[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 36.978312] audit: type=1800 audit(1538601636.450:25): pid=5900 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 37.013063] audit: type=1800 audit(1538601636.450:26): pid=5900 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 37.033950] audit: type=1800 audit(1538601636.450:27): pid=5900 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.63' (ECDSA) to the list of known hosts. 2018/10/03 21:20:44 fuzzer started 2018/10/03 21:20:46 dialing manager at 10.128.0.26:46589 2018/10/03 21:20:46 syscalls: 1 2018/10/03 21:20:46 code coverage: enabled 2018/10/03 21:20:46 comparison tracing: enabled 2018/10/03 21:20:46 setuid sandbox: enabled 2018/10/03 21:20:46 namespace sandbox: enabled 2018/10/03 21:20:46 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/03 21:20:46 fault injection: enabled 2018/10/03 21:20:46 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/03 21:20:46 net packed injection: enabled 2018/10/03 21:20:46 net device setup: enabled 21:23:22 executing program 0: seccomp(0x0, 0x1, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x100000000, 0x100, 0x4, 0x81}, {0x4, 0x7, 0x3, 0x1}, {0x76, 0x3f, 0x4, 0x2}, {0x6d2c, 0x3e87, 0xb9, 0x1}, {0x40, 0x7f, 0x1, 0x38}, {0x9, 0x7, 0x2e0000, 0x10001}, {0x7ff, 0x8001, 0xfffffffffffffc00, 0x7}]}) r0 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x1e7, 0x200900) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0xc4, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @rand_addr=0x2}, @in={0x2, 0x4e24, @remote}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e23, 0x2, @dev={0xfe, 0x80, [], 0x19}, 0x4f3e}, @in6={0xa, 0x4e24, 0xed, @local, 0x3f}, @in6={0xa, 0x4e22, 0x8, @ipv4={[], [], @multicast2}, 0xfffffffffffffff9}, @in={0x2, 0x4e22, @rand_addr=0x10}, @in={0x2, 0x4e22, @local}, @in={0x2, 0x4e24, @multicast2}, @in={0x2, 0x4e24, @broadcast}]}, &(0x7f0000000200)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000240)={r1, @in={{0x2, 0x4e20, @loopback}}, [0x6, 0x0, 0x8, 0x7, 0x1, 0xfffffffffffffeff, 0xfff, 0x3779, 0xffffffff, 0x40, 0x8, 0xffffffffffff8001, 0x4, 0x3, 0x6]}, &(0x7f0000000340)=0x100) r2 = open(&(0x7f0000000380)='./file0\x00', 0x2000, 0x102) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f00000003c0)={0x18, 0x0, {0x1, @random="972cebaf3771", 'lo\x00'}}) ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000400)={[], 0x80000001, 0x3, 0x80000000, 0x0, 0xe564, 0x10000, 0x0, [], 0x1000}) ioctl$sock_inet6_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f00000005c0)) write$P9_RUNLINKAT(r0, &(0x7f0000000600)={0x7, 0x4d, 0x1}, 0x7) r3 = getpgrp(0x0) r4 = syz_open_procfs(r3, &(0x7f0000000640)='net/igmp6\x00') ioctl$EVIOCGKEYCODE_V2(r4, 0x80284504, &(0x7f0000000680)=""/83) r5 = syz_open_dev$sg(&(0x7f0000000700)='/dev/sg#\x00', 0x8e6d, 0x140) ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000740)={0x3, 0x5, 0x0, 0x35, 0x80}) ioctl$IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f0000000780)={0x8d, 0x3, 0x1}) pread64(r2, &(0x7f00000007c0)=""/48, 0x30, 0x0) open$dir(&(0x7f0000000800)='./file0\x00', 0x1, 0x31) get_mempolicy(&(0x7f0000000840), &(0x7f0000000880), 0x1, &(0x7f0000ffb000/0x4000)=nil, 0x7) r6 = dup3(r5, r2, 0x80000) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000900)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000008c0)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r4, &(0x7f0000000940)={0x4, 0x8, 0xfa00, {r7, 0xfffffffffffffff8}}, 0x10) mmap$xdp(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x8010, r4, 0x0) getsockname$packet(r4, &(0x7f0000000980)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000009c0)=0x14) openat$audio(0xffffffffffffff9c, &(0x7f0000000a00)='/dev/audio\x00', 0x440000, 0x0) listen(r6, 0x5) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r4, 0x114, 0xa, &(0x7f0000000a40)={0x2, "fa16"}, 0x3) getpgrp(r3) ioctl$KVM_X86_SET_MCE(r6, 0x4040ae9e, &(0x7f0000000a80)={0x7080000000000000, 0x5000, 0x5, 0x4, 0xe}) setsockopt$inet_sctp_SCTP_EVENTS(r6, 0x84, 0xb, &(0x7f0000000ac0)={0x5, 0x6, 0x5, 0x3, 0x281c0000000000, 0x361, 0x4, 0x100000001, 0xde39, 0x8, 0x7}, 0xb) ioctl$BLKPBSZGET(r2, 0x127b, &(0x7f0000000b00)) syzkaller login: [ 203.089626] IPVS: ftp: loaded support on port[0] = 21 21:23:22 executing program 1: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x8002, 0x0) write$P9_RLINK(r0, &(0x7f0000000040)={0x7, 0x47, 0x2}, 0x7) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f00000000c0)={0x6, &(0x7f0000000080)=[{0x8, 0xcee3, 0x59a793d0, 