kasan_unpoison_shadow+0x35/0x50 [ 405.979169] ? perf_trace_sched_process_exec+0x860/0x860 [ 405.984642] __alloc_percpu_gfp+0x27/0x30 [ 405.988817] array_map_alloc+0x46c/0x5f0 [ 405.993004] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 405.998315] map_create+0x3bd/0x1100 [ 405.998343] ? bpf_map_new_fd+0x70/0x70 [ 405.998366] ? __might_fault+0x12b/0x1e0 [ 406.006031] ? lock_downgrade+0x900/0x900 [ 406.014218] ? lock_release+0xa10/0xa10 [ 406.018247] ? perf_trace_sched_process_exec+0x860/0x860 [ 406.023816] ? usercopy_warn+0x110/0x110 [ 406.027923] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 406.033491] __x64_sys_bpf+0x303/0x510 [ 406.037407] ? bpf_prog_get+0x20/0x20 [ 406.041376] do_syscall_64+0x1b9/0x820 [ 406.045303] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 406.050713] ? syscall_return_slowpath+0x5e0/0x5e0 [ 406.055649] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.060485] ? trace_hardirqs_on_caller+0x310/0x310 [ 406.065494] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 406.070502] ? prepare_exit_to_usermode+0x291/0x3b0 [ 406.075516] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.080353] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 406.085531] RIP: 0033:0x457519 12:15:55 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050006a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 406.088718] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 406.107609] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 406.115312] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 406.122585] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 406.129854] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 406.137128] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 406.144388] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:55 executing program 3 (fault-call:1 fault-nth:86): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:55 executing program 5: r0 = syz_open_dev$midi(&(0x7f0000000440)='/dev/midi#\x00', 0x5, 0x0) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x2}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000290000000000000000000000020000af48000005000000004e43be3ab2862e23a020fb5629cae435f2d2104e57971170d8fa8e80f17e"], 0x1c}}, 0x0) r1 = socket(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xd20000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_route(r1, &(0x7f0000000740)={&(0x7f00000001c0), 0xc, &(0x7f0000000000)={&(0x7f0000002400)=@bridge_getneigh={0x20, 0x1e, 0x601}, 0x20}}, 0x1000) timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x0, @thr={&(0x7f00000000c0), &(0x7f0000000200)}}, &(0x7f0000000280)=0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000400)) timer_settime(r2, 0x0, &(0x7f0000000340)={{}, {r3, r4+30000000}}, 0x0) syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x0, 0x0) 12:15:55 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050013a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 406.175679] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 406.184162] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:55 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910012003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 406.231060] FAULT_INJECTION: forcing a failure. [ 406.231060] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 406.243086] CPU: 1 PID: 21213 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 406.251685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.261045] Call Trace: [ 406.261073] dump_stack+0x244/0x3ab [ 406.261098] ? dump_stack_print_info.cold.2+0x52/0x52 [ 406.261118] ? perf_trace_lock_acquire+0x501/0x800 12:15:55 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050060a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 406.272794] should_fail.cold.4+0xa/0x17 [ 406.272817] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 406.281807] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 406.281830] ? kasan_check_read+0x11/0x20 [ 406.281849] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 406.301291] ? unwind_dump+0x190/0x190 [ 406.305197] ? is_bpf_text_address+0xd3/0x170 [ 406.309713] ? fs_reclaim_acquire+0x20/0x20 [ 406.314046] ? lock_downgrade+0x900/0x900 [ 406.318208] ? lock_release+0xa10/0xa10 [ 406.322202] ? perf_trace_sched_process_exec+0x860/0x860 [ 406.327672] ? __might_sleep+0x95/0x190 [ 406.327698] __alloc_pages_nodemask+0x34b/0xdd0 [ 406.336305] ? __x64_sys_bpf+0x303/0x510 [ 406.336322] ? do_syscall_64+0x1b9/0x820 [ 406.336340] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 406.349824] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 406.354883] ? trace_hardirqs_on+0xbd/0x310 [ 406.359225] ? kasan_unpoison_shadow+0x35/0x50 [ 406.363826] ? kasan_kmalloc+0xc7/0xe0 [ 406.367746] ? kasan_unpoison_shadow+0x35/0x50 [ 406.372348] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 406.377901] alloc_pages_current+0x173/0x350 [ 406.382304] __vmalloc_node_range+0x498/0x750 [ 406.386816] __vmalloc+0x45/0x50 [ 406.390171] ? pcpu_mem_zalloc+0x8f/0xe0 [ 406.394236] pcpu_mem_zalloc+0x8f/0xe0 [ 406.398151] pcpu_create_chunk+0x176/0xad0 [ 406.402393] ? lock_downgrade+0x900/0x900 [ 406.406535] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 406.413545] ? trace_hardirqs_on+0xbd/0x310 [ 406.417885] ? kasan_check_read+0x11/0x20 [ 406.422029] ? pcpu_alloc+0x943/0x15d0 [ 406.425907] ? trace_hardirqs_off_caller+0x300/0x300 [ 406.431022] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 406.436031] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 406.441059] pcpu_alloc+0x12fa/0x15d0 [ 406.444864] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 406.449618] ? fs_reclaim_acquire+0x20/0x20 [ 406.453946] ? lock_downgrade+0x900/0x900 [ 406.458103] ? trace_hardirqs_on+0xbd/0x310 [ 406.462423] ? __kmalloc_node+0x3c/0x70 [ 406.466389] ? kasan_unpoison_shadow+0x35/0x50 [ 406.471146] ? kasan_kmalloc+0xc7/0xe0 [ 406.475539] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 406.480821] ? kasan_unpoison_shadow+0x35/0x50 [ 406.485423] ? perf_trace_sched_process_exec+0x860/0x860 [ 406.490891] __alloc_percpu_gfp+0x27/0x30 [ 406.495049] array_map_alloc+0x46c/0x5f0 [ 406.499102] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 406.504406] map_create+0x3bd/0x1100 [ 406.508123] ? trace_hardirqs_off+0xaf/0x310 [ 406.512521] ? retint_kernel+0x2d/0x2d [ 406.516413] ? bpf_map_new_fd+0x70/0x70 [ 406.520394] ? __might_fault+0x12b/0x1e0 [ 406.524446] ? lock_downgrade+0x900/0x900 [ 406.528602] ? lock_release+0xa10/0xa10 [ 406.532579] ? perf_trace_sched_process_exec+0x860/0x860 [ 406.538037] ? usercopy_warn+0x110/0x110 [ 406.542121] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 406.547652] __x64_sys_bpf+0x303/0x510 [ 406.551532] ? bpf_prog_get+0x20/0x20 [ 406.555353] do_syscall_64+0x1b9/0x820 [ 406.559227] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 406.564590] ? syscall_return_slowpath+0x5e0/0x5e0 [ 406.569509] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.574345] ? trace_hardirqs_on_caller+0x310/0x310 [ 406.579352] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 406.584361] ? prepare_exit_to_usermode+0x291/0x3b0 [ 406.589398] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.594249] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 406.599458] RIP: 0033:0x457519 [ 406.602670] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 406.621568] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 12:15:55 executing program 3 (fault-call:1 fault-nth:87): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 406.629280] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 406.636561] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 406.643827] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 406.651083] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 406.658341] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 406.667805] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:55 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050002a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 406.705807] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:55 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xb6) 12:15:55 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x605000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 406.757353] FAULT_INJECTION: forcing a failure. [ 406.757353] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 406.787248] CPU: 1 PID: 21231 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 406.795806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.795814] Call Trace: 12:15:55 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291c0fe003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 406.795838] dump_stack+0x244/0x3ab [ 406.795861] ? dump_stack_print_info.cold.2+0x52/0x52 [ 406.816604] ? perf_trace_lock_acquire+0x501/0x800 [ 406.821556] should_fail.cold.4+0xa/0x17 [ 406.825645] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 406.830788] ? lock_acquire+0x1ed/0x520 [ 406.834788] ? pcpu_alloc+0xbc9/0x15d0 [ 406.838715] ? perf_trace_run_bpf_submit+0x267/0x330 [ 406.843838] ? perf_trace_lock_acquire+0x501/0x800 [ 406.848802] ? mark_held_locks+0x130/0x130 [ 406.848842] ? perf_tp_event+0xc20/0xc20 [ 406.848883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 406.857176] ? fs_reclaim_acquire+0x20/0x20 [ 406.867017] ? lock_downgrade+0x900/0x900 [ 406.871188] ? lock_release+0xa10/0xa10 [ 406.875195] ? perf_trace_sched_process_exec+0x860/0x860 [ 406.880678] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 406.885292] ? __might_sleep+0x95/0x190 [ 406.889317] __alloc_pages_nodemask+0x34b/0xdd0 [ 406.893999] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 406.899575] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 406.904615] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 406.909655] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 406.914264] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 406.919820] ? pcpu_alloc+0x4f4/0x15d0 [ 406.923807] ? lock_downgrade+0x900/0x900 [ 406.927972] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 406.933009] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 406.938645] ? find_next_bit+0x104/0x130 [ 406.942735] pcpu_populate_chunk+0xf9/0x910 [ 406.947065] ? find_next_bit+0x104/0x130 [ 406.951178] pcpu_alloc+0xe14/0x15d0 [ 406.954932] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 406.959697] ? fs_reclaim_acquire+0x20/0x20 [ 406.964117] ? lock_downgrade+0x900/0x900 [ 406.968295] ? trace_hardirqs_on+0xbd/0x310 [ 406.972615] ? __kmalloc_node+0x3c/0x70 [ 406.976680] ? kasan_unpoison_shadow+0x35/0x50 [ 406.981253] ? kasan_kmalloc+0xc7/0xe0 [ 406.985140] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 406.990457] ? kasan_unpoison_shadow+0x35/0x50 [ 406.995040] ? perf_trace_sched_process_exec+0x860/0x860 [ 407.000501] __alloc_percpu_gfp+0x27/0x30 [ 407.004735] array_map_alloc+0x46c/0x5f0 [ 407.008794] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 407.014081] map_create+0x3bd/0x1100 [ 407.017794] ? bpf_map_new_fd+0x70/0x70 [ 407.021774] ? __might_fault+0x12b/0x1e0 [ 407.025847] ? lock_downgrade+0x900/0x900 [ 407.030006] ? lock_release+0xa10/0xa10 [ 407.033987] ? perf_trace_sched_process_exec+0x860/0x860 [ 407.039460] ? usercopy_warn+0x110/0x110 [ 407.043540] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 407.049104] __x64_sys_bpf+0x303/0x510 [ 407.052985] ? bpf_prog_get+0x20/0x20 [ 407.056791] do_syscall_64+0x1b9/0x820 [ 407.060691] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 407.066046] ? syscall_return_slowpath+0x5e0/0x5e0 [ 407.070987] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.075838] ? trace_hardirqs_on_caller+0x310/0x310 [ 407.080868] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 407.085888] ? prepare_exit_to_usermode+0x291/0x3b0 [ 407.090894] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.095738] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 407.100914] RIP: 0033:0x457519 [ 407.104095] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 407.123082] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 407.130797] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 407.138052] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 407.145311] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 12:15:56 executing program 5: r0 = syz_open_dev$midi(&(0x7f0000000440)='/dev/midi#\x00', 0x5, 0x0) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x2}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000290000000000000000000000020000af48000005000000004e43be3ab2862e23a020fb5629cae435f2d2104e57971170d8fa8e80f17e"], 0x1c}}, 0x0) r1 = socket(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xd20000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_route(r1, &(0x7f0000000740)={&(0x7f00000001c0), 0xc, &(0x7f0000000000)={&(0x7f0000002400)=@bridge_getneigh={0x20, 0x1e, 0x601}, 0x20}}, 0x1000) timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x0, @thr={&(0x7f00000000c0), &(0x7f0000000200)}}, &(0x7f0000000280)=0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000400)) timer_settime(r2, 0x0, &(0x7f0000000340)={{}, {r3, r4+30000000}}, 0x0) syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x0, 0x0) 12:15:56 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050005a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 407.152567] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 407.159835] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 407.175847] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 407.186813] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:56 executing program 5: r0 = syz_open_dev$midi(&(0x7f0000000440)='/dev/midi#\x00', 0x5, 0x0) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x2}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000290000000000000000000000020000af48000005000000004e43be3ab2862e23a020fb5629cae435f2d2104e57971170d8fa8e80f17e"], 0x1c}}, 0x0) r1 = socket(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0xd20000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_route(r1, &(0x7f0000000740)={&(0x7f00000001c0), 0xc, &(0x7f0000000000)={&(0x7f0000002400)=@bridge_getneigh={0x20, 0x1e, 0x601}, 0x20}}, 0x1000) timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x0, @thr={&(0x7f00000000c0), &(0x7f0000000200)}}, &(0x7f0000000280)=0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) ioctl$SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000400)) timer_settime(r2, 0x0, &(0x7f0000000340)={{}, {r3, r4+30000000}}, 0x0) syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x0, 0x0) 12:15:56 executing program 3 (fault-call:1 fault-nth:88): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:56 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910003003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 407.266492] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 407.286649] FAULT_INJECTION: forcing a failure. [ 407.286649] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 407.310889] CPU: 0 PID: 21261 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 407.319424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.328795] Call Trace: [ 407.331419] dump_stack+0x244/0x3ab [ 407.335055] ? dump_stack_print_info.cold.2+0x52/0x52 [ 407.340244] ? perf_trace_lock_acquire+0x501/0x800 [ 407.345177] ? perf_trace_run_bpf_submit+0x267/0x330 [ 407.350296] should_fail.cold.4+0xa/0x17 [ 407.354370] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 407.359464] ? lock_acquire+0x1ed/0x520 [ 407.363435] ? pcpu_alloc+0xbc9/0x15d0 [ 407.367323] ? check_preemption_disabled+0x48/0x200 [ 407.372444] ? perf_trace_run_bpf_submit+0x267/0x330 [ 407.377542] ? mark_held_locks+0x130/0x130 [ 407.381773] ? perf_tp_event+0xc20/0xc20 [ 407.385823] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 407.391355] ? fs_reclaim_acquire+0x20/0x20 [ 407.395755] ? lock_downgrade+0x900/0x900 [ 407.399998] ? lock_release+0xa10/0xa10 [ 407.403966] ? perf_trace_sched_process_exec+0x860/0x860 [ 407.409417] ? __might_sleep+0x95/0x190 [ 407.413406] __alloc_pages_nodemask+0x34b/0xdd0 [ 407.418069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 407.423605] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 407.428616] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 407.433624] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 407.438202] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 407.443735] ? pcpu_alloc+0x4f4/0x15d0 [ 407.447633] ? lock_downgrade+0x900/0x900 [ 407.451804] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 407.456900] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 407.462520] ? find_next_bit+0x104/0x130 [ 407.466595] pcpu_populate_chunk+0xf9/0x910 [ 407.470909] ? find_next_bit+0x104/0x130 [ 407.474975] pcpu_alloc+0xe14/0x15d0 [ 407.478698] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 407.483447] ? fs_reclaim_acquire+0x20/0x20 [ 407.487765] ? lock_downgrade+0x900/0x900 [ 407.491915] ? trace_hardirqs_on+0xbd/0x310 [ 407.496229] ? __kmalloc_node+0x3c/0x70 [ 407.500203] ? kasan_unpoison_shadow+0x35/0x50 [ 407.504773] ? kasan_kmalloc+0xc7/0xe0 [ 407.508657] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 407.513931] ? kasan_unpoison_shadow+0x35/0x50 [ 407.518521] ? perf_trace_sched_process_exec+0x860/0x860 [ 407.523986] __alloc_percpu_gfp+0x27/0x30 [ 407.528130] array_map_alloc+0x46c/0x5f0 [ 407.532208] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 407.537485] map_create+0x3bd/0x1100 [ 407.541200] ? bpf_map_new_fd+0x70/0x70 [ 407.545269] ? __might_fault+0x12b/0x1e0 [ 407.549323] ? lock_downgrade+0x900/0x900 [ 407.553482] ? lock_release+0xa10/0xa10 [ 407.557447] ? perf_trace_sched_process_exec+0x860/0x860 [ 407.562908] ? usercopy_warn+0x110/0x110 [ 407.566980] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 407.572518] __x64_sys_bpf+0x303/0x510 [ 407.576486] ? bpf_prog_get+0x20/0x20 [ 407.580298] do_syscall_64+0x1b9/0x820 [ 407.584191] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 407.589553] ? syscall_return_slowpath+0x5e0/0x5e0 [ 407.594486] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.599326] ? trace_hardirqs_on_caller+0x310/0x310 [ 407.604336] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 407.609447] ? prepare_exit_to_usermode+0x291/0x3b0 [ 407.614561] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.619411] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 407.624592] RIP: 0033:0x457519 [ 407.627780] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 407.646785] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 407.654491] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 12:15:56 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x507000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:56 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005000aa84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 407.661753] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 407.669012] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 407.676273] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 407.683537] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:15:56 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x1e6) 12:15:56 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910200003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:56 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xb6) [ 407.733533] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 407.755670] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:56 executing program 3 (fault-call:1 fault-nth:89): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:56 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050007a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 407.867255] FAULT_INJECTION: forcing a failure. [ 407.867255] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 407.891947] CPU: 1 PID: 21286 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 407.900490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.909858] Call Trace: [ 407.912478] dump_stack+0x244/0x3ab [ 407.916155] ? dump_stack_print_info.cold.2+0x52/0x52 [ 407.921370] ? perf_trace_lock_acquire+0x501/0x800 [ 407.926313] ? perf_trace_run_bpf_submit+0x267/0x330 [ 407.926340] should_fail.cold.4+0xa/0x17 [ 407.935480] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 407.935496] ? lock_acquire+0x1ed/0x520 [ 407.935514] ? pcpu_alloc+0xbc9/0x15d0 [ 407.948470] ? check_preemption_disabled+0x48/0x200 [ 407.953518] ? perf_trace_run_bpf_submit+0x267/0x330 [ 407.958649] ? mark_held_locks+0x130/0x130 [ 407.962907] ? perf_tp_event+0xc20/0xc20 [ 407.967003] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 407.972564] ? fs_reclaim_acquire+0x20/0x20 [ 407.976885] ? lock_downgrade+0x900/0x900 [ 407.981042] ? lock_release+0xa10/0xa10 [ 407.985016] ? perf_trace_sched_process_exec+0x860/0x860 [ 407.990471] ? __might_sleep+0x95/0x190 [ 407.994446] __alloc_pages_nodemask+0x34b/0xdd0 [ 407.999119] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.004665] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 408.009693] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 408.014709] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 408.019295] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 408.024833] ? pcpu_alloc+0x4f4/0x15d0 [ 408.028807] ? lock_downgrade+0x900/0x900 [ 408.032953] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 408.037968] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.043497] ? find_next_bit+0x104/0x130 [ 408.047563] pcpu_populate_chunk+0xf9/0x910 [ 408.051880] ? find_next_bit+0x104/0x130 [ 408.055948] pcpu_alloc+0xe14/0x15d0 [ 408.059674] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 408.064426] ? fs_reclaim_acquire+0x20/0x20 [ 408.068744] ? lock_downgrade+0x900/0x900 [ 408.072918] ? trace_hardirqs_on+0xbd/0x310 [ 408.077237] ? __kmalloc_node+0x3c/0x70 [ 408.081214] ? kasan_unpoison_shadow+0x35/0x50 [ 408.085789] ? kasan_kmalloc+0xc7/0xe0 [ 408.089780] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 408.095054] ? kasan_unpoison_shadow+0x35/0x50 [ 408.099641] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.105103] __alloc_percpu_gfp+0x27/0x30 [ 408.109249] array_map_alloc+0x46c/0x5f0 [ 408.113312] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 408.118599] map_create+0x3bd/0x1100 [ 408.122316] ? bpf_map_new_fd+0x70/0x70 [ 408.126292] ? __might_fault+0x12b/0x1e0 [ 408.130353] ? lock_downgrade+0x900/0x900 [ 408.134500] ? lock_release+0xa10/0xa10 [ 408.138468] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.143916] ? usercopy_warn+0x110/0x110 [ 408.147992] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.153529] __x64_sys_bpf+0x303/0x510 [ 408.157414] ? bpf_prog_get+0x20/0x20 [ 408.161233] do_syscall_64+0x1b9/0x820 [ 408.165120] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 408.170478] ? syscall_return_slowpath+0x5e0/0x5e0 [ 408.175402] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.180240] ? trace_hardirqs_on_caller+0x310/0x310 [ 408.185253] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 408.190268] ? prepare_exit_to_usermode+0x291/0x3b0 [ 408.195285] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.200131] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 408.205314] RIP: 0033:0x457519 [ 408.208504] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 408.227397] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 408.235107] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 408.242370] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 408.249637] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 408.256900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 12:15:57 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100f0003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:57 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005000ba84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:57 executing program 3 (fault-call:1 fault-nth:90): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:57 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910900003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 408.264159] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 408.288462] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 408.296244] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 408.348413] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 408.385928] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:57 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910012003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 408.393684] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 408.422386] FAULT_INJECTION: forcing a failure. [ 408.422386] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 408.492798] CPU: 0 PID: 21303 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 408.501336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.510709] Call Trace: [ 408.513401] dump_stack+0x244/0x3ab [ 408.517043] ? dump_stack_print_info.cold.2+0x52/0x52 [ 408.522248] ? debug_smp_processor_id+0x1c/0x20 [ 408.526948] ? perf_trace_lock_acquire+0x15b/0x800 [ 408.531892] should_fail.cold.4+0xa/0x17 [ 408.535976] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 408.541103] ? lock_acquire+0x1ed/0x520 [ 408.545089] ? pcpu_alloc+0xbc9/0x15d0 [ 408.548982] ? perf_trace_lock_acquire+0x15b/0x800 [ 408.553917] ? lock_release+0xa10/0xa10 [ 408.557897] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.563355] ? mark_held_locks+0x130/0x130 [ 408.567707] ? fs_reclaim_acquire+0x20/0x20 [ 408.572030] ? lock_downgrade+0x900/0x900 [ 408.576186] ? lock_release+0xa10/0xa10 [ 408.580171] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.585723] ? __might_sleep+0x95/0x190 [ 408.589714] __alloc_pages_nodemask+0x34b/0xdd0 [ 408.594411] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.599961] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 408.604982] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 408.610014] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 408.614626] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 408.620186] ? pcpu_alloc+0x4f4/0x15d0 [ 408.624114] ? lock_downgrade+0x900/0x900 [ 408.628276] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 408.633304] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.638849] ? find_next_bit+0x104/0x130 [ 408.643138] pcpu_populate_chunk+0xf9/0x910 [ 408.647470] ? find_next_bit+0x104/0x130 [ 408.651561] pcpu_alloc+0xe14/0x15d0 [ 408.655287] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 408.660042] ? fs_reclaim_acquire+0x20/0x20 [ 408.664361] ? lock_downgrade+0x900/0x900 [ 408.668514] ? trace_hardirqs_on+0xbd/0x310 [ 408.672848] ? __kmalloc_node+0x3c/0x70 [ 408.676827] ? kasan_unpoison_shadow+0x35/0x50 [ 408.681403] ? kasan_kmalloc+0xc7/0xe0 [ 408.685286] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 408.690550] ? kasan_unpoison_shadow+0x35/0x50 [ 408.695123] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.700567] __alloc_percpu_gfp+0x27/0x30 [ 408.704717] array_map_alloc+0x46c/0x5f0 [ 408.708774] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 408.714039] map_create+0x3bd/0x1100 [ 408.717750] ? bpf_map_new_fd+0x70/0x70 [ 408.721716] ? __might_fault+0x12b/0x1e0 [ 408.725766] ? lock_downgrade+0x900/0x900 [ 408.729916] ? lock_release+0xa10/0xa10 [ 408.733889] ? perf_trace_sched_process_exec+0x860/0x860 [ 408.739331] ? usercopy_warn+0x110/0x110 [ 408.743385] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.748914] __x64_sys_bpf+0x303/0x510 [ 408.752798] ? bpf_prog_get+0x20/0x20 [ 408.756617] do_syscall_64+0x1b9/0x820 [ 408.760513] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 408.765885] ? syscall_return_slowpath+0x5e0/0x5e0 [ 408.770829] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.775679] ? trace_hardirqs_on_caller+0x310/0x310 [ 408.780701] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 408.785728] ? prepare_exit_to_usermode+0x291/0x3b0 [ 408.790764] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.795911] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 408.801364] RIP: 0033:0x457519 [ 408.804562] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 408.823477] RSP: 002b:00007f6d2a361c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 408.831175] RAX: ffffffffffffffda RBX: 00007f6d2a361c90 RCX: 0000000000457519 [ 408.838432] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 408.845696] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 408.852966] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3626d4 [ 408.860231] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000003 [ 408.868118] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:57 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050003a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:57 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2ab) 12:15:57 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x145) 12:15:57 executing program 3 (fault-call:1 fault-nth:91): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:57 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910010003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:57 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x705000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 409.025646] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 409.036286] FAULT_INJECTION: forcing a failure. [ 409.036286] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 409.049718] CPU: 0 PID: 21322 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 409.058242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.067604] Call Trace: [ 409.067632] dump_stack+0x244/0x3ab 12:15:57 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050003004302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 409.067656] ? dump_stack_print_info.cold.2+0x52/0x52 [ 409.073855] ? perf_trace_lock_acquire+0x501/0x800 [ 409.073878] ? perf_trace_run_bpf_submit+0x267/0x330 [ 409.073904] should_fail.cold.4+0xa/0x17 [ 409.073924] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 409.073941] ? lock_acquire+0x1ed/0x520 [ 409.102398] ? pcpu_alloc+0xbc9/0x15d0 [ 409.106319] ? check_preemption_disabled+0x48/0x200 [ 409.111357] ? perf_trace_run_bpf_submit+0x267/0x330 [ 409.116486] ? mark_held_locks+0x130/0x130 [ 409.120721] ? perf_tp_event+0xc20/0xc20 [ 409.124789] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.130362] ? fs_reclaim_acquire+0x20/0x20 [ 409.134815] ? lock_downgrade+0x900/0x900 [ 409.138959] ? lock_release+0xa10/0xa10 [ 409.142940] ? perf_trace_sched_process_exec+0x860/0x860 [ 409.148404] ? __might_sleep+0x95/0x190 [ 409.152392] __alloc_pages_nodemask+0x34b/0xdd0 [ 409.157062] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.162617] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 409.167656] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 409.172682] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 409.177261] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 409.182795] ? pcpu_alloc+0x4f4/0x15d0 [ 409.186676] ? lock_downgrade+0x900/0x900 [ 409.190819] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 409.195841] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.201407] ? find_next_bit+0x104/0x130 [ 409.205471] pcpu_populate_chunk+0xf9/0x910 [ 409.209786] ? find_next_bit+0x104/0x130 [ 409.213849] pcpu_alloc+0xe14/0x15d0 [ 409.217579] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 409.222344] ? fs_reclaim_acquire+0x20/0x20 [ 409.226673] ? lock_downgrade+0x900/0x900 [ 409.230828] ? trace_hardirqs_on+0xbd/0x310 [ 409.235148] ? __kmalloc_node+0x3c/0x70 [ 409.239136] ? kasan_unpoison_shadow+0x35/0x50 [ 409.243744] ? kasan_kmalloc+0xc7/0xe0 [ 409.247648] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 409.252920] ? kasan_unpoison_shadow+0x35/0x50 [ 409.257502] ? perf_trace_sched_process_exec+0x860/0x860 [ 409.262956] __alloc_percpu_gfp+0x27/0x30 [ 409.267110] array_map_alloc+0x46c/0x5f0 [ 409.271172] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 409.276443] map_create+0x3bd/0x1100 [ 409.280160] ? bpf_map_new_fd+0x70/0x70 [ 409.284145] ? __might_fault+0x12b/0x1e0 [ 409.288206] ? lock_downgrade+0x900/0x900 [ 409.292349] ? lock_release+0xa10/0xa10 [ 409.296342] ? perf_trace_sched_process_exec+0x860/0x860 [ 409.301802] ? usercopy_warn+0x110/0x110 [ 409.305877] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.311431] __x64_sys_bpf+0x303/0x510 [ 409.315324] ? bpf_prog_get+0x20/0x20 [ 409.319136] do_syscall_64+0x1b9/0x820 [ 409.323035] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 409.328395] ? syscall_return_slowpath+0x5e0/0x5e0 [ 409.333322] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.338172] ? trace_hardirqs_on_caller+0x310/0x310 [ 409.343219] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 409.348260] ? prepare_exit_to_usermode+0x291/0x3b0 [ 409.355813] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.360677] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 409.365874] RIP: 0033:0x457519 [ 409.369078] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 409.387981] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 409.395708] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 409.402973] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 409.410243] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 409.417516] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 12:15:58 executing program 3 (fault-call:1 fault-nth:92): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:58 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000203900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 409.424797] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 409.433241] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 409.441750] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 409.455831] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:58 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a600500fca84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 409.495273] FAULT_INJECTION: forcing a failure. [ 409.495273] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 409.513704] CPU: 1 PID: 21336 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 409.522258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.531627] Call Trace: [ 409.534215] dump_stack+0x244/0x3ab [ 409.537850] ? dump_stack_print_info.cold.2+0x52/0x52 [ 409.543053] ? perf_trace_lock_acquire+0x501/0x800 [ 409.548027] should_fail.cold.4+0xa/0x17 [ 409.552089] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 409.557185] ? lock_acquire+0x1ed/0x520 [ 409.561168] ? pcpu_alloc+0xbc9/0x15d0 [ 409.565052] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 409.569804] ? trace_hardirqs_off+0xaf/0x310 [ 409.574220] ? retint_kernel+0x2d/0x2d [ 409.578113] ? lock_acquire+0x268/0x520 [ 409.582093] ? fs_reclaim_acquire+0x20/0x20 [ 409.586418] ? lock_downgrade+0x900/0x900 [ 409.590565] ? lock_release+0xa10/0xa10 [ 409.594539] ? perf_trace_sched_process_exec+0x860/0x860 [ 409.600004] ? __switch_to_asm+0x40/0x70 [ 409.604060] ? __switch_to_asm+0x34/0x70 [ 409.608122] ? __might_sleep+0x95/0x190 [ 409.612118] __alloc_pages_nodemask+0x34b/0xdd0 [ 409.616781] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.622314] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 409.627336] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 409.632351] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 409.636929] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 409.642465] ? pcpu_alloc+0x4f4/0x15d0 [ 409.646349] ? lock_downgrade+0x900/0x900 [ 409.650497] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.656038] ? find_next_bit+0x104/0x130 [ 409.660105] pcpu_populate_chunk+0xf9/0x910 [ 409.664439] ? find_next_bit+0x104/0x130 [ 409.668507] pcpu_alloc+0xe14/0x15d0 [ 409.672225] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 409.676984] ? fs_reclaim_acquire+0x20/0x20 [ 409.681305] ? lock_downgrade+0x900/0x900 [ 409.685458] ? trace_hardirqs_on+0xbd/0x310 [ 409.689776] ? __kmalloc_node+0x3c/0x70 [ 409.693746] ? kasan_unpoison_shadow+0x35/0x50 [ 409.698337] ? kasan_kmalloc+0xc7/0xe0 [ 409.702242] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 409.707514] ? kasan_unpoison_shadow+0x35/0x50 [ 409.712097] ? perf_trace_sched_process_exec+0x860/0x860 [ 409.717567] __alloc_percpu_gfp+0x27/0x30 [ 409.721714] array_map_alloc+0x46c/0x5f0 [ 409.725791] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 409.731063] map_create+0x3bd/0x1100 [ 409.734790] ? bpf_map_new_fd+0x70/0x70 [ 409.738771] ? __might_fault+0x12b/0x1e0 [ 409.742829] ? lock_downgrade+0x900/0x900 [ 409.746983] ? lock_release+0xa10/0xa10 [ 409.750951] ? perf_trace_sched_process_exec+0x860/0x860 [ 409.756405] ? usercopy_warn+0x110/0x110 [ 409.760476] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.766020] __x64_sys_bpf+0x303/0x510 [ 409.769920] ? bpf_prog_get+0x20/0x20 [ 409.773732] do_syscall_64+0x1b9/0x820 [ 409.777617] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 409.782980] ? syscall_return_slowpath+0x5e0/0x5e0 [ 409.787911] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.792758] ? trace_hardirqs_on_caller+0x310/0x310 [ 409.797772] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 409.802900] ? prepare_exit_to_usermode+0x291/0x3b0 [ 409.807938] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.812807] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 409.817990] RIP: 0033:0x457519 [ 409.821191] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 409.840108] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 409.847828] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 409.855090] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 409.862355] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 409.869620] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 409.876905] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 409.890039] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:58 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000600)={r1, 0x4, 0xffffffffffffffc3, "dd1bc2151f29823f000000c840368cd947ce77d9b3fb000000ff00bb07170dbf546a9057351e68a64046bf0790957ca481abd907b13087e7b76d6c59a4d4c8592cd57472efb59f0901000000000000009ef544000020"}, 0xb) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r3 = fanotify_init(0x7, 0x0) fanotify_mark(r3, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r3, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) dup3(r0, r3, 0x0) [ 409.905854] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:58 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000403900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:58 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x506000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:15:58 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x18b) 12:15:58 executing program 3 (fault-call:1 fault-nth:93): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 409.958684] FAT-fs (loop5): bogus number of reserved sectors [ 409.972039] FAT-fs (loop5): Can't find a valid FAT filesystem 12:15:58 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050009a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 410.017171] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 410.038984] FAULT_INJECTION: forcing a failure. [ 410.038984] name failslab, interval 1, probability 0, space 0, times 0 [ 410.101789] CPU: 0 PID: 21361 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 410.110350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.119723] Call Trace: [ 410.122347] dump_stack+0x244/0x3ab [ 410.126012] ? dump_stack_print_info.cold.2+0x52/0x52 [ 410.131247] should_fail.cold.4+0xa/0x17 [ 410.135335] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 410.140470] ? save_stack+0xa9/0xd0 [ 410.144126] ? save_stack+0x43/0xd0 [ 410.147774] ? kasan_kmalloc+0xc7/0xe0 [ 410.151679] ? kmem_cache_alloc_trace+0x152/0x750 [ 410.156547] ? pcpu_get_vm_areas+0x5a9/0x12c0 [ 410.161064] ? pcpu_create_chunk+0x40a/0xad0 [ 410.165493] ? pcpu_alloc+0x12fa/0x15d0 [ 410.169490] ? array_map_alloc+0x46c/0x5f0 [ 410.173741] ? map_create+0x3bd/0x1100 [ 410.177648] ? __x64_sys_bpf+0x303/0x510 [ 410.181727] ? do_syscall_64+0x1b9/0x820 [ 410.185804] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 410.191186] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.196675] ? fs_reclaim_acquire+0x20/0x20 [ 410.196697] ? lock_downgrade+0x900/0x900 [ 410.205178] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.210649] ? trace_hardirqs_on+0xbd/0x310 [ 410.214994] ? pcpu_get_vm_areas+0x4ff/0x12c0 [ 410.219527] __should_failslab+0x124/0x180 [ 410.223786] should_failslab+0x9/0x14 [ 410.227608] kmem_cache_alloc_trace+0x2d7/0x750 [ 410.232308] ? pcpu_get_vm_areas+0x4ff/0x12c0 [ 410.236844] pcpu_get_vm_areas+0x5e8/0x12c0 [ 410.241190] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.246690] ? vm_map_ram+0xf60/0xf60 [ 410.250530] ? __vmalloc+0x45/0x50 [ 410.254092] ? pcpu_mem_zalloc+0x8f/0xe0 [ 410.258186] pcpu_create_chunk+0x40a/0xad0 [ 410.262452] ? trace_event_raw_event_percpu_alloc_percpu_fail+0x320/0x320 [ 410.269403] ? trace_hardirqs_on+0xbd/0x310 [ 410.273743] ? kasan_check_read+0x11/0x20 [ 410.277921] ? pcpu_alloc+0x943/0x15d0 [ 410.281832] ? trace_hardirqs_off_caller+0x300/0x300 [ 410.286982] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 410.292023] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 410.297078] pcpu_alloc+0x12fa/0x15d0 [ 410.300927] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 410.305705] ? fs_reclaim_acquire+0x20/0x20 [ 410.305727] ? lock_downgrade+0x900/0x900 [ 410.305759] ? trace_hardirqs_on+0xbd/0x310 [ 410.314208] ? __kmalloc_node+0x3c/0x70 [ 410.314228] ? kasan_unpoison_shadow+0x35/0x50 [ 410.314245] ? kasan_kmalloc+0xc7/0xe0 [ 410.314273] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 410.336294] ? kasan_unpoison_shadow+0x35/0x50 [ 410.340921] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.346416] __alloc_percpu_gfp+0x27/0x30 12:15:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000600)={r1, 0x4, 0xffffffffffffffc3, "dd1bc2151f29823f000000c840368cd947ce77d9b3fb000000ff00bb07170dbf546a9057351e68a64046bf0790957ca481abd907b13087e7b76d6c59a4d4c8592cd57472efb59f0901000000000000009ef544000020"}, 0xb) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r3 = fanotify_init(0x7, 0x0) fanotify_mark(r3, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r3, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) dup3(r0, r3, 0x0) [ 410.350676] array_map_alloc+0x46c/0x5f0 [ 410.354766] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 410.360061] map_create+0x3bd/0x1100 [ 410.363809] ? bpf_map_new_fd+0x70/0x70 [ 410.367812] ? __might_fault+0x12b/0x1e0 [ 410.371911] ? lock_downgrade+0x900/0x900 [ 410.376091] ? lock_release+0xa10/0xa10 [ 410.380089] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.385565] ? usercopy_warn+0x110/0x110 [ 410.389676] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 410.395420] __x64_sys_bpf+0x303/0x510 [ 410.399329] ? bpf_prog_get+0x20/0x20 [ 410.403181] do_syscall_64+0x1b9/0x820 [ 410.407084] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 410.412471] ? syscall_return_slowpath+0x5e0/0x5e0 [ 410.417423] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.422302] ? trace_hardirqs_on_caller+0x310/0x310 [ 410.427382] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 410.432424] ? prepare_exit_to_usermode+0x291/0x3b0 [ 410.437473] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.442346] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 410.447549] RIP: 0033:0x457519 [ 410.450767] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 410.469863] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 410.478056] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 410.485351] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 410.492747] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 12:15:59 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910008003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 410.500046] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 410.507343] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 410.525849] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 410.526997] FAT-fs (loop5): bogus number of reserved sectors 12:15:59 executing program 3 (fault-call:1 fault-nth:94): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:15:59 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050011a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:15:59 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000a003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 410.551807] FAT-fs (loop5): Can't find a valid FAT filesystem [ 410.551987] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:15:59 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x167) 12:15:59 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000600)={r1, 0x4, 0xffffffffffffffc3, "dd1bc2151f29823f000000c840368cd947ce77d9b3fb000000ff00bb07170dbf546a9057351e68a64046bf0790957ca481abd907b13087e7b76d6c59a4d4c8592cd57472efb59f0901000000000000009ef544000020"}, 0xb) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r3 = fanotify_init(0x7, 0x0) fanotify_mark(r3, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r3, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) dup3(r0, r3, 0x0) [ 410.637325] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 410.662708] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 410.668236] FAULT_INJECTION: forcing a failure. [ 410.668236] name fail_page_alloc, interval 1, probability 0, space 0, times 0 12:15:59 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000033900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 410.728833] CPU: 1 PID: 21393 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 410.737393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.746774] Call Trace: [ 410.749388] dump_stack+0x244/0x3ab [ 410.753048] ? dump_stack_print_info.cold.2+0x52/0x52 [ 410.758263] ? perf_trace_lock_acquire+0x501/0x800 [ 410.763231] should_fail.cold.4+0xa/0x17 [ 410.767317] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 410.772434] ? lock_acquire+0x1ed/0x520 [ 410.776430] ? pcpu_alloc+0xbc9/0x15d0 [ 410.780355] ? perf_trace_run_bpf_submit+0x267/0x330 [ 410.785485] ? perf_trace_lock_acquire+0x501/0x800 [ 410.790445] ? mark_held_locks+0x130/0x130 [ 410.794704] ? perf_tp_event+0xc20/0xc20 [ 410.798786] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.804350] ? fs_reclaim_acquire+0x20/0x20 [ 410.808694] ? lock_downgrade+0x900/0x900 [ 410.812881] ? lock_release+0xa10/0xa10 [ 410.816881] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.822355] ? pcpu_get_vm_areas+0x100f/0x12c0 [ 410.826972] ? __might_sleep+0x95/0x190 [ 410.830972] __alloc_pages_nodemask+0x34b/0xdd0 [ 410.835662] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.841227] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 410.846271] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 410.851312] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 410.855918] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 410.855947] ? pcpu_alloc+0x4f4/0x15d0 [ 410.865365] ? lock_downgrade+0x900/0x900 [ 410.865392] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 410.865412] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 410.874593] ? find_next_bit+0x104/0x130 [ 410.874624] pcpu_populate_chunk+0xf9/0x910 [ 410.874640] ? find_next_bit+0x104/0x130 [ 410.884242] pcpu_alloc+0xe14/0x15d0 [ 410.884280] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 410.901123] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 410.905912] ? trace_hardirqs_off+0xaf/0x310 [ 410.910342] ? retint_kernel+0x2d/0x2d [ 410.914264] ? kasan_unpoison_shadow+0x35/0x50 [ 410.918869] ? kasan_kmalloc+0xc7/0xe0 [ 410.922774] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 410.922793] ? kasan_unpoison_shadow+0x35/0x50 [ 410.922817] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.932668] __alloc_percpu_gfp+0x27/0x30 [ 410.932690] array_map_alloc+0x46c/0x5f0 [ 410.932714] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 410.951615] map_create+0x3bd/0x1100 [ 410.955363] ? bpf_map_new_fd+0x70/0x70 [ 410.959357] ? __might_fault+0x12b/0x1e0 [ 410.963430] ? lock_downgrade+0x900/0x900 [ 410.967596] ? lock_release+0xa10/0xa10 [ 410.971561] ? perf_trace_sched_process_exec+0x860/0x860 [ 410.977003] ? usercopy_warn+0x110/0x110 [ 410.981075] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 410.986634] __x64_sys_bpf+0x303/0x510 [ 410.990538] ? bpf_prog_get+0x20/0x20 [ 410.994356] do_syscall_64+0x1b9/0x820 [ 410.998271] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 411.003643] ? syscall_return_slowpath+0x5e0/0x5e0 [ 411.008573] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.013413] ? trace_hardirqs_on_caller+0x310/0x310 [ 411.018426] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 411.023440] ? prepare_exit_to_usermode+0x291/0x3b0 [ 411.028450] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.033309] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 411.038490] RIP: 0033:0x457519 [ 411.041673] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 411.060567] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 411.068269] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 411.075531] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 411.082793] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 411.090054] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 411.097327] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 411.110665] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 411.122209] FAT-fs (loop5): bogus number of reserved sectors [ 411.128589] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:00 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0xffefffffff7f0000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:00 executing program 3 (fault-call:1 fault-nth:95): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:00 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050012a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:00 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100fe803900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000600)={r1, 0x4, 0xffffffffffffffc3, "dd1bc2151f29823f000000c840368cd947ce77d9b3fb000000ff00bb07170dbf546a9057351e68a64046bf0790957ca481abd907b13087e7b76d6c59a4d4c8592cd57472efb59f0901000000000000009ef544000020"}, 0xb) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r3 = fanotify_init(0x7, 0x0) fanotify_mark(r3, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r3, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) dup3(r0, r3, 0x0) [ 411.216754] IPv6: NLM_F_CREATE should be specified when creating new route [ 411.230636] FAULT_INJECTION: forcing a failure. [ 411.230636] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 411.243562] CPU: 0 PID: 21417 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 411.252104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.261478] Call Trace: [ 411.264073] dump_stack+0x244/0x3ab [ 411.267701] ? dump_stack_print_info.cold.2+0x52/0x52 [ 411.272891] ? perf_trace_lock_acquire+0x501/0x800 [ 411.277831] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.283375] should_fail.cold.4+0xa/0x17 [ 411.287437] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 411.292536] ? lock_acquire+0x1ed/0x520 [ 411.296504] ? pcpu_alloc+0xbc9/0x15d0 [ 411.300396] ? perf_trace_run_bpf_submit+0x267/0x330 [ 411.305502] ? mark_held_locks+0x130/0x130 [ 411.309859] ? perf_tp_event+0xc20/0xc20 [ 411.313915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.319468] ? fs_reclaim_acquire+0x20/0x20 [ 411.323797] ? lock_downgrade+0x900/0x900 [ 411.327953] ? lock_release+0xa10/0xa10 [ 411.331934] ? perf_trace_sched_process_exec+0x860/0x860 [ 411.337381] ? __switch_to_asm+0x40/0x70 [ 411.341445] ? __might_sleep+0x95/0x190 [ 411.345430] __alloc_pages_nodemask+0x34b/0xdd0 [ 411.350097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.355638] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 411.360659] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 411.365678] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 411.370261] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 411.375804] ? pcpu_alloc+0x4f4/0x15d0 [ 411.379699] ? lock_downgrade+0x900/0x900 [ 411.383855] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 411.388958] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 411.394498] ? find_next_bit+0x104/0x130 [ 411.398563] pcpu_populate_chunk+0xf9/0x910 [ 411.402878] ? find_next_bit+0x104/0x130 [ 411.406943] pcpu_alloc+0xe14/0x15d0 [ 411.410668] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 411.415420] ? fs_reclaim_acquire+0x20/0x20 [ 411.419753] ? lock_downgrade+0x900/0x900 [ 411.423909] ? trace_hardirqs_on+0xbd/0x310 [ 411.428226] ? __kmalloc_node+0x3c/0x70 [ 411.432201] ? kasan_unpoison_shadow+0x35/0x50 [ 411.436779] ? kasan_kmalloc+0xc7/0xe0 [ 411.440677] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 411.445950] ? kasan_unpoison_shadow+0x35/0x50 [ 411.450544] ? perf_trace_sched_process_exec+0x860/0x860 [ 411.456011] __alloc_percpu_gfp+0x27/0x30 [ 411.460160] array_map_alloc+0x46c/0x5f0 [ 411.464221] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 411.469597] map_create+0x3bd/0x1100 [ 411.473316] ? bpf_map_new_fd+0x70/0x70 [ 411.477294] ? __might_fault+0x12b/0x1e0 [ 411.481437] ? lock_downgrade+0x900/0x900 [ 411.485584] ? lock_release+0xa10/0xa10 [ 411.489554] ? perf_trace_sched_process_exec+0x860/0x860 [ 411.495005] ? usercopy_warn+0x110/0x110 [ 411.499082] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 411.504648] __x64_sys_bpf+0x303/0x510 [ 411.508540] ? bpf_prog_get+0x20/0x20 [ 411.512361] do_syscall_64+0x1b9/0x820 [ 411.516245] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 411.521604] ? syscall_return_slowpath+0x5e0/0x5e0 [ 411.526530] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.531372] ? trace_hardirqs_on_caller+0x310/0x310 [ 411.536400] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 411.541510] ? prepare_exit_to_usermode+0x291/0x3b0 [ 411.546537] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.551379] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 411.556564] RIP: 0033:0x457519 [ 411.559755] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 411.578738] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 411.586443] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 411.593707] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 411.600970] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 411.608407] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 411.615672] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 411.631045] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 411.631464] FAT-fs (loop5): bogus number of reserved sectors [ 411.637626] IPv6: NLM_F_CREATE should be set when creating new route [ 411.637654] IPv6: NLM_F_CREATE should be set when creating new route [ 411.637671] IPv6: NLM_F_CREATE should be set when creating new route 12:16:00 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x1ac) 12:16:00 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910003003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 411.651920] FAT-fs (loop5): Can't find a valid FAT filesystem [ 411.669151] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:00 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050008a84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:00 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910005003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 411.735328] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 411.765735] IPv6: NLM_F_CREATE should be specified when creating new route [ 411.798516] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 411.805123] IPv6: NLM_F_CREATE should be set when creating new route [ 411.811673] IPv6: NLM_F_CREATE should be set when creating new route [ 411.818222] IPv6: NLM_F_CREATE should be set when creating new route 12:16:00 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000600)={r1, 0x4, 0xffffffffffffffc3, "dd1bc2151f29823f000000c840368cd947ce77d9b3fb000000ff00bb07170dbf546a9057351e68a64046bf0790957ca481abd907b13087e7b76d6c59a4d4c8592cd57472efb59f0901000000000000009ef544000020"}, 0xb) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r3 = fanotify_init(0x7, 0x0) fanotify_mark(r3, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r3, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:00 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910007003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:00 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a6005000fa84302910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 411.851583] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 411.880718] FAT-fs (loop5): bogus number of reserved sectors [ 411.893759] FAT-fs (loop5): Can't find a valid FAT filesystem [ 411.943581] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 411.958330] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:01 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x400000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:01 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000f03900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:01 executing program 3 (fault-call:1 fault-nth:96): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:01 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a80a02910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:01 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x21) 12:16:01 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a82502910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 412.416948] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 412.422569] FAULT_INJECTION: forcing a failure. [ 412.422569] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 412.442703] CPU: 1 PID: 21476 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 412.451273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.460650] Call Trace: [ 412.463263] dump_stack+0x244/0x3ab [ 412.466904] ? dump_stack_print_info.cold.2+0x52/0x52 [ 412.472111] ? perf_trace_lock_acquire+0x501/0x800 [ 412.477362] ? perf_trace_run_bpf_submit+0x267/0x330 [ 412.482472] should_fail.cold.4+0xa/0x17 [ 412.486540] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 412.491635] ? lock_acquire+0x1ed/0x520 [ 412.495604] ? pcpu_alloc+0xbc9/0x15d0 [ 412.499492] ? check_preemption_disabled+0x48/0x200 [ 412.504512] ? perf_trace_run_bpf_submit+0x267/0x330 [ 412.509617] ? mark_held_locks+0x130/0x130 [ 412.513855] ? perf_tp_event+0xc20/0xc20 [ 412.517911] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 412.523453] ? fs_reclaim_acquire+0x20/0x20 [ 412.527778] ? lock_downgrade+0x900/0x900 [ 412.531923] ? lock_release+0xa10/0xa10 [ 412.535895] ? perf_trace_sched_process_exec+0x860/0x860 [ 412.541356] ? __might_sleep+0x95/0x190 [ 412.545332] __alloc_pages_nodemask+0x34b/0xdd0 [ 412.550008] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 412.555550] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 412.560570] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 412.565588] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 412.570178] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 412.575732] ? pcpu_alloc+0x4f4/0x15d0 [ 412.579622] ? lock_downgrade+0x900/0x900 [ 412.583772] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 412.588825] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 412.594372] ? find_next_bit+0x104/0x130 [ 412.598449] pcpu_populate_chunk+0xf9/0x910 [ 412.602781] ? find_next_bit+0x104/0x130 [ 412.606849] pcpu_alloc+0xe14/0x15d0 [ 412.610575] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 412.615329] ? fs_reclaim_acquire+0x20/0x20 [ 412.619647] ? lock_downgrade+0x900/0x900 [ 412.623805] ? trace_hardirqs_on+0xbd/0x310 [ 412.628124] ? __kmalloc_node+0x3c/0x70 [ 412.632095] ? kasan_unpoison_shadow+0x35/0x50 [ 412.636676] ? kasan_kmalloc+0xc7/0xe0 [ 412.640572] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 412.646380] ? kasan_unpoison_shadow+0x35/0x50 [ 412.650981] ? perf_trace_sched_process_exec+0x860/0x860 [ 412.656435] __alloc_percpu_gfp+0x27/0x30 [ 412.660594] array_map_alloc+0x46c/0x5f0 [ 412.664661] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 412.669937] map_create+0x3bd/0x1100 [ 412.673656] ? bpf_map_new_fd+0x70/0x70 [ 412.677630] ? __might_fault+0x12b/0x1e0 [ 412.681689] ? lock_downgrade+0x900/0x900 [ 412.685843] ? lock_release+0xa10/0xa10 [ 412.689817] ? perf_trace_sched_process_exec+0x860/0x860 [ 412.695264] ? usercopy_warn+0x110/0x110 [ 412.699343] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 412.704882] __x64_sys_bpf+0x303/0x510 [ 412.708772] ? bpf_prog_get+0x20/0x20 [ 412.712594] do_syscall_64+0x1b9/0x820 [ 412.716476] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 412.721839] ? syscall_return_slowpath+0x5e0/0x5e0 [ 412.726769] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.731608] ? trace_hardirqs_on_caller+0x310/0x310 [ 412.736636] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 412.741650] ? prepare_exit_to_usermode+0x291/0x3b0 [ 412.746668] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.751530] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 412.756724] RIP: 0033:0x457519 [ 412.759918] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 412.778815] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 412.786637] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 412.793903] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 412.801165] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 412.808427] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 12:16:01 executing program 3 (fault-call:1 fault-nth:97): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:01 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000600)={r1, 0x4, 0xffffffffffffffc3, "dd1bc2151f29823f000000c840368cd947ce77d9b3fb000000ff00bb07170dbf546a9057351e68a64046bf0790957ca481abd907b13087e7b76d6c59a4d4c8592cd57472efb59f0901000000000000009ef544000020"}, 0xb) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r3 = fanotify_init(0x7, 0x0) fanotify_mark(r3, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) readv(r3, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) [ 412.815805] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 [ 412.831573] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 412.842273] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:01 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100003f3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:01 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84802910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 412.921389] FAULT_INJECTION: forcing a failure. [ 412.921389] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 412.939912] CPU: 1 PID: 21491 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 412.948455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.957828] Call Trace: [ 412.960449] dump_stack+0x244/0x3ab [ 412.964101] ? dump_stack_print_info.cold.2+0x52/0x52 [ 412.969295] ? perf_trace_lock_acquire+0x501/0x800 [ 412.974235] should_fail.cold.4+0xa/0x17 [ 412.978295] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 412.983396] ? lock_acquire+0x1ed/0x520 [ 412.987366] ? pcpu_alloc+0xbc9/0x15d0 [ 412.991260] ? perf_trace_run_bpf_submit+0x267/0x330 [ 412.996363] ? mark_held_locks+0x130/0x130 [ 413.000597] ? perf_tp_event+0xc20/0xc20 [ 413.004658] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 413.010217] ? fs_reclaim_acquire+0x20/0x20 [ 413.014546] ? lock_downgrade+0x900/0x900 [ 413.018712] ? lock_release+0xa10/0xa10 [ 413.022692] ? perf_trace_sched_process_exec+0x860/0x860 [ 413.028230] ? __switch_to_asm+0x40/0x70 [ 413.032288] ? __switch_to_asm+0x34/0x70 [ 413.036353] ? __might_sleep+0x95/0x190 [ 413.040328] __alloc_pages_nodemask+0x34b/0xdd0 [ 413.044992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 413.050530] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 413.055548] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 413.060562] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 413.065146] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 413.070698] ? pcpu_alloc+0x4f4/0x15d0 [ 413.074588] ? lock_downgrade+0x900/0x900 [ 413.078736] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 413.083748] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 413.089291] ? find_next_bit+0x104/0x130 [ 413.093356] pcpu_populate_chunk+0xf9/0x910 [ 413.097682] ? find_next_bit+0x104/0x130 [ 413.101751] pcpu_alloc+0xe14/0x15d0 [ 413.105477] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 413.110231] ? fs_reclaim_acquire+0x20/0x20 [ 413.114563] ? lock_downgrade+0x900/0x900 [ 413.118718] ? trace_hardirqs_on+0xbd/0x310 [ 413.123042] ? __kmalloc_node+0x3c/0x70 [ 413.127015] ? kasan_unpoison_shadow+0x35/0x50 [ 413.131594] ? kasan_kmalloc+0xc7/0xe0 [ 413.135485] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 413.140755] ? kasan_unpoison_shadow+0x35/0x50 [ 413.145336] ? perf_trace_sched_process_exec+0x860/0x860 [ 413.150802] __alloc_percpu_gfp+0x27/0x30 [ 413.154951] array_map_alloc+0x46c/0x5f0 [ 413.159017] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 413.164288] map_create+0x3bd/0x1100 [ 413.168002] ? bpf_map_new_fd+0x70/0x70 [ 413.171977] ? __might_fault+0x12b/0x1e0 [ 413.176033] ? lock_downgrade+0x900/0x900 [ 413.180182] ? lock_release+0xa10/0xa10 [ 413.184154] ? perf_trace_sched_process_exec+0x860/0x860 [ 413.189608] ? usercopy_warn+0x110/0x110 [ 413.193698] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 413.199237] __x64_sys_bpf+0x303/0x510 [ 413.203119] ? bpf_prog_get+0x20/0x20 [ 413.206935] do_syscall_64+0x1b9/0x820 [ 413.210824] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 413.216188] ? syscall_return_slowpath+0x5e0/0x5e0 [ 413.221117] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.225957] ? trace_hardirqs_on_caller+0x310/0x310 [ 413.230983] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 413.235998] ? prepare_exit_to_usermode+0x291/0x3b0 [ 413.241017] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.245871] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 413.251062] RIP: 0033:0x457519 [ 413.254253] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 413.273169] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 413.280897] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 413.288180] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 413.295444] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 413.302749] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 413.310015] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:16:02 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x366) 12:16:02 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000063900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 413.352971] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 413.359895] FAT-fs (loop5): bogus number of reserved sectors [ 413.362836] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 413.366075] FAT-fs (loop5): Can't find a valid FAT filesystem [ 413.434949] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:02 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84309910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:02 executing program 3 (fault-call:1 fault-nth:98): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:02 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000600)={r1, 0x4, 0xffffffffffffffc3, "dd1bc2151f29823f000000c840368cd947ce77d9b3fb000000ff00bb07170dbf546a9057351e68a64046bf0790957ca481abd907b13087e7b76d6c59a4d4c8592cd57472efb59f0901000000000000009ef544000020"}, 0xb) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r3 = fanotify_init(0x7, 0x0) fanotify_mark(r3, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r3, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:02 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000fc3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:02 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x7300, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 413.927821] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 413.938282] FAT-fs (loop5): bogus number of reserved sectors 12:16:02 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000e3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:02 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84363910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 413.970699] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:02 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x13a) [ 414.035000] FAULT_INJECTION: forcing a failure. [ 414.035000] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 414.048024] CPU: 1 PID: 21540 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 414.056550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.065915] Call Trace: [ 414.065942] dump_stack+0x244/0x3ab [ 414.065971] ? dump_stack_print_info.cold.2+0x52/0x52 [ 414.065992] ? perf_trace_lock_acquire+0x501/0x800 [ 414.066014] ? perf_trace_run_bpf_submit+0x267/0x330 [ 414.087471] should_fail.cold.4+0xa/0x17 [ 414.091563] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 414.096774] ? lock_acquire+0x1ed/0x520 [ 414.100860] ? pcpu_alloc+0xbc9/0x15d0 [ 414.104779] ? check_preemption_disabled+0x48/0x200 [ 414.109833] ? perf_trace_run_bpf_submit+0x267/0x330 [ 414.114971] ? mark_held_locks+0x130/0x130 [ 414.119232] ? perf_tp_event+0xc20/0xc20 [ 414.123317] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 414.128891] ? fs_reclaim_acquire+0x20/0x20 [ 414.133331] ? lock_downgrade+0x900/0x900 [ 414.137504] ? lock_release+0xa10/0xa10 [ 414.141500] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.146987] ? __might_sleep+0x95/0x190 [ 414.150989] __alloc_pages_nodemask+0x34b/0xdd0 [ 414.155678] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 414.161246] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 414.166292] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 414.171333] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 414.175938] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 414.181509] ? pcpu_alloc+0x4f4/0x15d0 [ 414.185439] ? lock_downgrade+0x900/0x900 [ 414.189616] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 414.194767] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 414.200321] ? find_next_bit+0x104/0x130 [ 414.204414] pcpu_populate_chunk+0xf9/0x910 [ 414.208753] ? find_next_bit+0x104/0x130 [ 414.212868] pcpu_alloc+0xe14/0x15d0 [ 414.216642] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 414.221419] ? fs_reclaim_acquire+0x20/0x20 [ 414.225763] ? lock_downgrade+0x900/0x900 [ 414.229944] ? trace_hardirqs_on+0xbd/0x310 [ 414.234281] ? __kmalloc_node+0x3c/0x70 [ 414.238271] ? kasan_unpoison_shadow+0x35/0x50 [ 414.242874] ? kasan_kmalloc+0xc7/0xe0 [ 414.246790] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 414.252371] ? kasan_unpoison_shadow+0x35/0x50 [ 414.256979] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.262473] __alloc_percpu_gfp+0x27/0x30 [ 414.266644] array_map_alloc+0x46c/0x5f0 [ 414.270731] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 414.276137] map_create+0x3bd/0x1100 [ 414.279879] ? bpf_map_new_fd+0x70/0x70 [ 414.283878] ? __might_fault+0x12b/0x1e0 [ 414.287961] ? lock_downgrade+0x900/0x900 [ 414.292261] ? lock_release+0xa10/0xa10 [ 414.296253] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.301728] ? usercopy_warn+0x110/0x110 [ 414.305927] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 414.311492] __x64_sys_bpf+0x303/0x510 [ 414.315399] ? bpf_prog_get+0x20/0x20 [ 414.319251] do_syscall_64+0x1b9/0x820 [ 414.323156] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 414.328540] ? syscall_return_slowpath+0x5e0/0x5e0 [ 414.333493] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.338358] ? trace_hardirqs_on_caller+0x310/0x310 [ 414.343402] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 414.348526] ? prepare_exit_to_usermode+0x291/0x3b0 [ 414.353587] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.358461] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 414.363668] RIP: 0033:0x457519 [ 414.366876] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 414.385797] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 414.393510] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 414.400773] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 414.408056] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 414.415354] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 414.422684] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:16:03 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430b910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 414.439445] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:03 executing program 3 (fault-call:1 fault-nth:99): perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000600)={r1, 0x4, 0xffffffffffffffc3, "dd1bc2151f29823f000000c840368cd947ce77d9b3fb000000ff00bb07170dbf546a9057351e68a64046bf0790957ca481abd907b13087e7b76d6c59a4d4c8592cd57472efb59f0901000000000000009ef544000020"}, 0xb) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r3 = fanotify_init(0x7, 0x0) creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r3, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:03 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100f0003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 414.539866] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 414.569385] FAT-fs (loop5): bogus number of reserved sectors [ 414.572945] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:03 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84348910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 414.593454] FAT-fs (loop5): Can't find a valid FAT filesystem [ 414.600708] FAULT_INJECTION: forcing a failure. [ 414.600708] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 414.616605] CPU: 1 PID: 21565 Comm: syz-executor3 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 414.625139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.634515] Call Trace: [ 414.637143] dump_stack+0x244/0x3ab [ 414.641346] ? dump_stack_print_info.cold.2+0x52/0x52 [ 414.646571] ? perf_trace_lock_acquire+0x501/0x800 [ 414.651550] should_fail.cold.4+0xa/0x17 [ 414.655650] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 414.660778] ? lock_acquire+0x1ed/0x520 [ 414.664781] ? pcpu_alloc+0xbc9/0x15d0 [ 414.668708] ? perf_trace_run_bpf_submit+0x267/0x330 [ 414.673840] ? mark_held_locks+0x130/0x130 [ 414.678107] ? perf_tp_event+0xc20/0xc20 [ 414.682193] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 414.687753] ? fs_reclaim_acquire+0x20/0x20 12:16:03 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910004003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 414.692088] ? lock_downgrade+0x900/0x900 [ 414.696258] ? lock_release+0xa10/0xa10 [ 414.700337] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.705814] ? __switch_to_asm+0x40/0x70 [ 414.709890] ? __switch_to_asm+0x34/0x70 [ 414.713956] ? __might_sleep+0x95/0x190 [ 414.717955] __alloc_pages_nodemask+0x34b/0xdd0 [ 414.722647] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 414.728201] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 414.733234] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 414.738259] ? pcpu_chunk_relocate+0x3cc/0x7a0 [ 414.742839] ? __bpf_trace_percpu_destroy_chunk+0x30/0x30 [ 414.748376] ? pcpu_alloc+0x4f4/0x15d0 [ 414.752271] ? lock_downgrade+0x900/0x900 [ 414.756429] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 414.761972] ? find_next_bit+0x104/0x130 [ 414.766041] pcpu_populate_chunk+0xf9/0x910 [ 414.770360] ? find_next_bit+0x104/0x130 [ 414.774445] pcpu_alloc+0xe14/0x15d0 [ 414.778189] ? pcpu_balance_workfn+0x16f0/0x16f0 [ 414.782938] ? fs_reclaim_acquire+0x20/0x20 [ 414.787271] ? lock_downgrade+0x900/0x900 [ 414.791426] ? trace_hardirqs_on+0xbd/0x310 [ 414.795744] ? __kmalloc_node+0x3c/0x70 [ 414.799712] ? kasan_unpoison_shadow+0x35/0x50 [ 414.804288] ? kasan_kmalloc+0xc7/0xe0 [ 414.808188] ? kmem_cache_alloc_node_trace+0x305/0x740 [ 414.813472] ? kasan_unpoison_shadow+0x35/0x50 [ 414.818054] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.823503] __alloc_percpu_gfp+0x27/0x30 [ 414.827675] array_map_alloc+0x46c/0x5f0 [ 414.831763] ? perf_event_fd_array_get_ptr+0x260/0x260 [ 414.837043] map_create+0x3bd/0x1100 [ 414.840757] ? bpf_map_new_fd+0x70/0x70 [ 414.844730] ? __might_fault+0x12b/0x1e0 [ 414.848798] ? lock_downgrade+0x900/0x900 [ 414.852944] ? lock_release+0xa10/0xa10 [ 414.856906] ? perf_trace_sched_process_exec+0x860/0x860 [ 414.862348] ? usercopy_warn+0x110/0x110 [ 