0xffffffffde1f2f70}, {0xfffffffffffffeff, 0xc9, 0x0, 0x9}, {0x3, 0x10001, 0x2, 0x200}, {0x8001, 0xa6, 0x100000000, 0x4}, {0x7, 0x401, 0x4, 0x800}, {0xd, 0x4, 0x7, 0x1f}]}, 0x10) link(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00') setxattr$security_selinux(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='security.selinux\x00', &(0x7f0000000200)='system_u:object_r:netcontrol_device_t:s0\x00', 0x29, 0x3) connect$rds(r0, &(0x7f0000000240)={0x2, 0x4e21, @multicast1}, 0x10) r1 = getpgid(0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000280)=0x0) r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000002c0)={0xffffffffffffffff, 0x2, 0x8}, 0xc) kcmp(r1, r2, 0x5, r3, r0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0x80045500, &(0x7f0000000300)) getpeername(r0, &(0x7f0000000340)=@alg, &(0x7f00000003c0)=0x80) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000400)='irlan0\x00') socketpair$packet(0x11, 0x2, 0x300, &(0x7f0000000440)) setxattr$security_selinux(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='security.selinux\x00', &(0x7f0000000500)='system_u:object_r:modules_object_t:s0\x00', 0x26, 0x0) lsetxattr$security_evm(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='security.evm\x00', &(0x7f00000005c0)=@v1={0x2, "d5"}, 0x2, 0x2) ioctl$SG_GET_TIMEOUT(r3, 0x2202, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000840)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000800)={0xffffffffffffffff}, 0x2, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000880)={0x13, 0x10, 0xfa00, {&(0x7f0000000600), r4, 0x1}}, 0x18) r5 = syz_open_dev$adsp(&(0x7f00000008c0)='/dev/adsp#\x00', 0x80, 0x200000) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000940)={&(0x7f0000000900)=[0x3, 0x5, 0x7, 0x66, 0xae7f, 0x401, 0x82], 0x7, 0xce74, 0x0, 0x0, 0x8, 0xf9ca, {0x7, 0x9, 0x1, 0x81, 0x4, 0x1, 0x8, 0x9, 0x9, 0x7f, 0x1, 0x7, 0x6, 0x0, "c26654470b912b171b48a478783fe33119f09bbffef4030381dbc7c67ea2914e"}}) r6 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000009c0)={0x0, 0x0, 0x0}, &(0x7f0000000a00)=0xc) msync(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2) r9 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r9, 0x1, &(0x7f0000000a40)={{0x9, r7, r8, r7, r8, 0x100, 0x20}, 0x7, 0x100, 0x4, 0x3f, 0x3, 0x1, r1, r2}) ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0x40086607, &(0x7f0000000ac0)=0x31) accept(r6, &(0x7f0000000b00)=@xdp, &(0x7f0000000b80)=0x80) write$P9_RLINK(r0, &(0x7f0000000bc0)={0x7, 0x47, 0x2}, 0x7) ioctl$KDDISABIO(r5, 0x4b37) [ 203.310723] IPVS: ftp: loaded support on port[0] = 21 21:23:22 executing program 2: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x2) ioctl$SG_GET_SG_TABLESIZE(r0, 0x227f, &(0x7f0000000040)) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000080)={0x0, 0x7fff, 0x1, [0xfffffffffffffff9]}, &(0x7f00000000c0)=0xa) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={r1, 0x10000}, 0x8) setxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@random={'os2.', 'vboxnet0--\x00'}, &(0x7f00000001c0)='system\x00', 0x7, 0x2) connect$bt_l2cap(r0, &(0x7f0000000200)={0x1f, 0x3, {0x9, 0x6, 0x20, 0x7, 0x101, 0x7}, 0x100000000, 0xfffffffffffffffd}, 0xe) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000240)) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x9, 0x101010, r0, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000280)={0x1, 0xec8a}, 0x2) tee(r0, r0, 0xb0, 0x4) r2 = syz_open_dev$sndpcmc(&(0x7f00000002c0)='/dev/snd/pcmC#D#c\x00', 0x4, 0x10000) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000340)={0x5, &(0x7f0000000300)=[{0xfffffffffffffffc, 0x8, 0x7fffffff, 0x7}, {0x2, 0xacd, 0x8, 0x7}, {0x8, 0x6, 0x5}, {0x6, 0xeb8, 0x101, 0x5}, {0x6, 0x7f, 0x4, 0x9}]}) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000380), &(0x7f00000003c0)=0x4) lseek(r2, 0x0, 0x3) getsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f0000000400)={@dev, @remote}, &(0x7f0000000440)=0xc) r3 = dup2(r0, r0) r4 = add_key$user(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={'syz', 0x1}, &(0x7f0000000500)="4d6d07f0205c", 0x6, 0xfffffffffffffff9) stat(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000600), &(0x7f0000000640)=0x0, &(0x7f0000000680)) keyctl$chown(0x4, r4, r5, r6) ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x2) ioctl$KVM_GET_PIT2(r0, 0x8070ae9f, &(0x7f00000006c0)) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000007c0)=0x0) perf_event_open(&(0x7f0000000740)={0x7, 0x70, 0xa1, 0x643, 0xfffffffffffffffe, 0x20, 0x0, 0x4, 0x800, 0x0, 0xffffffff, 0x2, 0x6a, 0x44, 0x91d2, 