414.866417] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 414.871954] __x64_sys_bpf+0x303/0x510 [ 414.875837] ? bpf_prog_get+0x20/0x20 [ 414.879651] do_syscall_64+0x1b9/0x820 [ 414.883543] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 414.888999] ? syscall_return_slowpath+0x5e0/0x5e0 [ 414.893932] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.898810] ? trace_hardirqs_on_caller+0x310/0x310 [ 414.903827] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 414.908840] ? prepare_exit_to_usermode+0x291/0x3b0 [ 414.913899] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.918773] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 414.923966] RIP: 0033:0x457519 [ 414.927159] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 414.946079] RSP: 002b:00007f6d2a382c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 414.953814] RAX: ffffffffffffffda RBX: 00007f6d2a382c90 RCX: 0000000000457519 [ 414.961076] RDX: 000000000000002c RSI: 0000000020000080 RDI: 0000000000000000 [ 414.968347] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 414.975622] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6d2a3836d4 [ 414.982884] R13: 00000000004bd88d R14: 00000000004cc1f0 R15: 0000000000000004 12:16:03 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000600)={r1, 0x4, 0xffffffffffffffc3, "dd1bc2151f29823f000000c840368cd947ce77d9b3fb000000ff00bb07170dbf546a9057351e68a64046bf0790957ca481abd907b13087e7b76d6c59a4d4c8592cd57472efb59f0901000000000000009ef544000020"}, 0xb) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) fanotify_mark(0xffffffffffffffff, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(0xffffffffffffffff, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:03 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xf4) 12:16:03 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x9300, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:03 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 415.035732] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:03 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84314910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:04 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100fc003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 415.126596] FAT-fs (loop5): bogus number of reserved sectors [ 415.150075] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:04 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84303910000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 415.173342] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:04 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100fec03900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:04 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x9, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:04 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000600)={r1, 0x4, 0xffffffffffffffc3, "dd1bc2151f29823f000000c840368cd947ce77d9b3fb000000ff00bb07170dbf546a9057351e68a64046bf0790957ca481abd907b13087e7b76d6c59a4d4c8592cd57472efb59f0901000000000000009ef544000020"}, 0xb) r3 = fanotify_init(0x7, 0x0) fanotify_mark(r3, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r3, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) [ 415.236058] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:04 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x16000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:04 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910009003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 415.320636] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 415.360386] FAT-fs (loop5): bogus number of reserved sectors 12:16:04 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910002003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 415.371554] FAT-fs (loop5): Can't find a valid FAT filesystem [ 415.402072] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 415.447395] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:04 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910600003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:04 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:04 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:04 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x20010000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:04 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910060003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:04 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x12c) 12:16:04 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302911300003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:04 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910040003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:04 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000b003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 415.950846] FAT-fs (loop5): bogus number of reserved sectors [ 415.961689] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 415.975734] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:04 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x80010000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:04 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910006003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:04 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910011003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 416.037880] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 416.064965] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:05 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100ff003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 416.142194] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 416.161237] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 416.239326] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:05 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x930000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:05 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:05 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe8030000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:05 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100ab013900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:05 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910900003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:05 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x1b2) [ 416.771147] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 416.792038] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:05 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe00200, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:05 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000133900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:05 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910200003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 416.826711] FAT-fs (loop5): bogus number of reserved sectors [ 416.844810] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:05 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100f0003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:05 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910080fe3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 416.894143] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:05 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xc00000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 416.983897] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 416.996576] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:06 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000ff3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 417.325601] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:06 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:06 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xc00, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:06 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x100000000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:06 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910005003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:06 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000a3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:06 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x173) 12:16:06 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x402000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 417.649856] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 417.679884] FAT-fs (loop5): bogus number of reserved sectors [ 417.687298] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:06 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291c0fe003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:06 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910009003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 417.724072] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:06 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000000a00090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 417.788336] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 417.803745] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:06 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000e003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:06 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe00000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 417.878334] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:07 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:07 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910500003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:07 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000053900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:07 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x1000000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:07 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xbf) 12:16:07 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x50700000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:07 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000073900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 418.517845] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 418.529918] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 418.542653] FAT-fs (loop5): bogus number of reserved sectors 12:16:07 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x4403000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:07 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302911200003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 418.577921] FAT-fs (loop5): Can't find a valid FAT filesystem [ 418.616154] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:07 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000603900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:07 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910060003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:07 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xa0030000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 418.731611] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 418.749593] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:08 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910a00003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:08 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910013003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:08 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x4000000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:08 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x38) 12:16:08 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) mknodat(0xffffffffffffffff, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r0 = fanotify_init(0x7, 0x0) fanotify_mark(r0, 0x11, 0x40010028, 0xffffffffffffffff, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r0, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:08 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0xe0700000000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:08 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910f00003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 419.367506] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 419.386162] FAT-fs (loop5): bogus number of reserved sectors 12:16:08 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000f003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:08 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291fc00003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 419.409076] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:08 executing program 5: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:08 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x600000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 419.483419] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:08 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000123900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:08 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(0xffffffffffffffff, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0xfffffffe) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) [ 419.532541] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:08 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291f000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:08 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x320, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 419.635784] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 419.652691] FAT-fs (loop5): bogus number of reserved sectors [ 419.661897] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 419.690337] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:08 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xbd) 12:16:08 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910007ffff00090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 419.930196] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 419.956104] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. 12:16:08 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe00100, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:08 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000113900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:08 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:08 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910400003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:08 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:08 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291fec0003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:08 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910006003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:08 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x400200, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 420.119364] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 420.127480] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 420.139877] FAT-fs (loop5): bogus number of reserved sectors [ 420.157881] FAT-fs (loop5): Can't find a valid FAT filesystem [ 420.203042] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:09 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000f3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:09 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910800003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 420.303847] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 420.328336] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:09 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x371) 12:16:09 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x400000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:09 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910280003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:09 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000093900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 420.532649] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:09 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100c0fe3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:09 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910011003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:09 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x80000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:09 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x70e000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:09 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x0, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:09 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000b3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:09 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910013003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 420.965700] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 420.985762] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 421.009840] FAT-fs (loop5): bogus number of reserved sectors [ 421.043730] FAT-fs (loop5): Can't find a valid FAT filesystem [ 421.071649] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:09 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x112) 12:16:09 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xa00000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:09 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910007003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 421.104343] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:09 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910001ab3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:10 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000a003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:10 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd4020000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 421.183886] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 421.223815] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:10 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000004800090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 421.275003] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:10 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100fc003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 421.325350] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 421.366779] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:10 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000023900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:10 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(0xffffffffffffffff, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:10 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x4020000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:10 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000004800090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:10 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x8f) 12:16:10 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0xffefffffff7f0000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:10 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000063900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 421.767739] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:10 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xb000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 421.819234] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 421.844412] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 421.851877] FAT-fs (loop5): bogus number of reserved sectors 12:16:10 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000093900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:10 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302911100003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 421.890360] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:10 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xf400, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:10 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000053900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:10 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2c000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 421.938603] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 421.967772] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:10 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x0, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:10 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302916000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:10 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000a3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 422.079077] FAT-fs (loop5): bogus number of reserved sectors [ 422.089047] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 422.100721] FAT-fs (loop5): Can't find a valid FAT filesystem [ 422.106834] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 422.144811] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:11 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x37b) 12:16:11 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x4000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:11 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000e3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:11 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:11 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910003003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:11 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x0, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:11 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x18000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 422.605565] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 422.619319] FAT-fs (loop5): bogus number of reserved sectors [ 422.633275] FAT-fs (loop5): Can't find a valid FAT filesystem [ 422.639439] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:11 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910700003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:11 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000000300090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:11 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x8000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:11 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, 0xffffffffffffffff, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:11 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910012003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 422.749428] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 422.806559] FAT-fs (loop5): bogus number of reserved sectors [ 422.829483] FAT-fs (loop5): Can't find a valid FAT filesystem [ 422.839048] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:11 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x345) 12:16:12 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000b3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:12 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x80030000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:12 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x605000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:12 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000f003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(0xffffffffffffffff, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:12 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe00, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:12 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302911000003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 423.359984] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 423.368252] FAT-fs (loop5): bogus number of reserved sectors [ 423.374657] FAT-fs (loop5): Can't find a valid FAT filesystem [ 423.398114] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:12 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000f3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:12 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xc0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:12 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000043900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 423.480875] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 423.491171] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:12 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000b003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:12 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xc9) 12:16:12 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x380, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 423.572603] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:12 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000033900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 423.622749] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 423.720437] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:12 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x507000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:12 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x40010000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:12 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700), 0x0) 12:16:12 