0x5fa, 0x9, 0xcea5, 0x6, 0x800, 0x3, 0x3, 0x6, 0x100000000000000, 0x1, 0x4, 0x0, 0x9, 0x9, 0x3, 0x400, 0x4, 0xff, 0x72, 0x8, 0x62d, 0xeb5d, 0x90fd, 0x0, 0x7fffffff, 0x2, @perf_config_ext={0x7, 0x7}, 0x12661, 0x20, 0xfffffffeffffffff, 0x7, 0xfffffffffffffffb, 0x10001, 0x5}, r7, 0xc, r2, 0xa065a85f4fb72d6f) ioctl$KVM_SET_TSC_KHZ(r3, 0xaea2, 0x1f9504a5) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000800), &(0x7f0000000840)=0x4) openat(r3, &(0x7f0000000880)='./file0\x00', 0x200, 0xa0) utimensat(r0, &(0x7f00000008c0)='./file0\x00', &(0x7f0000000900)={{0x77359400}}, 0x100) fanotify_mark(r0, 0x20, 0x48000030, r2, &(0x7f0000000940)='./file0\x00') socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000980)) [ 203.631534] IPVS: ftp: loaded support on port[0] = 21 21:23:23 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip6_tables_matches\x00') ioctl$UI_DEV_CREATE(r0, 0x5501) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='bridge_slave_1\x00', 0x10) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r0, r0, 0xa}, 0x10) fsetxattr$security_ima(r0, &(0x7f00000000c0)='security.ima\x00', &(0x7f0000000100)=@ng={0x4, 0x3, "2caa77bd6b07a94e7fcc6c77ad3e5a33de"}, 0x13, 0x3) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000140)={{0xffffffffffff4c00, 0x20}, {0x5, 0x1ff}, 0x9e, 0x4, 0x5961}) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x80045530, &(0x7f00000001c0)=""/234) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000002c0)={0x0, 0x7, 0x6, [0x2, 0x0, 0x7, 0x1000, 0x2, 0x7]}, &(0x7f0000000300)=0x14) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000340)={r1, 0x8}, 0x8) getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f0000000380), &(0x7f00000003c0)=0x14) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000400)={0x3, 0xd6f0, 0x8, 0x0, 0x200, 0x68, 0x9, 0x6, 0xfffffffffffffff9, 0x3f, 0x8, 0x6}) ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f0000000440)={0xfd, "c653bad008323949b91a836373047acea58147c669fd15d37b3d0eeaa149e10a7c820997c069a47bd298f44a0f6c737f2eb26bc18cd6cfd86bb7005d9e841c06b8197c2481f11ece8e5b6be829b9cb7e7bfb14058cdb6e0271c07d974081129762821c5ebb1b79b73212d58f10912529f9e21c59a239881059baeb620b9f0d5200fa8701020a6f9d8822d926c3368f97caa1a1a2ac72c0ff343ace7ad9fca826fd4485c54f00e5c053b824435b8a55b38276003ff344a77c08583a0190b03ee1a8843381c7cb0fe52951f9beddc13b1cfcc27c95e8a07c682b4501982c5d336a195f448473418947750232d6b13a13cb7e12461c114636956f7896d4ad"}) r2 = syz_open_dev$dmmidi(&(0x7f0000000580)='/dev/dmmidi#\x00', 0x7, 0x100) r3 = add_key(&(0x7f00000005c0)='user\x00', &(0x7f0000000600)={'syz', 0x1}, &(0x7f0000000640)="938c44d0fb77d2dab6481b1ad0fab9d1a539f37d184c4168e76d17bace6de1aca197c4167364a80702300da355cbaf0cacd74bb3089fc9371ea37cb65802119764366ff9b1a3fdb4c98cf9691bcd1c19e7e365687320def064e68563280caa23d83f8006cefc2dd34862e8c51ae7c76b8d996bd73afaaf134e521e03d241e87bdcf5da3634d64dc66699488b2fa55bb25b1bef74d17c39122347bb49ef2173c7a049c10d080bc6a9835ac2eac621cbc7fc8f2472df71bf9420c038d9a356d6b93fb893b9832e1068", 0xc8, 0x0) r4 = request_key(&(0x7f00000007c0)='cifs.idmap\x00', &(0x7f0000000800)={'syz', 0x2}, &(0x7f0000000840)='net/ip6_tables_matches\x00', 0xfffffffffffffffc) keyctl$instantiate_iov(0x14, r3, &(0x7f0000000780)=[{&(0x7f0000000740)="b01f30db5d4a4e316aa0053d4c00853beb239b252744321a93b43933877f77e162ad03c1eaefa03459", 0x29}], 0x1, r4) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000880)={{{@in=@multicast2, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}}}, &(0x7f0000000980)=0xe8) ioctl$KVM_GET_PIT2(r2, 0x8070ae9f, &(0x7f00000009c0)) r6 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r6) ioctl$ION_IOC_HEAP_QUERY(r2, 0xc0184908, &(0x7f0000000a80)={0x34, 0x0, &(0x7f0000000a40)}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000ac0)={0x9, 0x7ff, 0x8719, {0x77359400}, 0x0, 0x20}) ioctl$KVM_GET_IRQCHIP(r0, 0xc208ae62, &(0x7f0000000b40)) r7 = getpgid(0xffffffffffffffff) sendmsg$nl_netfilter(r0, &(0x7f0000002480)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000002440)={&(0x7f0000000c80)={0x1794, 0x9, 0x5, 0x0, 0x70bd28, 0x25dfdbff, {}, [@nested={0xe4, 0x5d, [@generic="b91b22c3434941def892657bc9481af9b20974801a73d924bd8b135a95d2d61c756123994e162bf4bd62905c0f909ea51125663876c210bd926e89102820445688f46bb76b443ffdcb980dc1b8b7bd0bcdbba09bedd4d79b2b38c8654ea316f98c26fa4fc53ff10bdd980b765e85a23a9637", @typed={0x28, 0x14, @str='md5sum[}posix_acl_accessmd5sum.