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291003f003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:12 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000083900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:12 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x300, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:13 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x600300, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 424.224724] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 424.264356] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:13 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x228) 12:16:13 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000073900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:13 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000000300090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 424.284381] FAT-fs (loop5): bogus number of reserved sectors 12:16:13 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000123900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:13 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x1200000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 424.338622] FAT-fs (loop5): Can't find a valid FAT filesystem [ 424.368190] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 424.375602] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 424.457659] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:13 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x705000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:13 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291fe80003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:13 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700), 0x0) 12:16:13 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:13 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910b00003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:13 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000113900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:13 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2d9) [ 425.164478] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 425.178314] FAT-fs (loop5): bogus number of reserved sectors 12:16:14 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x800000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:14 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910300003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 425.209844] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:14 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000133900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:14 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000fc3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:14 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302918002003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 425.302010] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 425.398774] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 425.430211] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:14 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000603900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:14 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x24, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 425.919953] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:14 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700), 0x0) 12:16:14 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910020003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:14 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x138) 12:16:14 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x730000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:14 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x200200, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:14 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000103900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:14 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xa00, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:14 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029180fe003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 426.016360] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 426.030094] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 426.043277] FAT-fs (loop5): bogus number of reserved sectors 12:16:14 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000000300090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 426.077198] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:14 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x36000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 426.124343] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 426.136583] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. 12:16:14 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910080023900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:14 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000004800090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 426.259520] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 426.277984] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. 12:16:15 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x930000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:15 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x40000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:15 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900480023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:15 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910009003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:15 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x3a6) 12:16:15 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xc9) 12:16:15 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000b0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:15 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900120023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 426.907507] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:15 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910012003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:15 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xa0020000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:15 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003960090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 427.001833] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:15 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910008003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 427.051782] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 427.137869] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:16 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2a000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:16 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003912090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:16 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000093900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:16 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x173) 12:16:16 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x730000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:16 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x277) 12:16:16 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x18, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:16 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000123900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:16 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900110023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 427.541742] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 427.575620] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:16 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x1000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:16 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900050023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 427.645589] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 427.679535] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:16 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000a3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:16 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039fc090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:16 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x14000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:16 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910010003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 427.763327] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 427.796562] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 427.850793] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:16 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x3a6) 12:16:16 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x12, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:16 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000e0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:16 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100fe803900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:16 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x930000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:16 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x123) 12:16:17 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000000390b090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:17 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xc0030000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:17 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910006003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 428.265232] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 428.292832] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 428.339742] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. 12:16:17 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003909090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:17 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000b003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 428.384030] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 428.417003] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. 12:16:17 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003903090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 428.482121] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 428.511320] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. 12:16:17 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfffffffffffffffa, 0x36ed, 0x10000, 0x7, 0x2, 0xcf9a1db, 0x1, {0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x3, 0x2, 0xffffffffffffffe0, 0x8, 0x4}}, &(0x7f0000000040)=0xb0) socketpair(0x7, 0x1, 0x4, &(0x7f00000001c0)) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0xa000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000600)={r1, 0x4, 0xffffffffffffffc3, "dd1bc2151f29823f000000c840368cd947ce77d9b3fb000000ff00bb07170dbf546a9057351e68a64046bf0790957ca481abd907b13087e7b76d6c59a4d4c8592cd57472efb59f0901000000000000009ef544000020"}, 0xb) r3 = fanotify_init(0x7, 0x0) fanotify_mark(r3, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r3, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:17 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x24000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:17 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910003003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:17 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000000390a090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 428.729249] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 428.744727] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 428.759266] FAT-fs (loop5): bogus number of reserved sectors [ 428.774946] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:17 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900030023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:17 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000f003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:17 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2d4) 12:16:17 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:17 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x50700000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:17 executing program 5 (fault-call:7 fault-nth:0): syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) [ 429.042144] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 429.061559] FAT-fs (loop5): bogus number of reserved sectors [ 429.067538] netlink: 'syz-executor2': attribute type 3 has an invalid length. 12:16:17 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000ff3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:17 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe0010000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:17 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900140023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 429.088915] FAT-fs (loop5): Can't find a valid FAT filesystem [ 429.147327] FAULT_INJECTION: forcing a failure. [ 429.147327] name failslab, interval 1, probability 0, space 0, times 0 [ 429.154969] netlink: 'syz-executor2': attribute type 20 has an invalid length. 12:16:17 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900060023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 429.191349] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 429.192323] CPU: 1 PID: 22475 Comm: syz-executor5 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 429.206393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.215758] Call Trace: [ 429.218387] dump_stack+0x244/0x3ab [ 429.222049] ? dump_stack_print_info.cold.2+0x52/0x52 [ 429.227305] should_fail.cold.4+0xa/0x17 [ 429.231381] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 429.231401] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 429.242010] ? check_preemption_disabled+0x48/0x200 [ 429.242024] ? perf_trace_lock_acquire+0x15b/0x800 [ 429.242043] ? mark_held_locks+0x130/0x130 [ 429.242060] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 429.261242] ? expand_files.part.8+0x571/0x9a0 [ 429.265848] ? debug_smp_processor_id+0x1c/0x20 [ 429.270549] ? fs_reclaim_acquire+0x20/0x20 [ 429.272390] netlink: 'syz-executor2': attribute type 6 has an invalid length. [ 429.274882] ? lock_downgrade+0x900/0x900 [ 429.274903] ? perf_trace_sched_process_exec+0x860/0x860 12:16:18 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003902090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 429.291754] ? do_raw_spin_unlock+0xa7/0x2f0 [ 429.296184] ? do_raw_spin_trylock+0x270/0x270 [ 429.300797] __should_failslab+0x124/0x180 [ 429.305042] should_failslab+0x9/0x14 [ 429.308856] kmem_cache_alloc+0x2be/0x730 [ 429.313029] __alloc_file+0xa8/0x470 [ 429.316782] ? trace_hardirqs_on+0xbd/0x310 [ 429.321122] ? file_free_rcu+0xd0/0xd0 [ 429.325026] ? fanotify_read+0x40a/0x1290 [ 429.329188] ? lock_downgrade+0x900/0x900 [ 429.329213] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. 12:16:18 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003910090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 429.333335] ? fsnotify_add_event+0x640/0x640 [ 429.333359] alloc_empty_file+0x72/0x170 [ 429.333374] dentry_open+0x71/0x1d0 [ 429.333392] fanotify_read+0x7f0/0x1290 [ 429.358016] ? fanotify_write+0x740/0x740 [ 429.362181] ? fsnotify_first_mark+0x350/0x350 [ 429.366785] ? fsnotify+0xf10/0xf10 [ 429.370431] ? __init_waitqueue_head+0x150/0x150 [ 429.375194] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 429.380757] ? _copy_from_user+0xdf/0x150 [ 429.384943] ? security_file_permission+0x1c2/0x220 12:16:18 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003907090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:18 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000a0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 429.389978] ? rw_verify_area+0x118/0x360 [ 429.394236] do_iter_read+0x4a3/0x650 [ 429.398063] vfs_readv+0x175/0x1c0 [ 429.401715] ? compat_rw_copy_check_uvector+0x440/0x440 [ 429.407098] ? wait_for_completion+0x8a0/0x8a0 [ 429.411693] ? lock_release+0xa10/0xa10 [ 429.415767] ? fsnotify_first_mark+0x350/0x350 [ 429.420369] ? __fsnotify_parent+0xcc/0x420 [ 429.424718] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 429.430277] ? __fdget_pos+0xde/0x200 [ 429.434090] ? __fdget_raw+0x20/0x20 [ 429.437903] ? __sb_end_write+0xd9/0x110 [ 429.441981] do_readv+0x11a/0x310 [ 429.445448] ? vfs_readv+0x1c0/0x1c0 [ 429.449174] ? trace_hardirqs_off_caller+0x300/0x300 [ 429.454297] __x64_sys_readv+0x75/0xb0 [ 429.458209] do_syscall_64+0x1b9/0x820 [ 429.462115] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 429.467492] ? syscall_return_slowpath+0x5e0/0x5e0 [ 429.472433] ? trace_hardirqs_on_caller+0x310/0x310 [ 429.477470] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 429.482496] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 429.489174] ? __switch_to_asm+0x40/0x70 [ 429.493257] ? __switch_to_asm+0x34/0x70 [ 429.497349] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.502207] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 429.507411] RIP: 0033:0x457519 [ 429.510614] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 429.529530] RSP: 002b:00007fde9e59cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 429.537269] RAX: ffffffffffffffda RBX: 00007fde9e59cc90 RCX: 0000000000457519 [ 429.544555] RDX: 0000000000000001 RSI: 0000000020000700 RDI: 0000000000000006 [ 429.551841] RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000 [ 429.559126] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde9e59d6d4 [ 429.566453] R13: 00000000004c3057 R14: 00000000004d4cb0 R15: 0000000000000008 12:16:18 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x4c) 12:16:18 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000d0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:18 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910080fe3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:18 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xf000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:18 executing program 5 (fault-call:7 fault-nth:1): syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:18 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003904090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:18 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x9300, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:18 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x700, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:18 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003906090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 429.969518] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 429.987441] FAT-fs (loop5): bogus number of reserved sectors [ 429.993297] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:18 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003905090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:18 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000603900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 430.026102] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 430.063691] FAULT_INJECTION: forcing a failure. [ 430.063691] name failslab, interval 1, probability 0, space 0, times 0 [ 430.102347] CPU: 0 PID: 22514 Comm: syz-executor5 Not tainted 4.19.0-rc7-next-20181011+ #92 [ 430.110879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.120240] Call Trace: [ 430.122848] dump_stack+0x244/0x3ab [ 430.126499] ? dump_stack_print_info.cold.2+0x52/0x52 [ 430.131710] should_fail.cold.4+0xa/0x17 [ 430.135787] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 430.140913] ? is_bpf_text_address+0xd3/0x170 [ 430.145420] ? kernel_text_address+0x79/0xf0 [ 430.145437] ? __kernel_text_address+0xd/0x40 [ 430.145454] ? unwind_get_return_address+0x61/0xa0 [ 430.154342] ? fs_reclaim_acquire+0x20/0x20 [ 430.154362] ? lock_downgrade+0x900/0x900 [ 430.167725] ? perf_trace_sched_process_exec+0x860/0x860 [ 430.169329] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 430.173205] __should_failslab+0x124/0x180 [ 430.173225] should_failslab+0x9/0x14 [ 430.173244] kmem_cache_alloc_trace+0x2d7/0x750 [ 430.192400] ? __might_sleep+0x95/0x190 [ 430.196392] apparmor_file_alloc_security+0x17b/0xac0 [ 430.201596] ? apparmor_path_rename+0xcd0/0xcd0 [ 430.206277] ? kasan_kmalloc+0xc7/0xe0 [ 430.210178] ? kasan_slab_alloc+0x12/0x20 [ 430.214346] ? kmem_cache_alloc+0x306/0x730 [ 430.218679] security_file_alloc+0x4c/0xa0 [ 430.223008] __alloc_file+0x12a/0x470 [ 430.226823] ? trace_hardirqs_off_caller+0x2f0/0x300 [ 430.231932] ? file_free_rcu+0xd0/0xd0 [ 430.235827] ? fanotify_read+0x40a/0x1290 [ 430.239984] ? lock_downgrade+0x900/0x900 [ 430.244139] ? fsnotify_add_event+0x640/0x640 [ 430.248649] alloc_empty_file+0x72/0x170 [ 430.252720] dentry_open+0x71/0x1d0 [ 430.256359] fanotify_read+0x7f0/0x1290 [ 430.260349] ? fanotify_write+0x740/0x740 [ 430.264512] ? fsnotify_first_mark+0x350/0x350 [ 430.269104] ? fsnotify+0xf10/0xf10 [ 430.272744] ? __init_waitqueue_head+0x150/0x150 [ 430.277510] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 430.283144] ? _copy_from_user+0xdf/0x150 [ 430.287316] ? security_file_permission+0x1c2/0x220 [ 430.292351] ? rw_verify_area+0x118/0x360 [ 430.296511] do_iter_read+0x4a3/0x650 [ 430.300328] vfs_readv+0x175/0x1c0 [ 430.303884] ? compat_rw_copy_check_uvector+0x440/0x440 [ 430.309266] ? wait_for_completion+0x8a0/0x8a0 [ 430.313853] ? lock_release+0xa10/0xa10 [ 430.317836] ? fsnotify_first_mark+0x350/0x350 [ 430.322428] ? __fsnotify_parent+0xcc/0x420 [ 430.326770] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 430.332319] ? __fdget_pos+0xde/0x200 [ 430.336129] ? __fdget_raw+0x20/0x20 [ 430.339846] ? __sb_end_write+0xd9/0x110 [ 430.343925] do_readv+0x11a/0x310 [ 430.347390] ? vfs_readv+0x1c0/0x1c0 [ 430.351118] ? trace_hardirqs_off_caller+0x300/0x300 [ 430.356244] __x64_sys_readv+0x75/0xb0 [ 430.360141] do_syscall_64+0x1b9/0x820 [ 430.364041] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 430.369418] ? syscall_return_slowpath+0x5e0/0x5e0 [ 430.374363] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.379220] ? trace_hardirqs_on_caller+0x310/0x310 [ 430.384251] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 430.389274] ? prepare_exit_to_usermode+0x291/0x3b0 [ 430.394309] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.399174] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 430.404464] RIP: 0033:0x457519 [ 430.407670] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 430.426578] RSP: 002b:00007fde9e5dec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 430.434308] RAX: ffffffffffffffda RBX: 00007fde9e5dec90 RCX: 0000000000457519 [ 430.441684] RDX: 0000000000000001 RSI: 0000000020000700 RDI: 0000000000000006 12:16:19 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910004003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:19 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x14d) 12:16:19 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x900, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 430.448971] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 430.456258] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde9e5df6d4 [ 430.463544] R13: 00000000004c3057 R14: 00000000004d4cb0 R15: 0000000000000003 [ 430.493995] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:19 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900070023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:19 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910060003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 430.603631] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:19 executing program 5 (fault-call:7 fault-nth:2): syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:19 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xc, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:19 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039001d0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:19 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910007003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:19 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x7fffffffefff, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:19 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2003000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 430.729908] FAT-fs (loop5): bogus number of reserved sectors [ 430.736437] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:19 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003911090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:19 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000403900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 430.783887] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 430.811253] netlink: 'syz-executor2': attribute type 29 has an invalid length. [ 430.898974] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:19 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003913090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:19 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x1000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:19 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x3dc) 