@%\x00'}, @generic="5bffc717aac6f139c0ed931b4e9dfb8be684ce12b6755ce9507fdadc39c25122552d104cad438a45ffff56b79f408fbd78d16c0c292c123338347957bed03700671cd6d5d541"]}, @nested={0x1344, 0x16, [@typed={0x8, 0x46, @uid=r5}, @typed={0x8, 0x6, @u32=0x4}, @generic="be2f44c10b3926958531bdbbed6c9cb0a096e1604b52ffb0bfcf8c7fd87b872c110be840bc1c6d896f89f39507239d651a5647296ce751fe978ed7b92192fbef9adfd877482d455ac21af83c832bc744e6c825dda1635475dd579435add0f2156dd4f256d7752bb966442f58dd1d46618221c861db69da54d8bc71d4850e2fe0dca5059efa42dc83001bc727b2431a725cbe97b85665711e11c6559988a8cf45841828d1db4bcd555dcc9ff5b2b88e26587f7c8933ac5f5e53eae9c950f9692a7d1ed2acce7b6ec86f16bec953dcbaef47f4da69", @generic="18cdcf5f53fd23cb3251807f63accdcc5531396f75cf8445a54d2ec754404aa3eccfc1b0e24f140aaf77793e4457f86e390a36baaff3580e2a1572f8d434df4947365574a5800c009f63f2e0bccb7176f9e2d6ecbc7233ed0e95f1c717c1c0f3302fc31091c46275cf971fff0c0668e3c5d612148a18bb577c210c99f3990c718e9ca1128aa2fff5105fe07a2f52227ec74f011520480865c4ec8a49537a70c442e55b0291e8392dd7ff2833eec813e09c64954fdf5d9536502533", @typed={0x8, 0x47, @u32=0x1ff}, @typed={0x8, 0x8b, @u32=0x80000000}, @typed={0x14, 0x68, @ipv6}, @generic="9316b448f4d0e29c9ff17f17cf280c6e31297454f8a710f047e50a67252a6d48f499f28370b99c37361f17b296c8b778ad7f477b5793be8ef22703901e21403133b29567f6bf00d520418abf88d75cd1cca64f91053cf87e0a35116693989ee78d4365e15e0b5b7a6e8aeefc3fdd37a0ca0eb691a1b2670f2fd5ec52ce027f73ef3669cca6ebd59efaefd6aff98bc42f9d6d0abbaa7fc700191b34a84e9016ac65cea52dbfa2f7c0595dfff63faf95a64040c68151d23e97db81ed9ccf3477d0d4ca066fe7fa34ccd8", @generic="859e482d46529fd51a12782a3c4f70725885d02ffdaa76284e0c703aba39698bfcb8e29a55452eb5ad67309d8be19f5e530364474ed47cc4f8e4775176c08656478a993591f4f11d2349a99f0e74778e46b005b274d024b6307ba72bb86e974e8198862ce0acf057f58eca638ccfa8c082db4ccfa07e5a9349adf08a2ee7dabb1f4479c0aebce542c65513ebbfe9928329b3547ba47974caffcdab0f3dd389ee2182e092c2f7037e9d76d82bdac18711c7712eb7", @generic="835ef7e4a17fa4a470977350ad3b4476b37092bb964edd3eebbaa8023d6ee1c50329e389fdbbc80f8cb679a688a43a02847607d84d34fedd0bf7df138786fd0c37f74ab5158398f42189ddc96997ec8bc663182af7dc69b46c295536682d535907b9dfe88b3fc6672bc9d5a6ddc9f1438399dda9124d45db69800c17c3158498503475b732b2ab2aa7c317efee91a14eed883ac9d35307a8c0841e89c2687fbd05febfae3eeeeed10dc496d538e06edad664513ea41217a30a4953c8efb93306e2aa3b857755193195b7f538c974ef4a85a456f3593367e803d2330d0dd66205da12a8f2b3dc3e0161ac352286a419cd6c7110bef3f4483bae188ecbd42cb57b733739ad0f4bf1731ed97ee9dc3767a913171c85d6c98235c391d8a5835fd1ab6d737168dbd7d99cc7c2167acfe4bd72cb3f22629433cd2ea225556133cc0a1b6190d28246d723fb1de82e7fde963d8faeea5f5ae4ea70ebc3240851b99f00b932b238b724e6b319aef7ed84d3d5370e038780e002a6736fb6bcdf810cab6e1f0325909d026f4c3c1b1916b35804db06e922720c92b4a047f9db3be7c3b9971135e7bc06a2c45dbb2e5fcc4cd0140755d71776e9ea8e5e602a9295c6d3e3579729e2d58cf9de7ba3a0c22ced1d34e7e9b34adad91059f57884991c3c869ef1b343691ca76a19babd308d6b689f01c8802923bc48002754cd4711b1e89656c9cffee8193b76628c96bc479fbbab811c0c7002019c3adff3b1f5fa264e8a5a92fbf2c008a6b4bea33e54080b985340451372c3865c27c5695dc57a16911f4859877298ea319f67bdbb4f2505e8232bcf88b8d769fe5c075f35c28e17e6a00c51c0eda5ce01d9898fe0823674b58cfd16b329c46dcf0601259ed357fa2bf2b59b3a38e6117e9ccab600262f62682647aef3960afdded2014d5833fa2c9e3a561012fd34d887902ba8c1d1d6a5a47eb0455e744e11b3e30b78c9e583953479236d0f0eb7000128b1f68a2aff39728fc526da30068be7d93ebae524acdaef02a1cd381d29010c8cbb839d3c9c880ace28ecde3b7d33f0fb71c27a414e172ed11ebfce7ee8d2fb36eef86191dde6eac805309f345026be4d8e0696e00f0f8e74df87ffb6ac8879f254108968eb32f0c379a5179f49b461da1ba7a7108816186fb5461f261bb5393966c6cb09fa9c9d363816c6f98257de26e7a26bd4def0da14d9a743bff28578494d7b7d0e4178f31d07b665d8092ba5ca5cbe52725bdcf7155da984279b2c48a7df9dec61ead1c90faf2866795a48a5b169f958267b91963430620f83688c43b6f5fc6a41627a0a3477e5bffd5d8ebc7100166be6da285e447f697710ad05369a962527c0d2076809b03271968f9802a89c20ac460a80461efee42affc1a48e57257ad5fe3a6033f3dea7b65b8f3694c12c037c7977834bc4663922c6f884d5b4582cf1d90e9be742d87397e6f4d2bc89944f22f427a4bacd1f9c598209dc1f9cc932a6590cfc2cc35cc83b49918598d2e7cc94228427b88eb42de881bcf01e7b94d9d7347cf0b51a38356f43e263b6618d330ddcbbe233f3ff0815ae13bece40b37e5fb3739a9c5b31e51746c18fc0583cfe7078358f024eb003a825e0b0df636e9a135b7ef42f385a711c47adf7540d113c6367787bf01268379aff648ce80d6e25497e2b63b4c104b91be7ed66e94b152abff859481a178638d265cb5e684501e199a25a90b45c5a33933b7e7d0b37bf34f87ebbfef91da5ea6a57a80d34cd5e9c46dca872a68dccf17a34fd9f7690a47eadcf2ad89a8904f1a5eb3317c6bf69eed5531e1c02fc09c4ae70d7ab67e12d2112746f42140bb0e7824ee6f6fb6e7f1f79222e99337ff4facd600df1b55e56ae565334fbffce9094e5654a9e115455840830aa8ff6e07a936