12:16:19 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910002803900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 431.243143] __nla_parse: 6 callbacks suppressed [ 431.243153] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 431.270561] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:20 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:20 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe00000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:20 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003908090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:20 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000fc3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:20 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0xe0700000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:20 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe803, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 431.561507] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 431.582974] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 431.593761] FAT-fs (loop5): bogus number of reserved sectors 12:16:20 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000000390e090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:20 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000063900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:20 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 431.625200] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:20 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x38000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 431.672398] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 431.712480] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:20 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x60) 12:16:20 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000c0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:21 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x18}], 0x1) 12:16:21 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000133900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:21 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x20000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:21 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000000390f090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:21 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 432.412247] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 432.433558] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 432.441838] netlink: 57 bytes leftover after parsing attributes in process `syz-executor2'. [ 432.448959] FAT-fs (loop5): bogus number of reserved sectors 12:16:21 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900110023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:21 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100f0003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:21 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:21 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x1ef) [ 432.494090] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:21 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100003f3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 432.568567] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:21 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900480023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:21 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd003000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 432.667171] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 433.236187] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:22 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000f3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:22 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900020023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:22 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x200000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2f6) 12:16:22 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x200000b1}], 0x1) 12:16:22 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x1000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 433.320630] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 433.357537] FAT-fs (loop5): bogus number of reserved sectors 12:16:22 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000073900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:22 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000e0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 433.371932] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:22 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xa0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 433.414858] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:22 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900120023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:22 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100c0fe3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:22 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x800000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:22 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900050023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 433.548307] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:22 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:22 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000c0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x120) [ 434.155482] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:22 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x7ffff000}], 0x1) 12:16:22 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100fc003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:22 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900140023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:22 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xa, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:22 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0xe07000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:22 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x4, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 434.247752] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 434.270906] netlink: 'syz-executor2': attribute type 20 has an invalid length. 12:16:23 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910011003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:23 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900060023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 434.303306] FAT-fs (loop5): bogus number of reserved sectors [ 434.321410] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:23 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd402000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:23 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910005003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:23 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900100023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 434.371025] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 434.390096] netlink: 'syz-executor2': attribute type 6 has an invalid length. [ 434.461686] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 434.489477] netlink: 'syz-executor2': attribute type 16 has an invalid length. 12:16:23 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x270) [ 435.099092] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:23 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x17}], 0x1) 12:16:23 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000a003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:23 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039001d0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:23 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x402, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:23 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x7300, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:23 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x137) 12:16:23 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900040023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:23 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x4403, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 435.200291] netlink: 'syz-executor2': attribute type 29 has an invalid length. [ 435.228021] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:23 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000b3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 435.267026] FAT-fs (loop5): bogus number of reserved sectors [ 435.291595] netlink: 'syz-executor2': attribute type 4 has an invalid length. 12:16:24 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x80020000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:24 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000d0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 435.324305] FAT-fs (loop5): Can't find a valid FAT filesystem [ 435.342420] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:24 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910013003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 435.414528] FAT-fs (loop5): bogus number of reserved sectors [ 435.440799] FAT-fs (loop5): Can't find a valid FAT filesystem [ 435.449484] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:24 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x2) 12:16:24 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900070023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:24 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xc401, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:24 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100fec03900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 435.585341] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 435.599856] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 435.608502] FAT-fs (loop5): bogus number of reserved sectors [ 435.615119] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:24 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900080023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:24 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x32000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:24 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000f03900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:24 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x506000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:24 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2fe) 12:16:24 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900030023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:24 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe803000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:24 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000203900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 436.088050] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 436.157893] netlink: 'syz-executor2': attribute type 3 has an invalid length. [ 436.184091] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 436.406584] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:25 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x8) 12:16:25 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000a0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:25 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000113900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:25 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x20020000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:25 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000b0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 436.508783] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 436.535889] FAT-fs (loop5): bogus number of reserved sectors 12:16:25 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910002003900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:25 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900091023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 436.566436] FAT-fs (loop5): Can't find a valid FAT filesystem [ 436.659607] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:25 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x100000000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:25 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x40000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:25 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000033900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:25 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2f2) 12:16:25 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900091323000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 436.865471] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 437.337754] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:26 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x600) 12:16:26 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090923000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:26 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000053900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:26 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2400, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:26 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x60500000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:26 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090048000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 437.428466] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:26 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x3d8) 12:16:26 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000000300090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:26 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xa0010000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 437.478530] FAT-fs (loop5): bogus number of reserved sectors [ 437.503006] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:26 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090723000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 437.559890] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. 12:16:26 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090223000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:26 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000073900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 437.690876] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 438.247926] FAT-fs (loop5): bogus number of reserved sectors [ 438.253865] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:26 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x300) 12:16:26 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x400300, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:26 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090523000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:26 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000113900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:26 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x7fffffffefff, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:26 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xd4) 12:16:27 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000053900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:27 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090e23000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:27 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xa00300, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 438.348422] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 438.371444] FAT-fs (loop5): bogus number of reserved sectors 12:16:27 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x4000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 438.416256] FAT-fs (loop5): Can't find a valid FAT filesystem [ 438.450165] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:27 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x3a000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:27 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000133900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 438.518951] FAT-fs (loop5): bogus number of reserved sectors [ 438.546174] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 438.550452] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:27 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) r2 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) clock_gettime(0x0, &(0x7f0000001ec0)={0x0, 0x0}) recvmmsg(r2, &(0x7f0000001dc0)=[{{&(0x7f0000000280)=@in={0x2, 0x0, @multicast2}, 0x80, &(0x7f0000001740)=[{&(0x7f0000000740)=""/4096, 0x1000}, {&(0x7f00000003c0)=""/250, 0xfa}, {&(0x7f0000000500)=""/144, 0x90}, {&(0x7f00000005c0)=""/81, 0x51}, {&(0x7f0000000640)=""/156, 0x9c}], 0x5, &(0x7f0000000180), 0x0, 0x2}, 0x4}, {{&(0x7f00000017c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f0000000200)=[{&(0x7f0000001840)=""/119, 0x77}], 0x1, &(0x7f00000018c0)=""/79, 0x4f, 0x6d8}, 0x4}, {{&(0x7f0000001940)=@rc, 0x80, &(0x7f0000001b40)=[{&(0x7f00000019c0)=""/12, 0xc}, {&(0x7f0000001a00)=""/26, 0x1a}, {&(0x7f0000001a40)=""/207, 0xcf}], 0x3, &(0x7f0000001b80)=""/224, 0xe0, 0x8}, 0x200}, {{0x0, 0x0, &(0x7f0000001cc0)=[{&(0x7f0000001c80)=""/12, 0xc}], 0x1, &(0x7f0000001d00)=""/165, 0xa5, 0xcd}, 0x6ab8}], 0x4, 0x2, &(0x7f0000001f00)={r3, r4+30000000}) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x44000, 0x0) ioctl$PIO_FONT(r5, 0x4b61, &(0x7f0000000100)="e02548b93f93f42ebe6432c0481a9b1a89e4f5bbfc28f8555f36249ae1104a69a2") getsockopt$inet_sctp6_SCTP_MAXSEG(r5, 0x84, 0xd, &(0x7f0000000180)=@assoc_id=0x0, &(0x7f0000001f40)=0x4) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000001f80)={r6, @in6={{0xa, 0x4e23, 0x40, @loopback, 0xfffffffffffffffe}}, 0x1, 0x46}, &(0x7f0000002040)=0x90) write$UHID_GET_REPORT_REPLY(r5, &(0x7f00000001c0)={0xa, 0x5, 0x6}, 0xa) creat(&(0x7f0000000300)='./file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:27 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x6, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:27 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000000a00090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:27 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090b23000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:27 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x605000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 438.720505] FAT-fs (loop5): bogus number of reserved sectors [ 438.726524] FAT-fs (loop5): Can't find a valid FAT filesystem [ 438.785581] FAT-fs (loop5): bogus number of reserved sectors [ 438.791630] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:27 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xa5) 12:16:27 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe00300, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:27 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000123900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:27 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090823000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:27 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x507000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:27 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) setxattr$trusted_overlay_nlink(&(0x7f0000000040)="2e2f66692e65318c00", &(0x7f0000000100)='trusted.overlay.nlink\x00', &(0x7f00000001c0)={'L-', 0xffff}, 0x28, 0x3) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:27 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000000390009fc23000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:27 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x600, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:27 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000083900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 439.016025] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 439.034858] FAT-fs (loop5): bogus number of reserved sectors [ 439.052706] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:27 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090a23000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:27 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2003, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:27 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x730000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 439.130880] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:28 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000063900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:28 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900091123000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:28 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x20000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:28 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x248) 12:16:28 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x506000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 439.619075] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 439.813970] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:28 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = fcntl$getown(0xffffffffffffffff, 0x9) syz_open_procfs$namespace(r0, &(0x7f0000000040)='ns/uts\x00') r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r1, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r2 = fanotify_init(0x7, 0x0) fanotify_mark(r2, 0x11, 0x40010028, r1, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r2, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) fanotify_init(0x10, 0x101001) 12:16:28 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090f23000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:28 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x204, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:28 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000093900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:28 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x400000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:28 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090423000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:28 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x4000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 439.937014] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 439.971574] FAT-fs (loop5): bogus number of reserved sectors [ 439.984944] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:28 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090623000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:28 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000b3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:28 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090007000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 440.083385] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:28 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xb5) 12:16:28 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090035000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 440.234875] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 440.770955] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:29 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x200, 0xfd) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:29 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000023900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:29 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x38030000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:29 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900091223000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:29 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x50700000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x5e) 12:16:29 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900096023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:29 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x500, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:29 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000004800090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 440.867000] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 440.900041] FAT-fs (loop5): bogus number of reserved sectors 12:16:29 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x13, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:29 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x5002000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 440.951574] FAT-fs (loop5): Can't find a valid FAT filesystem [ 440.974406] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. 