965b4acec8f3e0f1b264baac2d3da07b35815dd9aa559efc5ebc3a6ab38249f3c65d5d10c5d46495e6ec2020e7be3309cc3ce3a811468c6675baa25537cf4c7a2f2d9418afb0a16aa9b719764e47e799737fde731bad4dc465d0415b228282e301d5642b3cfb0dafa276e06778e6847790d6d65b036c6933900714d6622cdeb10dc907029c4045354f47e52a51206df5a2e68c624ebd5ac96e24f840da9450b64c4a04dbf9ec7b7c3c16d3ea7d7efdc75e3c141556c8c0fc01049350d116ec3ee0379f089c7d5d5d4af7b7d60816680d55c760d46fd0654e2e57cd74cc43d217e12e6e99f978e2c6584a274b732631ffa8e049c49dbd82cac90b367eede7647ef759bdf5f3d58d2fd80b4f6535c1a9d5961e98a6144bc2fe929c133ed9a4771eda82ad2662ef47ce4ec8f7d73cbd57e214541f56dd58feca36a6befc56a441f7a2e49660d68e0fde8eb8363b407aadc495fe2f8bd1fd4e24b268c26b19c1aeebd7a9bb448bfede1b901403708b2303ddd44dc2482664d0f8d6ec20b62a973808d3a9c2dbdec35370b6f90749b16257611f08c70d4985e17afd2e8ae8aff8322270826bcd4362738130e5e409675e0e00ac851895b2ec31035ef242200ab900bc3624aab8c6b974c081958644d93494128ba62e2368aa96e772e4030dabbb4f9bc53d982450532ffd29de375f5f1afa879261f1bb7fd34d4090ef649018423dd53f72e7b2ced5a86fbd7694df1f2cf1c32228d629ec92b2d261c9cb7f25c21c90d310d516b8e66cea3586bd63e9d82cac0d49f2540e64e6e9e1286c3fd68c5a2df2f37f753c484e540d7666abd55ff2a84c5cd5abb62ede92e927b7a432f9b1342fe0cce88fb2ef00897d14efa8ca3ce46d2573559a2aeb3cd7da7ec6f2d516da3b215e881c9b0ac7d5070d08745da10445b751e4226b29c93b595e4f190dec868eb32176bdeae09b320694c9209791b5924f05777a8136d9617231069bfa411fe600b04580b08be38a4f59cb068f2091931c8fae152ffd14d7966bf861a7f591db92b8ca63adefd63f680e543e09a0f28241afe6d1bb1c8e22122f01f3bfc136d1a74dfb97eb5f796774c9d20f16098c1153884e8b9fd1a96450d775f5fb6be1fac121629739effdda299fd3958ddf625843e534e71e249b41f30b89b7cbf01dca7bd3ebdce12b3f241863df56087bf31e4cb80d22cf03176f43f5449349cee9f1fa42c971335eb6ae389cfd65eccf4742c886d13442a1719cacabee942fe907770a4be644e1e929f5dfb1bb745ab72b2e5a783be11b65317e93f363bcb65543f8dc2828623239b88171849eb9b6c27274be3ef3640c0f92f3f461be9adf73695f4d93816648acd6fd74e2cc399fd8155da858e6aa61b962cfaaf574624e98043b65f85e716890a40ddee02d5ab91904aaa29ff2405528dcf4ba40be4c702c1174ee1ef349553c5d64161b966ff1b06dcbea3d00d7d8eeae6bb994d48b0fc24fa0bc0c4f080050533efa95a0aa8a1df78828e49a0d3e2162e1dd374b9ee52994afe0684598171b4e7979525a94a243827fcc2753cf1a31cc2e98a87c2193edbb75f5ff76e2cb3ec09e04130471850cf112d8142f6c3415b07079a7b2cf727da26817df3fb7913ce7085a0085c6b0cbe651696e4a4b2bcbda42520f8847de78aa1eadcfb4842f6f62b7d54fd8c3bf5e9190ce77de5740c512e03915c7887aeaf25341a6beb6530c990018d41a78d7b3d08ec2932dbc517574a16c3be591407a0346ac207571a5399e79dcb369d20352ddcb9d4a1ac9ab31cc0d5c1df92b373f97c7dc195ddd30e05ad389837145de25be607a658984802eaddfa52ca780a111a67e7c2fcdb163bc68fdc584ab63bb91655c205a217ef51527f9aae30758a02be98a30e35837fd0450caf03165453fd7abe65fc739f0b4a53d60988b560a65e91539cdb7cf3f1e939930f87aa7823b1fff1efe448b16b4749321657a18ffed7707b2443abb694c31ffea104d3d409ee4d5e65d4cc65ddc3c7eea03d3b841b6ce966235453b3b766aefe2a6316580b3d186f6d6aaf2738746dea6ad29d3129299509bd397f911b5f7734b7d367bb457c22dcada12db0167d4a935bbf7683a51ef3aeadab8d80fa58b7b445327b030587b985dbee81180d6e6a8226d30701027474ba9e3c5bc4d0353b34d91fad7affdb9b455f6df8d59ecd3e44f45482e40b937750bf40bdbd221572c12c261564758c66f4ed752da3f7ac67c13e339e6f9fbbfdccb448ecb9a1fa92306d9c84db061b4d69c2a2333ad50c9f91b1bae7dd561515c99f543108f3d0209437c3eeb47cad3a4ff66ce8f982dcd0f52d5cd05b7547ac0ab2b4d4c8b6717a39dc71624a31dd4ff3096de47e99abf23cd115bec226a2394c65e92d4ed692aa5f84c6e686a95494e52998914556d3289889b2252f97e7f478cf64d8dcda257d4d2c9a19b581f83ac28a002f43d277667ecf32ff5fe320a2a45aa19da7c4e5edcf34631ce29064830944914f3f3db7fcdcd53db6f8eb9028a462d736c40f0399e7d6235f42f7ec8e80a21c21cfd121633fc536983528ae01cf5fcb585d06675e3fd236fc0f60499c6479f21b83d5795f8885ea7f296b16c0d1b7f4cd47f69094058c74d1bea5cd98b7a155f5866cbeba68f24c2f384f0097ca2b57800749dabad82ae8ce45c0b1fc1d70f8ec7a0bdead1ae6023cf9c696142212f348fe34496bac4d78120b158c9d6f1054cbc31909f114e70ce6ec4def75f3013ff0634edeb8a13fe76912bfa1609e49d88938982a68b4e739278de43aa731c0a58c822f9066371f342b49e197d8e35c17154423245894a4cd2a178df2735f0636b7c406f1750883a307084e307e077926067b6a8bd48e0d6fe8374f79caa65e984507a5ebb62740ec96c13503ff950e12fe6f387cee03b97354886b8cf54cba22ad3d2e48561a132df1ddb14b8baf718d7b6fda50fbb9ff49b9a12d53f7490f077316db8c2ea5bb00ee85b0259c9cc0380ddab56012bad89376d432198836f3fd1ac5bca8f29487a0c62e13ea45f737232d1ed4871fae2daccddad93702bc5d2eb50f8f7d9fd941fb67b2862d8b02983f963fab9c0aa9dfebe7b2c7125952b8fd0e6cbdac395eb16ce7ec089a5937963579c670ee70695c27c5bf27d56b00f37ae17c09b9bea077d6eea33a1f8a9e9da89e0e5eff859394ef8fa0908ea28a9731