12:16:29 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000033900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 441.075608] FAT-fs (loop5): bogus number of reserved sectors [ 441.089497] FAT-fs (loop5): Can't find a valid FAT filesystem [ 441.091218] audit: type=1804 audit(1539260189.725:40): pid=23224 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir429888555/syzkaller.DiAn2E/951/file0/file0" dev="sda1" ino=16531 res=1 12:16:29 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x100000002, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:29 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090323000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:29 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xc0010000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:29 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000103900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 441.108848] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 441.129573] audit: type=1804 audit(1539260189.725:41): pid=23224 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor5" name="/root/syzkaller-testdir429888555/syzkaller.DiAn2E/951/file0/file0" dev="sda1" ino=16531 res=1 [ 441.167595] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 441.236967] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 441.293432] FAT-fs (loop5): bogus number of reserved sectors [ 441.320706] FAT-fs (loop5): Can't find a valid FAT filesystem [ 441.399718] FAT-fs (loop5): bogus number of reserved sectors [ 441.410330] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:30 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000fc3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:30 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090007000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:30 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xe0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:30 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRES16, @ANYPTR=&(0x7f00000002c0)=ANY=[@ANYRES32], @ANYPTR64=&(0x7f0000000500)=ANY=[@ANYBLOB="72c16f32ccf5935bde21b35e6b506ce47cc175cf246bccb24d6ffffcf867be0c820ccb28fdef43ad8439ba7324fe01e972ac9cc4b7a9eae56085", @ANYRES32, @ANYRESOCT, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRESDEC, @ANYPTR64=&(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYRES64], @ANYBLOB="61f3ceca980d072481226480a577bef89b024de09a8b4cff23aaf0b5ae4c793fc946d7db2dfc69b20d7a21777b1ed2898fe8a6823b4692d187fb33ae61b432b5a0ca5bd4453df1054becd2d6c97800c3a2872e596413bebeeab656526d4b07cd0a64377968"], @ANYRES16=0x0]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") r2 = syz_open_dev$amidi(&(0x7f0000000180)='/dev/amidi#\x00', 0x80000000, 0x40800) ioctl$DRM_IOCTL_IRQ_BUSID(r2, 0xc0106403, &(0x7f00000001c0)={0x30a8f483, 0xff, 0x6, 0xffff}) creat(&(0x7f0000000100)='./file0/file1\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0xffffffffffffff61}], 0x1) 12:16:30 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2aa) 12:16:30 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x730000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:30 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090035000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:30 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x370, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 441.782546] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 441.790634] FAT-fs (loop5): Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿÀ" or missing value 12:16:30 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000043900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 441.835452] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:30 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090048000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:30 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x3d0, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 441.918755] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:30 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000a3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:30 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023060c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:30 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xb00000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:30 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023080c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 442.042355] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 442.577146] FAT-fs (loop5): Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿÀ" or missing value 12:16:31 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000900230a0c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:31 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000f3900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:31 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x9000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:31 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2eb) 12:16:31 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000100)={0xffffffffffffffff}) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000280)={0x10001, {{0x2, 0x100004e22, @local}}}, 0x88) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r1, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r2 = fanotify_init(0x7, 0x0) fanotify_mark(r2, 0x11, 0x40010028, r1, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) mknodat(r0, &(0x7f0000000040)='./file0\x00', 0x8000, 0x9) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r2, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:31 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x1000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:31 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x10, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:31 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000900230e0c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 442.665722] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:31 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000603900090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:31 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023600c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 442.718990] FAT-fs (loop5): bogus number of reserved sectors [ 442.744702] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:31 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x600000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:31 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x9300, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 442.783403] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:31 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023004800030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:31 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000000300090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:31 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x7003000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 442.904481] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. 12:16:31 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x28c) [ 443.508640] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:32 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x82, 0x8080) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000200)={0x6d13, 0x7, 0xb000}, 0x4) r2 = fanotify_init(0x7, 0x0) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x1, 0x0) ioctl$KDGKBLED(r3, 0x4b64, &(0x7f0000000100)) fanotify_mark(r2, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={r1, &(0x7f00000003c0)="0c6256e65198479f77b7f9bd469ce75734b536a99725060ca590c54966deb16f779889d2cf53cdf83c58f5521fb15b454371fd60ab3c5af93ff0d909b82717c1dd07c46f7c51897de59024869204b59a0e50c0a687bb05fda654c78946489dbd7f2a5cd82da370f77e25a8b4ddd39c303897ed4df8edcde01bc98d76a7e5358fc1596d2010057cad83935b032e987082aa7f70f5892e98ad04bea60c701496737d4c4ff43d8969dbc8b7f77a4480412e5040ede259b4eb092a23a246549c61927c1407439dad0edef7d14d80b7197c42429efc8490109b0f6685d2a3f28dd11b03d941e26a05856298878c5176a1bfa501"}, 0x10) creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r2, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snapshot\x00', 0x802, 0x0) 12:16:32 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023100c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:32 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000004800090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:32 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x930000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:32 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x3803000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:32 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000000a00090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:32 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000900230f0c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:32 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003960090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 443.583803] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 443.604120] FAT-fs (loop5): bogus number of reserved sectors [ 443.611666] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:32 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x705000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:32 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003905090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 443.695239] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. 12:16:32 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023040c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 443.764583] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. 12:16:32 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x60020000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 444.388786] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:33 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f00000001c0)='memory.stat\x00', 0x0, 0x0) setsockopt$inet6_dccp_int(r1, 0x21, 0xb, &(0x7f0000000200)=0x7, 0xfffffffffffffee7) mknodat(r0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r2 = fanotify_init(0x7, 0x0) fanotify_mark(r2, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") r3 = creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) ioctl$FIBMAP(r3, 0x1, &(0x7f0000000040)=0x578) readv(r2, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0xeb) write$P9_RRENAME(r3, &(0x7f0000000100)={0x7, 0x15, 0x1}, 0x7) 12:16:33 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900140023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:33 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023050c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:33 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x600200, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:33 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x236) 12:16:33 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x60500000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:33 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023002500030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:33 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x20030000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 444.677751] netlink: 'syz-executor0': attribute type 20 has an invalid length. [ 444.708203] FAT-fs (loop5): bogus number of reserved sectors 12:16:33 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039001d0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 444.727997] FAT-fs (loop5): Can't find a valid FAT filesystem [ 444.740919] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:33 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023130c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 444.784031] netlink: 'syz-executor0': attribute type 29 has an invalid length. [ 444.823760] FAT-fs (loop5): bogus number of reserved sectors 12:16:33 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900070023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:33 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023090c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 444.838830] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:33 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) utimes(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000400)={{r1, r2/1000+30000}, {0x0, 0x2710}}) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000040)='\\/\x00'}, 0x30) ioctl$sock_FIOSETOWN(r3, 0x8901, &(0x7f00000001c0)=r4) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r5 = fanotify_init(0x7, 0x0) fsetxattr$security_smack_transmute(r3, &(0x7f0000000280)='security.SMACK64TRANSMUTE\x00', &(0x7f00000002c0)='TRUE', 0x4, 0x2) fanotify_mark(r5, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") socket$inet6(0xa, 0x1, 0x7) creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) readv(r5, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:33 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x1300000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:33 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003903090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:33 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023020c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 444.984972] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 445.009013] FAT-fs (loop5): bogus number of reserved sectors [ 445.030647] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:33 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x3b1) 12:16:34 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003904090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:34 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000900230b0c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:34 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x40020000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:34 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0xe0700000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:34 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023001400030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:34 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900030023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 445.511417] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. 12:16:34 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xa000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 445.580208] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 445.618706] netlink: 'syz-executor0': attribute type 3 has an invalid length. [ 445.783658] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:34 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x2, 0x0) connect(r2, &(0x7f0000000580)=@pppol2tpv3in6={0x18, 0x1, {0x0, r2, 0x0, 0x2, 0x1, 0x2, {0xa, 0x4e22, 0x9, @dev={0xfe, 0x80, [], 0x10}, 0x6}}}, 0x80) r3 = accept4$unix(r2, &(0x7f00000001c0)=@abs, &(0x7f0000000100)=0x6e, 0x80000) lsetxattr$trusted_overlay_upper(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640)='trusted.overlay.upper\x00', &(0x7f0000000680)={0x0, 0xfb, 0x77, 0x5, 0x40, "8632560625470c294868afd41c22d27c", "26870234b681b0ee7aba6e036be6ae5e152bca7f6913ca7e9aa955fc9d8d075262204e36164390f62812f2635564cd2ace9ff3f6e591ec182fe9d2ca37182f9e845965c202c2ab42fb7ff63938c2517355b4c10dfc4891ec79417e2da270bee70864"}, 0x77, 0x2) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, 0xfffffffffffffffd, &(0x7f00000007c0)) r4 = creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r3, 0x84, 0x4, &(0x7f0000000740), &(0x7f0000000780)=0x4) readv(r0, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e20, 0x2437b2b4, @mcast1, 0xffffffffffffffe0}}}, &(0x7f00000003c0)=0x84) accept4(r3, &(0x7f0000000500)=@can, &(0x7f0000000480)=0x80, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000400)={r5, 0x3f}, &(0x7f0000000440)=0x8) 12:16:34 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900050023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:34 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023fc0c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:34 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x8003000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xb4) 12:16:34 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023030c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:34 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000000390a090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 445.989773] FAT-fs (loop5): bogus number of reserved sectors [ 445.995719] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:34 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023120c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 446.042668] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. 12:16:34 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0xffefffffff7f0000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:34 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x7000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:34 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023070c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:34 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039fc090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 446.258934] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 446.775493] FAT-fs (loop5): bogus number of reserved sectors [ 446.781333] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:35 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") execveat(r0, &(0x7f0000000040)="2e2f66692e65318c00", &(0x7f00000003c0)=[&(0x7f0000000100)='-ppp1\x00', &(0x7f00000001c0)='vmnet1vmnet0,pem1\x00', &(0x7f0000000200)='\x00', &(0x7f0000000280)='vfat\x00', &(0x7f00000002c0)='vfat\x00', &(0x7f0000000300)='+md5sum$\\.\x00'], &(0x7f0000000540)=[&(0x7f0000000400)=',trustedmime_type\x00', &(0x7f0000000440)='vfat\x00', &(0x7f0000000480)='vfat\x00', &(0x7f0000000500)='vfat\x00'], 0x800) creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:35 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023110c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:35 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd00000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:35 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900480023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:35 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x7300, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:35 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x3d0) 12:16:35 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000d0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:35 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000800030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 446.941260] FAT-fs (loop5): bogus number of reserved sectors [ 446.954340] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:35 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003906090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:35 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x240000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:35 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x70e000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:35 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023001400030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 447.055970] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 447.129967] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 447.734469] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:36 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x30000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:36 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000000390b090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:36 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023004800030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:36 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x400000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:36 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xf5) 12:16:36 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023002500030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 447.867563] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 447.900303] FAT-fs (loop5): bogus number of reserved sectors 12:16:36 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900060023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:36 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c07030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 447.927580] FAT-fs (loop5): Can't find a valid FAT filesystem [ 447.935678] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:36 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x900000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:36 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x100000000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:36 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c12030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 447.977169] netlink: 'syz-executor0': attribute type 6 has an invalid length. [ 448.008691] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:36 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900120023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:36 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c60030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:36 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x10000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 448.089028] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:36 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003908090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 448.190889] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 448.209280] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 448.686473] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:37 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") lookup_dcookie(0x2, &(0x7f00000003c0)=""/105, 0x69) openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0) r2 = creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) stat(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getegid() write$FUSE_CREATE_OPEN(r2, &(0x7f0000000280)={0xa0, 0x0, 0x8, {{0x2, 0x2, 0x9, 0x3, 0x49ea, 0x0, {0x1, 0x7, 0xefe5, 0x2, 0x7, 0x400, 0x3, 0x776800000, 0x1f, 0x5, 0x8, r3, r4, 0x800, 0x70000000000}}, {0x0, 0x1}}}, 0xa0) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) ioctl$KDGKBENT(r2, 0x4b46, &(0x7f0000000440)={0x7f, 0x3f, 0x9}) 12:16:37 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c06030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:37 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xc00200, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:37 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x7c) 12:16:37 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003911090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:37 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x930000000000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:37 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000c0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 448.773263] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 448.801038] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 448.813529] FAT-fs (loop5): bogus number of reserved sectors 12:16:37 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x3f00000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:37 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c10030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 448.838827] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:37 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000a0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 448.926678] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:37 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c05030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:37 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x12000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 449.028184] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 449.609881] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:38 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") r2 = creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000100)=0x8) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000040)=0x0) sched_getaffinity(r3, 0x8, &(0x7f00000001c0)) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:38 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000b0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:38 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xa00000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:38 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c09030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:38 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2b3) 12:16:38 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0xe07000, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:38 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x3e000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:38 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000cfc030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 449.694097] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 449.718002] FAT-fs (loop5): bogus number of reserved sectors 12:16:38 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003907090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:38 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x705000, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 449.754262] FAT-fs (loop5): Can't find a valid FAT filesystem [ 449.790902] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:38 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x344, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:38 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c02030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 449.808572] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 449.894988] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 450.516551] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r0, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) 12:16:39 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x1c4, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:39 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003902090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:39 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c11030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:39 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x19) 12:16:39 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x70e000, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:39 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x200000000000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 450.601136] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 450.611611] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE 12:16:39 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000e0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:39 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000cd6000000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:39 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003910090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:39 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x4) mknodat(r0, &(0x7f0000000040)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) epoll_create(0x3f41) 12:16:39 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000ca8000000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:39 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x20030000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:39 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c13030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 450.795716] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 450.813592] FAT-fs (loop5): bogus number of reserved sectors [ 450.825580] FAT-fs (loop5): Can't find a valid FAT filesystem 12:16:39 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003913090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:39 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x3000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 450.914498] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 450.945240] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. 