dfccb59e5e340506185bf5dce57dcceab5506ff82e461d41652dab887ce4f0a775dc0d15eb5954f4f5928ce35ef33fefde9cdace843fda661b2da92a7bcefae7eed995b6ca1b9ed329d681a64e804ce96580b495c7264d128dd5fd53efe5500f343f54c720301d1b2b4906b15d3cdb5f47b0cdd86904e271f8da15d9cafe73f6fc1dde4f47e9de38d66dc0c09a2a5315ccebe71fe8b7ca1fd5efdd15baa4c29080338633c7f1e429bc2e23759c7bae79b18a89ef0624c4c025d3c846fe42f765878cd03fa1971eb1a98d7f5fcafaa7ae847a2a78142cabe0a437ec9f64848f163cc2a12ac79a522a6d857124f2dbf8e0f5ed5bb7d4a5a2b4d0b53a4e419d91e6a7d358caabd20ca6faa42c2dfeb2df63f4f9d5a7b34641ecf2654b6ad0e7bcbd4e032e279a6e2e875325cf0c27c6bd7ae00d0676c9d3937b81dacc34141f99cb720d2c4105a37305affdc4810ed8e5102b12feed4a6ee9c9ebb6c9f40655b603ad6b722a9e4aca541adb067c5a690c578a9fcb29552d9f06537ac3d057bbd42066ed9c8300a9f079332edd146fd8117265349acd52015c32c041fab50d544c0152fb343e3afbe4bcfd873a68c42b313eff5a8482ecc73a9ecbea821bbfab83218f8c17b794c125b345d6f965e3be"]}, @nested={0x298, 0x34, [@typed={0x8, 0x7, @pid=r7}, @typed={0x4, 0x89}, @generic="9015a10a6656e2c551dadd2826527062738bbdf458c2b7857fb7afedcfb2a50f0564b228d8fbffa4a2661d3683bef29f91f696f4477bfa3a0c1a409ef7e9c6c51641a9811fbbf957d2b2c838dad00cb2d5999203a63f8c660ca609c5dce1b05c2250740124e093ae72d23f6b531d64a170bb8b2f82c66483604b10813398b4b782aa229598df5e22c497abb2bc40bb20c3da100ba6dc5959e26ac0ff4cfbeb64e8f1d4860942e84936593eb1820791fb64880e7191fada2a4d153a667e5422a5b20ae266e8d19bdf579a0bcad15d6581bb77331d8d5bb0c36356b577221f8c34ccd7b20103459c4132ead3c4ad5a600cd4d7bba261eccddbd65a", @generic="bc4411b1be1d034e29bc59ef8ecabb387874711f55d6c7dd2e9ce007484065b4f69212fa923c6681d722828027653468fa2bba3bb0455660c59b6429327d59f824e8b93ae421037ab99fed1504fa368c52a09a6bb9f579365a0a3bf464996f0b329ab884e1408da8d36d8b19ec09febfb28864a2633c6766704a63962f908d6f8245ff109f43df5551d28b491dc5f08e3a0e7e8a1526a370651372415d621dbfe982c1c337e0bf096b5e6731c87beb124ae835d3d1babf3cd236ee9eed5dec1df4312f452edd284d97773593596cc5064a7d78d3521036e1aca2f39b2bbb71b76ee1652aabf0664c6b6f209b74c91bac", @typed={0x9c, 0x45, @binary="7eeb25c0e2989b08b893b8299c55910708982b83753f31d8ec5ce8eed0447b0573b05a484f2f083344091c9dd7937f9f824d80a2a1d98b8c2527c14228dfb83f78ead8748c1638550722540e81f73200d0efb26b42e5c1ad8104264a372c7f3d1fb2e9baf74c31b00cc35bd0191f5b15d28cbfc27c950e4342d5994f6059ed42c9dad9b165c18ec8548c15636515edc9b365134b6222"}]}, @nested={0xb4, 0x66, [@generic="bcbcd9550025c03397465e69bce6250a953ceecc9b575b553a86ff96d26a0d3a8d57cdc3a70a8648d2de9fd081a9c1dd59b1098296a1ebd15e60efb11ad781a3dba05dba01ff23f5e8a9153fce668a46dd78b2738ea5403bb79743a5c4528a5c7416169722d4d00aaf14b52c463103d5306d2c52ddfd23162a25b303c6a2a7416e1780a51bf13bbb5345", @typed={0x24, 0x28, @str='mime_typekeyringvboxnet0loem0-\x00'}]}, @typed={0xc, 0x2a, @u64=0x8379}]}, 0x1794}, 0x1, 0x0, 0x0, 0x4080}, 0x80) ioctl$FIONREAD(r2, 0x541b, &(0x7f00000024c0)) syz_open_dev$mouse(&(0x7f0000002500)='/dev/input/mouse#\x00', 0x7, 0x0) ioctl$TIOCGPTPEER(r0, 0x5441, 0x2) ioctl$KVM_GET_TSC_KHZ(r2, 0xaea3) bind$netlink(r0, &(0x7f0000002540)={0x10, 0x0, 0x25dfdbff, 0x40000}, 0xc) [ 204.057324] IPVS: ftp: loaded support on port[0] = 21 [ 204.174236] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.184698] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.192068] device bridge_slave_0 entered promiscuous mode 21:23:23 executing program 4: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x101000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={0xffffffffffffffff}, 0x0, 0xf}}, 0x20) write$P9_RSTATFS(r0, &(0x7f00000000c0)={0x43, 0x9, 0x2, {0x1000, 0x0, 0x0, 0x6, 0x7fff, 0x1, 0x4, 0x5, 0x60}}, 0x43) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000180)={0x10, 0x30, 0xfa00, {&(0x7f0000000140), 0x1, {0xa, 0x4e24, 0x10001, @ipv4={[], [], @multicast2}, 0x4}, r1}}, 0x38) select(0x40, &(0x7f00000001c0)={0x0, 0x8000, 0x3, 0x80000001, 0x101, 0xffffffffffff3993, 0xfffffffffffffeff, 0xfffffffffffffffa}, &(0x7f0000000200)={0x3, 0xf49a, 0x0, 0x4848, 0x9, 0x23, 0x100000001, 0xffffffff}, &(0x7f0000000240)={0x5, 0x51f5, 0xdc7f, 0x8000, 0x9, 0x7, 0xffffffffffff0001, 0xfffffffffffffead}, &(0x7f0000000280)) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000300)={0x16, 0x98, 0xfa00, {&(0x7f00000002c0), 0x3, r1, 0x3c, 0x1, @in={0x2, 0x4e20, @broadcast}}}, 0xa0) ioctl$LOOP_SET_FD(r0, 0x4c00, r0) shmget$private(0x0, 0x3000, 0x1, &(0x7f0000ffa000/0x3000)=nil) fcntl$getownex(r0, 0x10, &(0x7f00000003c0)) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000400)='/proc/self/net/pfkey\x00', 0x400, 0x0) ioctl$sock_SIOCDELDLCI(r2, 0x8981, &(0x7f0000000440)={'tunl0\x00', 0x4}) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r2, 0x28, 0x2, &(0x7f0000000480)=0xffff, 0x8) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000004c0), 0x111, 0x8}}, 0x20) renameat2(r2, &(0x7f0000000540)='./file0\x00', r2, &(0x7f0000000580)='./file0\x00', 0x2) write$binfmt_elf64(r2, &(0x7f00000005c0)={{0x7f, 0x45, 0x4c, 0x46, 0x100, 0xf, 0x9, 0x6, 0x1ff, 0x3, 0x3, 0x8ee3, 0xd9, 0x40, 0xb, 0x5, 0xffffffffffffffc0, 0x38, 0x1, 0x8001, 0x4, 0x8a14}, [{0x70000000, 0x9e19, 0xffff, 0x0, 0xff, 0x5, 0x100000001}], "5943541a06456733c39dae19d0997a7a26b511d46c358ecc56696a99916efbe6ce128eca6ffbebb0778d621991b4a221e3e59136421fae7166a18db172b15cc0bdf2ae7b08abb4ab46c621e46bd857947dd0dd42ccd7c016ed103e2451fb9f7f466e6666ff16dae134a9bf1793d0dd0403b871e28f91627ece4f80fdfc16147146a59b9ce1b31067c2eca0478675e630d90f1b26c99c4d0cb7e4379207e74a3d52a289bf896d076d4652c165fdaaa65257bbfd1123b38c88c823420db3a3430f5e41dd3ed7138db1a9e3f288cf7c15f7fb40777313cae1f39426f2513bb1006419d7fda6048e0d3057476bf406878b76eaaca1a2655fcb559860e47b1074b2ca26a7e420229da734c9a253933b256a010ca89b935d19c735ec62e88314eef0e9632f123e69361dd5b74c1cdb4a1e6fafdf644270e25a3f7d4b04602357823d04acf362085bb3d3643dadceef9bc570c5cbcd528db3e5183085456bab8d39eafbc3fde1018d7128e48ee7c658f541a806460551f43e19eef97d595a74b60101dad54c35b0206dc8c5b614c76665fb20d7a4c327d4f0b48c8237ba0eacb27321f86736f590b30564b1d402ab2578beca46d2f6bb2f7f6cbc6fb30679e3707ca12b8015fbc711fd90f292d4cc8c0ebed0a3bdf1dde89467aae42f3cd495fcb062c86b035cd52a0d1120192025e676333c997f960fe49169eab41c8ac2412fc8947d47076c36664b9fa63719d15f26670e452de54d094bc340c67bb67d67972aa09ee3a797eb2be01aada39870c078f4120ed0097966993850d4e10f962a9a8842b18f0bd9e33d8f9a2d187176e5ff2fe72611aec3a01ff5af2947b0dcb73ba2b4ca0920e759d21a18dcce345e3b4408b410b0d4d14d371c3d7e4df98058c7f0287718d5cfc1f029c96586e072ec285923e4bf668377cfcfdf2e6644c53a17c2bcdec9533f307fa55fd249599e798409079ec84478c167731c51c11227fd20183e11b5385cba46594ef018721d0cb44d81a4e3f2f88a58737b5f4113d1c9a222301749598dbe9ca5ce6dd1d0845a0be2e13bd8872a25727719c90451b22dcec1718e3c0956985199d73006deefbfebd61beb3845198feaf3d368c9792784036a766c860a24251dd975e9a96d3e4ce4ad219bde5a1baab50cd3afd495e9ac7278592be6ceaf7df4a768a81b4d039cb126fe2d5d31ad3e4308e5328dfced8659b2fa0dcdf6cee63ec62a79cb9b4418dda5a4c172a4b444729a50043fb6b8722a35f21740c3133b8454f1f5cb69d4ca7636a008db5b45b11b30a61469e603c96e665ecfd8216fde2aa2331ddc34336100888788ab1ce0f21598d5e518b4042cb36f05cb9ba94606338f58ab38876b1c3ec91e8416062d9bd33452cb4a73e6d40eb52756f119a219f820383174097936c4c3f9d5da712d7e7328270627df7c36cd2cdb4872cd18dd2ad628eecbaf762beb98074385f838d5040d088a3780c25f3c8d029b01330c2a8d7ae5663c96053543d40e345e64f2b98cc7bda4267d033bfc46768d9f3b3045b7c72ceccffa7c5fe0af12d8c2f6b341e7df5c8532dd8e336446a34634ca681489e3af1c4c5e5c14ee68f727f31b0019a97e8ca5304803dc427d4487690990df258d47f39db07730673d44c321ba2aad73d428d30461946f53b9e83013b43e8241b55dbf86dfcb02f9568c6f7e9bc28ed4dacb7bcdb8ec6f04b45291a99275b30d2e75a41976f048346780b69f6df77d23710ea5a4b9df320c67403759e5c71ec49d99d8abbc5f0f2d329ae6bd749071e8d74f9f75394491f881a1c32819a2ad23d3fb715fc6590140d5caa38dea8f7f504627e901f2ac974329a9bd7ce2b37e2e52fe21fc548d76adbd31e68df9bd659d08da27790e5fa75773eb578deb238f5e5b348f75abd80e1dde814e14ca60a2bcd191303e82274a20513e4fe2188e04dabe106364219d7a098031db8b4d5a52085d4b799573e35f7e65d57d3118401df21e6835136f94e789641923e284b446ecf83d1c88865ceaa9c0682b91d0381e54dc7d442008fd469551e64561c1f3828b26e8eabb736625b4f3635a654c820055fe54961711d1c915a876c5355dd7e84d5d33b55ad2e91b7e267fc179b3a87bd21466da0f79845669ad6f1c929f97e24e6bb203bfae86ce758b0272082d52bb131cf42bd3a99b441980094cdf090cb846f9b8132663f20c7145a0654dd3f1c20fa9f160716c0feb6062aebfc4aa7d87b3801e4894e3289c2bd41422ff2f12b686d63a4e31f344246a5149c5c9bb6a96b786615c6ef2e2a53bf827f31b2ca78b79e4c05de0b4ad13e32895c3481aed9312e34847e32681d9070b1b330e9877e7cdedc3880f9ba826338d9a33e224d1cce5b0c38eb317aa912d00f1b95e12c96c0d19e50c1605e53d99bc982b2144111ffeb061af22af3b628c38981a0fc9d57d663a4234491888558dab1a577566662b7fe2a485de1aee13475930dfcfc53dfd759551d065d2025058c2e9a07ba3601c50fbe86b3ba4e8d71051dd82d0d122d898ac2a38e38bb17f2401fa800ecbbb2795df98c2e4bf199ff96c12b2df55bc1ae6bb9dd28a17ac2773f1fc40d3455114341e4e961a519f1c52a19908a58cc942244c59ca05f4f255cec5bbd1978fa1fb8dd575b08875853da50c1472df6b688d69b3f7c123c8f3227b069cb4deabacf8d2a1cec1508c4cf13c8ce612a5fb991be61004459c719c2e9739f1a92dccfd14efa7143d966f43ff9a1ee5271f05b330271a3f393a8b26c870af4e0683beb5863e9f4a238f3e50068ed70b7a43af49ecdd0f13c6d1bf2a45e2be1324686