12:16:39 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xc00100, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:39 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0xec) 12:16:39 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c0a030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:39 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003909090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:39 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x1c000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:39 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x930000, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) [ 451.359565] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 451.373980] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 451.606243] FAT-fs (loop5): Unrecognized mount option "" or missing value 12:16:40 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xc000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:40 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900110023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:40 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c0b030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:40 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000500), 0x0, &(0x7f0000000080)=ANY=[]) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)="2e2f66692e65318c", 0x0, 0x0) r1 = fanotify_init(0x7, 0x0) fanotify_mark(r1, 0x11, 0x40010028, r0, &(0x7f0000000240)="2e2f66692e65318c00") openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x2, 0x0) r2 = creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) ioctl$LOOP_GET_STATUS(r2, 0x4c03, &(0x7f0000000280)) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000540)={{{@in=@local, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}}, &(0x7f0000000640)=0xe8) r4 = getgid() lchown(&(0x7f0000000500)='./file0/file0\x00', r3, r4) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f00000003c0)={0x62, 0x0, 0x8000, 0x100000001, 0x4, 0x10, 0x5, 0x3, 0x0}, &(0x7f0000000400)=0x20) ioctl$TIOCLINUX7(r2, 0x541c, &(0x7f0000000680)={0x7, 0x10000}) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000440)={r5, 0x3e000000}, 0x8) getsockopt$bt_sco_SCO_CONNINFO(r2, 0x11, 0x2, &(0x7f00000001c0)=""/85, &(0x7f0000000100)=0x55) dup2(r1, r2) unshare(0x24020400) mknod(&(0x7f00000056c0)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000180)) sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x8) execve(&(0x7f0000000700)='./file0\x00', &(0x7f0000000180), &(0x7f0000000680)) open(&(0x7f0000363ff8)='./file0\x00', 0x401, 0x0) readv(r1, &(0x7f0000000700)=[{&(0x7f0000000080)=""/49, 0x31}], 0x1) write$P9_RUNLINKAT(r2, &(0x7f0000000480)={0x7, 0x4d, 0x1}, 0x7) 12:16:40 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xd000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 451.759739] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 451.773776] FAT-fs (loop5): bogus number of reserved sectors 12:16:40 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003912090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:40 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c00140000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 451.808428] FAT-fs (loop5): Can't find a valid FAT filesystem [ 451.861691] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. [ 451.882529] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 451.889088] IPv6: NLM_F_CREATE should be set when creating new route 12:16:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79) r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000140)=[{&(0x7f0000001600)=""/4096, 0xf37}], 0x2a5) 12:16:40 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0xc000000, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) 12:16:40 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a8430291000000390f090023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:40 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c00480000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:40 executing program 4: r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) io_setup(0x40000100000003, &(0x7f0000000200)=0x0) ioctl$TIOCSCTTY(r0, 0x540e, 0x100000001) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) ftruncate(r2, 0x48204) truncate(&(0x7f0000000040)='./bus\x00', 0x5) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141442, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r4, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0xffefffffff7f0000, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) 12:16:40 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x8003, &(0x7f0000000080)={0x6, 0x4, 0x20000000007ffd, 0x7d, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100]}, 0x2c) ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6) [ 452.022302] netlink: 57 bytes leftover after parsing attributes in process `syz-executor0'. 12:16:40 executing program 2: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a84302910000003900090023000c03030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) 12:16:40 executing program 0: r0 = socket$inet6(0x10, 0x2, 0x0) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000080)=@nl=@kern={0x10, 0x60000000}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)="5500000018007f7000fe01b2a4a280930a60050000a843029100000039000e0023000c00030000000d0005000b0000000000c78b80082314e9030b9d566885b16732009b1400b1df136ef75afb0000000000000000", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) [ 452.121497] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 452.579171] FAT-fs (loop5): Unrecognized mount option "" or missing value [ 603.979581] INFO: task syz-executor5:23918 blocked for more than 140 seconds. [ 603.987057] Not tainted 4.19.0-rc7-next-20181011+ #92 [ 603.993285] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 604.001303] syz-executor5 D23264 23918 6172 0x00000004 [ 604.006946] Call Trace: [ 604.009524] __schedule+0x8cf/0x21d0 [ 604.013284] ? __sched_text_start+0x8/0x8 [ 604.017452] ? trace_hardirqs_off_caller+0x300/0x300 [ 604.022627] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 604.027881] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 604.033053] ? prepare_to_wait_event+0x39f/0xa10 [ 604.037810] ? send_sigio+0x4a0/0x4a0 [ 604.041655] ? prepare_to_wait_exclusive+0x480/0x480 [ 604.046763] schedule+0xfe/0x460 [ 604.050196] ? __schedule+0x21d0/0x21d0 [ 604.054172] ? perf_trace_sched_process_exec+0x860/0x860 [ 604.059613] ? replenish_dl_entity.cold.55+0x36/0x36 [ 604.064756] ? __might_sleep+0x95/0x190 [ 604.068729] fanotify_handle_event+0x778/0x920 [ 604.073354] ? fanotify_alloc_event+0x570/0x570 [ 604.078118] ? finish_wait+0x430/0x430 [ 604.082075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 604.087645] fsnotify+0x91e/0xf10 [ 604.091168] ? fsnotify_first_mark+0x350/0x350 [ 604.095778] ? __fsnotify_parent+0xcc/0x420 [ 604.100105] ? apparmor_capable+0x6c0/0x6c0 [ 604.104491] ? fsnotify+0xf10/0xf10 [ 604.108120] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 604.113789] ? may_umount_tree+0x210/0x210 [ 604.118034] ? _copy_to_user+0x110/0x110 [ 604.122703] security_file_open+0x16f/0x1b0 [ 604.127027] do_dentry_open+0x331/0x1250 [ 604.131136] ? chown_common+0x730/0x730 [ 604.135115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 604.140647] ? security_inode_permission+0xd2/0x100 [ 604.145728] ? inode_permission+0xb2/0x560 [ 604.149971] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 604.155363] vfs_open+0xa0/0xd0 [ 604.158644] path_openat+0x12bc/0x5150 [ 604.162602] ? path_lookupat.isra.43+0xc00/0xc00 [ 604.167361] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 604.172515] ? expand_files.part.8+0x571/0x9a0 [ 604.177164] ? iterate_fd+0x4b0/0x4b0 [ 604.181273] ? __alloc_fd+0x347/0x6e0 [ 604.185163] ? lock_downgrade+0x900/0x900 [ 604.189300] ? kasan_check_read+0x11/0x20 [ 604.193491] ? do_raw_spin_unlock+0xa7/0x2f0 [ 604.197901] ? do_raw_spin_trylock+0x270/0x270 [ 604.202691] ? __check_object_size+0xb1/0x782 [ 604.207246] ? _raw_spin_unlock+0x2c/0x50 [ 604.211466] ? __alloc_fd+0x347/0x6e0 [ 604.215269] do_filp_open+0x255/0x380 [ 604.219058] ? may_open_dev+0x100/0x100 [ 604.223090] ? strncpy_from_user+0x411/0x5a0 [ 604.227521] ? digsig_verify+0x1530/0x1530 [ 604.231803] ? get_unused_fd_flags+0x122/0x1a0 [ 604.236521] ? getname_flags+0x26e/0x590 [ 604.240568] ? put_timespec64+0x10f/0x1b0 [ 604.244784] do_sys_open+0x568/0x700 [ 604.248501] ? filp_open+0x80/0x80 [ 604.252497] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 604.257861] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 604.263545] __x64_sys_creat+0x61/0x80 [ 604.267447] do_syscall_64+0x1b9/0x820 [ 604.271335] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 604.276775] ? syscall_return_slowpath+0x5e0/0x5e0 [ 604.281709] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 604.286598] ? trace_hardirqs_on_caller+0x310/0x310 [ 604.291617] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 604.296677] ? prepare_exit_to_usermode+0x291/0x3b0 [ 604.301707] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 604.306610] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 604.311803] RIP: 0033:0x457519 [ 604.315059] Code: 87 0a 8b 0d dd 60 09 01 83 f9 01 0f 85 1c 01 00 00 b9 01 00 00 00 88 0d 19 66 09 01 84 c9 0f 84 fd 00 00 00 b9 01 00 00 00 88 <0d> 02 66 09 01 48 8b 05 9b 71 07 01 48 89 04 24 e8 42 2c fc ff 8b [ 604.334015] RSP: 002b:00007fde9e5dec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 604.341746] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000457519 [ 604.349056] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180 [ 604.356355] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 604.363688] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde9e5df6d4 [ 604.370962] R13: 00000000004bdae2 R14: 00000000004cc628 R15: 00000000ffffffff [ 604.378425] INFO: task syz-executor5:23926 blocked for more than 140 seconds. [ 604.386036] Not tainted 4.19.0-rc7-next-20181011+ #92 [ 604.391731] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 604.400254] syz-executor5 D25112 23926 6172 0x00000004 [ 604.405921] Call Trace: [ 604.408523] __schedule+0x8cf/0x21d0 [ 604.412616] ? __sched_text_start+0x8/0x8 [ 604.416835] ? trace_hardirqs_off_caller+0x300/0x300 [ 604.421946] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 604.427098] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 604.432202] ? prepare_to_wait_event+0x39f/0xa10 [ 604.436992] ? send_sigio+0x4a0/0x4a0 [ 604.440805] ? prepare_to_wait_exclusive+0x480/0x480 [ 604.445943] schedule+0xfe/0x460 [ 604.449310] ? __schedule+0x21d0/0x21d0 [ 604.453287] ? perf_trace_sched_process_exec+0x860/0x860 [ 604.458796] ? replenish_dl_entity.cold.55+0x36/0x36 [ 604.463926] ? __might_sleep+0x95/0x190 [ 604.467889] fanotify_handle_event+0x778/0x920 [ 604.472463] ? fanotify_alloc_event+0x570/0x570 [ 604.477202] ? finish_wait+0x430/0x430 [ 604.481104] ? perf_trace_lock+0x7a0/0x7a0 [ 604.485394] fsnotify+0x91e/0xf10 [ 604.488858] ? fsnotify_first_mark+0x350/0x350 [ 604.493434] ? __fsnotify_parent+0xcc/0x420 [ 604.497803] ? apparmor_capable+0x6c0/0x6c0 [ 604.502297] ? fsnotify+0xf10/0xf10 [ 604.506084] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 604.511632] ? may_umount_tree+0x210/0x210 [ 604.516365] ? _copy_to_user+0x110/0x110 [ 604.520603] security_file_open+0x16f/0x1b0 [ 604.524969] do_dentry_open+0x331/0x1250 [ 604.529206] ? chown_common+0x730/0x730 [ 604.533177] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 604.538898] ? security_inode_permission+0xd2/0x100 [ 604.543923] ? inode_permission+0xb2/0x560 [ 604.548207] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 604.553409] vfs_open+0xa0/0xd0 [ 604.556721] path_openat+0x12bc/0x5150 [ 604.560621] ? path_lookupat.isra.43+0xc00/0xc00 [ 604.565532] ? unwind_get_return_address+0x61/0xa0 [ 604.570483] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 604.575583] ? expand_files.part.8+0x571/0x9a0 [ 604.580172] ? iterate_fd+0x4b0/0x4b0 [ 604.584010] ? __alloc_fd+0x347/0x6e0 [ 604.587886] ? lock_downgrade+0x900/0x900 [ 604.592044] ? kasan_check_read+0x11/0x20 [ 604.596240] ? do_raw_spin_unlock+0xa7/0x2f0 [ 604.600762] ? do_raw_spin_trylock+0x270/0x270 [ 604.605417] ? __check_object_size+0xb1/0x782 [ 604.610284] ? _raw_spin_unlock+0x2c/0x50 [ 604.614419] ? __alloc_fd+0x347/0x6e0 [ 604.618409] do_filp_open+0x255/0x380 [ 604.622312] ? may_open_dev+0x100/0x100 [ 604.626362] ? strncpy_from_user+0x411/0x5a0 [ 604.630779] ? digsig_verify+0x1530/0x1530 [ 604.635086] ? get_unused_fd_flags+0x122/0x1a0 [ 604.639670] ? getname_flags+0x26e/0x590 [ 604.643720] ? put_timespec64+0x10f/0x1b0 [ 604.648504] do_sys_open+0x568/0x700 [ 604.652223] ? filp_open+0x80/0x80 [ 604.655808] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 604.661183] __x64_sys_creat+0x61/0x80 [ 604.665139] do_syscall_64+0x1b9/0x820 [ 604.669115] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 604.674540] ? syscall_return_slowpath+0x5e0/0x5e0 [ 604.679547] ? trace_hardirqs_on_caller+0x310/0x310 [ 604.684566] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 604.689705] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 604.696462] ? __switch_to_asm+0x40/0x70 [ 604.700515] ? __switch_to_asm+0x34/0x70 [ 604.704565] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 604.709451] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 604.714640] RIP: 0033:0x457519 [ 604.717876] Code: 87 0a 8b 0d dd 60 09 01 83 f9 01 0f 85 1c 01 00 00 b9 01 00 00 00 88 0d 19 66 09 01 84 c9 0f 84 fd 00 00 00 b9 01 00 00 00 88 <0d> 02 66 09 01 48 8b 05 9b 71 07 01 48 89 04 24 e8 42 2c fc ff 8b [ 604.736832] RSP: 002b:00007fde9e5bdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 604.744629] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000457519 [ 604.751961] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180 [ 604.759270] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 604.766586] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde9e5be6d4 [ 604.773856] R13: 00000000004bdae2 R14: 00000000004cc628 R15: 00000000ffffffff [ 604.781624] INFO: task syz-executor5:23974 blocked for more than 140 seconds. [ 604.789007] Not tainted 4.19.0-rc7-next-20181011+ #92 [ 604.794707] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 604.802887] syz-executor5 D23440 23974 6172 0x00000004 [ 604.808557] Call Trace: [ 604.811150] __schedule+0x8cf/0x21d0 [ 604.814882] ? __sched_text_start+0x8/0x8 [ 604.819202] ? trace_hardirqs_off_caller+0x300/0x300 [ 604.824311] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 604.829494] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 604.834604] ? prepare_to_wait_event+0x39f/0xa10 [ 604.839397] ? send_sigio+0x4a0/0x4a0 [ 604.843202] ? prepare_to_wait_exclusive+0x480/0x480 [ 604.848354] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 604.853894] ? fanotify_merge+0x20e/0x2b0 [ 604.858091] schedule+0xfe/0x460 [ 604.861462] ? __schedule+0x21d0/0x21d0 [ 604.865421] ? perf_trace_sched_process_exec+0x860/0x860 [ 604.870909] ? replenish_dl_entity.cold.55+0x36/0x36 [ 604.876011] ? __might_sleep+0x95/0x190 [ 604.880060] fanotify_handle_event+0x778/0x920 [ 604.884658] ? fanotify_alloc_event+0x570/0x570 [ 604.889388] ? finish_wait+0x430/0x430 [ 604.893277] ? lock_downgrade+0x900/0x900 [ 604.897483] fsnotify+0x91e/0xf10 [ 604.900941] ? fsnotify_first_mark+0x350/0x350 [ 604.905509] ? __fsnotify_parent+0xcc/0x420 [ 604.910362] ? apparmor_capable+0x6c0/0x6c0 [ 604.914690] ? fsnotify+0xf10/0xf10 [ 604.918370] ? do_raw_spin_trylock+0x270/0x270 [ 604.922977] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 604.928596] ? errseq_sample+0xe5/0x130 [ 604.932567] ? _copy_to_user+0x110/0x110 [ 604.936706] security_file_open+0x16f/0x1b0 [ 604.941105] do_dentry_open+0x331/0x1250 [ 604.945183] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 604.950162] ? chown_common+0x730/0x730 [ 604.954302] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 604.959925] ? security_inode_permission+0xd2/0x100 [ 604.964947] ? inode_permission+0xb2/0x560 [ 604.969228] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 604.974504] vfs_open+0xa0/0xd0 [ 604.977816] path_openat+0x12bc/0x5150 [ 604.981700] ? lock_downgrade+0x900/0x900 [ 604.985840] ? path_lookupat.isra.43+0xc00/0xc00 [ 604.990758] ? is_bpf_text_address+0xd3/0x170 [ 604.995269] ? kernel_text_address+0x79/0xf0 [ 604.999894] ? __kernel_text_address+0xd/0x40 [ 605.004394] ? unwind_get_return_address+0x61/0xa0 [ 605.009487] ? __save_stack_trace+0x8d/0xf0 [ 605.013828] ? mark_held_locks+0x130/0x130 [ 605.018116] ? kasan_kmalloc+0xc7/0xe0 [ 605.022000] ? kasan_slab_alloc+0x12/0x20 [ 605.026135] ? kmem_cache_alloc+0x12e/0x730 [ 605.030512] ? prepare_creds+0xab/0x4d0 [ 605.034482] ? prepare_exec_creds+0x11/0xf0 [ 605.039317] ? prepare_bprm_creds+0x70/0x120 [ 605.043723] ? __do_execve_file.isra.33+0x445/0x25d0 [ 605.048858] ? __x64_sys_execve+0x8f/0xc0 [ 605.053160] ? do_syscall_64+0x1b9/0x820 [ 605.057225] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 605.062656] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 605.068199] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 605.073859] ? check_preemption_disabled+0x48/0x200 [ 605.078989] ? debug_smp_processor_id+0x1c/0x20 [ 605.083660] ? perf_trace_lock_acquire+0x15b/0x800 [ 605.088716] do_filp_open+0x255/0x380 [ 605.092526] ? may_open_dev+0x100/0x100 [ 605.096492] ? apparmor_cred_prepare+0x30c/0x5a0 [ 605.101293] ? apparmor_task_free+0x1e0/0x1e0 [ 605.105809] do_open_execat+0x221/0x8e0 [ 605.109920] ? __do_execve_file.isra.33+0x8a4/0x25d0 [ 605.115135] ? unregister_binfmt+0x2a0/0x2a0 [ 605.119597] ? kasan_check_read+0x11/0x20 [ 605.123749] ? do_raw_spin_trylock+0x270/0x270 [ 605.128324] ? key_put+0x33/0x80 [ 605.131740] __do_execve_file.isra.33+0x176f/0x25d0 [ 605.136766] ? prepare_bprm_creds+0x120/0x120 [ 605.141337] ? usercopy_warn+0x110/0x110 [ 605.145411] ? kasan_check_read+0x11/0x20 [ 605.149607] ? do_raw_spin_unlock+0xa7/0x2f0 [ 605.154030] ? trace_hardirqs_on+0xbd/0x310 [ 605.158353] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 605.163959] ? strncpy_from_user+0x411/0x5a0 [ 605.168367] ? digsig_verify+0x1530/0x1530 [ 605.173058] ? kmem_cache_alloc+0x306/0x730 [ 605.177394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 605.182983] ? getname_flags+0x26e/0x590 [ 605.187052] ? trace_hardirqs_off_caller+0x300/0x300 [ 605.192317] __x64_sys_execve+0x8f/0xc0 [ 605.196294] do_syscall_64+0x1b9/0x820 [ 605.200222] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 605.205748] ? syscall_return_slowpath+0x5e0/0x5e0 [ 605.210745] ? trace_hardirqs_on_caller+0x310/0x310 [ 605.215810] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 605.221114] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 605.227841] ? __switch_to_asm+0x40/0x70 [ 605.231953] ? __switch_to_asm+0x34/0x70 [ 605.236027] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 605.240931] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 605.246161] RIP: 0033:0x457519 [ 605.249406] Code: 87 0a 8b 0d dd 60 09 01 83 f9 01 0f 85 1c 01 00 00 b9 01 00 00 00 88 0d 19 66 09 01 84 c9 0f 84 fd 00 00 00 b9 01 00 00 00 88 <0d> 02 66 09 01 48 8b 05 9b 71 07 01 48 89 04 24 e8 42 2c fc ff 8b [ 605.268380] RSP: 002b:00007fde9e55ac78 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 605.276478] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457519 [ 605.283789] RDX: 0000000020000680 RSI: 0000000020000180 RDI: 0000000020000700 [ 605.291222] RBP: 000000000072c180 R08: 0000000000000000 R09: 0000000000000000 [ 605.298573] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fde9e55b6d4 [ 605.306894] R13: 00000000004bdb87 R14: 00000000004cc778 R15: 00000000ffffffff [ 605.314223] INFO: lockdep is turned off. [ 605.318285] NMI backtrace for cpu 1 [ 605.322095] CPU: 1 PID: 980 Comm: khungtaskd Not tainted 4.19.0-rc7-next-20181011+ #92 [ 605.330140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.339586] Call Trace: [ 605.342166] dump_stack+0x244/0x3ab [ 605.345783] ? dump_stack_print_info.cold.2+0x52/0x52 [ 605.350958] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 605.356481] nmi_cpu_backtrace.cold.2+0x5c/0xa1 [ 605.361248] ? lapic_can_unplug_cpu.cold.27+0x3f/0x3f [ 605.366430] nmi_trigger_cpumask_backtrace+0x1e8/0x22a [ 605.371698] arch_trigger_cpumask_backtrace+0x14/0x20 [ 605.376882] watchdog+0xb39/0x1050 [ 605.380528] ? reset_hung_task_detector+0xd0/0xd0 [ 605.385591] ? __kthread_parkme+0xce/0x1a0 [ 605.389819] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 605.394907] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 605.400005] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 605.404575] ? trace_hardirqs_on+0xbd/0x310 [ 605.408886] ? kasan_check_read+0x11/0x20 [ 605.413471] ? __kthread_parkme+0xce/0x1a0 [ 605.417694] ? trace_hardirqs_off_caller+0x300/0x300 [ 605.422797] ? trace_hardirqs_off_caller+0x300/0x300 [ 605.427895] ? lockdep_init_map+0x9/0x10 [ 605.431958] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 605.437055] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 605.442589] ? __kthread_parkme+0xfb/0x1a0 [ 605.446815] ? reset_hung_task_detector+0xd0/0xd0 [ 605.451656] kthread+0x35a/0x440 [ 605.455021] ? kthread_stop+0x8f0/0x8f0 [ 605.458980] ret_from_fork+0x3a/0x50 [ 605.462820] Sending NMI from CPU 1 to CPUs 0: [ 605.467353] NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0x6/0x10 [ 605.468782] Kernel panic - not syncing: hung_task: blocked tasks [ 605.481022] CPU: 1 PID: 980 Comm: khungtaskd Not tainted 4.19.0-rc7-next-20181011+ #92 [ 605.489055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 605.498444] Call Trace: [ 605.501033] dump_stack+0x244/0x3ab [ 605.504656] ? dump_stack_print_info.cold.2+0x52/0x52 [ 605.509963] panic+0x238/0x4e7 [ 605.513151] ? add_taint.cold.5+0x16/0x16 [ 605.517289] ? nmi_trigger_cpumask_backtrace+0x1c8/0x22a [ 605.522728] ? nmi_trigger_cpumask_backtrace+0x1f9/0x22a [ 605.528163] ? nmi_trigger_cpumask_backtrace+0x1d1/0x22a [ 605.533763] ? nmi_trigger_cpumask_backtrace+0x1c8/0x22a [ 605.539215] watchdog+0xb4a/0x1050 [ 605.542837] ? reset_hung_task_detector+0xd0/0xd0 [ 605.547689] ? __kthread_parkme+0xce/0x1a0 [ 605.551920] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 605.557015] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 605.562107] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 605.566675] ? trace_hardirqs_on+0xbd/0x310 [ 605.571081] ? kasan_check_read+0x11/0x20 [ 605.575232] ? __kthread_parkme+0xce/0x1a0 [ 605.579512] ? trace_hardirqs_off_caller+0x300/0x300 [ 605.584617] ? trace_hardirqs_off_caller+0x300/0x300 [ 605.589877] ? lockdep_init_map+0x9/0x10 [ 605.594127] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 605.599215] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 605.604743] ? __kthread_parkme+0xfb/0x1a0 [ 605.608986] ? reset_hung_task_detector+0xd0/0xd0 [ 605.613819] kthread+0x35a/0x440 [ 605.617178] ? kthread_stop+0x8f0/0x8f0 [ 605.621146] ret_from_fork+0x3a/0x50 [ 605.626169] Kernel Offset: disabled [ 605.629804] Rebooting in 86400 seconds..