a1cdddbb2b3d8a72d7706bb63294b6fb683594ae718b8f473017877607c1263830c29f5b2b1da56c2bcab10c1ed7b70b4c2b4f8cd3f087339ea7d29f7973f43c453adfe8197e6ac4ab16573885b60cc90cb1125ea76afd4b5882e486f31470fb73e0a781971f8a474322a4ef2b375f37bc023299af85e0f9ea708c9c1bd2ba73c6f18aed64f18798cc367e1d038c4ffea4ab4178201485a24ba9fbeae59f47bec23ae8722c71e2416d464681c6ce987d06ebca1c4013f2e5f77ac53eb4caabd23824c9c04599928c50dc803ab5cf1d8408283eb2af64631db94ad51e4e4aee3899c6bb68977ae2b1c3161c097a36a332a4a2e6bfefd2ad83c51332f239b549530435bcf2657f7ec53993151fef122bcdf51e9cb9e3ac3735054ab9455960c704183690a0e76cbcf9f042f78691ada252df01a43dbbfc8df3cff5567a9ec0fc082d3c1655a7d62b8ae9b76b5c112a7091942b9e841b5e0ff349f3f118ddfd1c733bb4bf3ca6f54c9c2c9d087794e000d4db4b3a0c9e9d6caa7c48aed38932f195498111e11053403f776b85aa7448efcc91407c4d90e32a42b0be769dc50468fba11e094b045e50873c4b40bd061384a38060a6a24f55235d13e4856645c3f2ed9e5a2daf05a1b90cd7bca4eecf3f2368665a799f5cf5e8e1b1bdc8ebe7df380793b105960da7ebbb61939ba6556c41a4b17061eae4a9a761e3fac675d4b8115df231ccf39bf4db7242e8ec01536404f2e4c296cd46cf3688981306b43a71fefb9f44091dfdcd133b650eeca797db6112371ab834947b056f56774dec66f9e99dbb42fb98dfe4f062f428d2d73242fbe096eb1d079204f21e2f47e35c9e67a1125f61d6c9c1a5d0e773b5aa23bd94e874b8c06320b8264c8ca3a4130048cb2841977aa6651a33f988652d54cdbb303e3dc0991df5e1a786ded759faff1e68753507713885bc0bb7d55917e6fc43c1dd65bcc36cb0a5f199b91a20c243d1870f088427e23db1d99c667fc8c3b09da50bbeffc0f3cd34e6aba38d6458c0b189b2ea59e137de90e49ea5183fcadc6827cddcb2e53935aa934a27655d7e81359d1b03efa9e28e6cd6fb04b83a7c8d346d352839cc4e1d178edad2ed181790cbff364d27be92ec56d95b8765185dbc734805f723ddf6b87250dacc764a1d3af27603fae8f2834faf872cd8756280c8131a2c8e40a1f2db6b7d78c576372b1c8c8ba6002653ed727710da2ba13457c26eca259620fc1bca6608dad6222cfb03947498f0ab49614a9d65203cdf9b2aa4bdfb2e07533ba85261a837b97dbba7f38ea7485b69d6eec5dc0d22709642b61c198f0a0950a60543e3cbfef1c94a20c4f95045092a6bf013b5f28db65612986733e26bea43ce2470db1e7408bf2eac5ce38f3a553011b214207516230f030ecd099156543ad63ec8c1cb274f639ecd8fd0c1137eeabc303d840b1a8662b61a8494ca409b64864c31e380240ef94da0c251375ac372677b43ced09bb28f91f6e6dfff679c97914defd24fcb0d353df4359bab4fa9b8396404506e1c4c5001e06297342ac56b4aed77f946f910c34be8557034682eb01d959ed046efcbae52387e70817e9ad2bd112441bda9624eb7e882446db5c4da3a0a198779344fd50ed482eef596d01b537e05b5a2d476b42d87919e9788d94a4ed47847520b3be25092ea368a97ef4676de80dace2b41b8799f5473ca91597b276fc6e9c4a362a7736dde59d1d4fdc98d9cb839f27f316a6922e1225c33f354fa234eb4c4a6d93603ec579d21ccfaee5e07a3bbb743fd7d0a022d358ed66dc5636bfac4799070575a9b1151be26d032576cd63f2dc434a734f9ec0ba3c2c4c356c3fe0b7fe6a3d7bcfe3e676ce65a946624a03a6a741916e852b87082d9c18ddf7fded460f4d34d000a5c6d5987f29ee16f1e97aa958199de83260fa2380a6f5dd94a4ee45ba14b3fc92cc2b55ca1eb0e2abd2dbb19dce3c5f3047db6dea6496599780d9d350e7a9c646bca4a54d9a2d0e28c7a6245aa99f249c708e2e07fc29ea31d8ce27b49e934e59aabcb25c97b3d2a4ff5c01781631d7d1f65ec9abe4323f95591a4e9dc86004c0e1ea950c24596f1d5dfc49ad59fa286f242f2d270373ad82a1d6a3f5edc851dd0dc4063873efd4c84f6ec8e2494ee077b0ed58d26c1dd13d3b0de27ea4033262bac3f882703dab75fc6c37b59ca781f847196c7513c226b22c8bcd41a474fac2dde678e1682f7d79f1c8f8895d27409e1cda1b2166c468a5515508d832c25b56c59c6d70497cca841a9fbb068621a8feb1d80c872becf2ef319b2210837a45327e0504dac90ab9fbcca62f344feec022a542d78cf196641e98db97da97eeaacc2f3e553664797557bc7c8aa7a4c6ed1f01719e40d1306d542ea96aea5bc8a64d10b23b85bcab0069c6485f33e85c19a65cf13e9e5e710cbfa86d58bb5e39b8beda0e4776d6b64484b033b0738847e92906bd46e3afc5fb0895f04147fe4742565e7e9c2edc3a5308ddce1d0e37c5426ac786519add6137583d6f218707527d84df596c4c3ada05deea1dc2fe063df87a9e64d99035e73a1a1147a2622dd28567966468480dec8daa51547fe4e736a20ce8a026ad300b6468c63b368cea9cedb97139aac907473fa360c694e0a9d3e42eaeb2034ac7803b77ccb3a7c07b2fd3bd1994450faca2b955e10ede6c83d31905ecbb31511036499ab3cb116cb01fd2a69973a781d353e067c5401d28481c1931d45cda6e145c77629dcbcabf77a46cb4f599f0c72fe72257ced702848744fa07483333e17b9a3fa4580c0374e7e5efe6d1b1bc5d4e401cde9b5a0b27f7bd6a009a47f9ab0d304dc55d8484981c4f8da6cdac0be111beedc3afba4aeae622e3b3e58d859958c76c2cd60483bca2861fec2779e3e94eaf0536b43fe837b8de2473e2a905507f7a6f5ff838bb8a5f0afed9643471", [[], [], [], [], []]}, 0x1578) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f0000001b40)={{0x0, 0x3, 0x6, 0x6, 'syz1\x00', 0xffffffff}, 0x1, [0x9, 0x0, 0x5b6, 0xaf, 0x4, 0x80000000, 0x7, 0x1, 0x4, 0x8, 0x0, 0x6, 0xd1, 0x7fffffff, 0x1, 0x7, 0x0, 0x8, 0x4, 0x8, 0xffffffff, 0x8, 0x7f, 0x8, 0x1, 0x8, 0x8001, 0x59, 0x4, 0xffff, 0x1, 0x0, 0x100, 0x8, 0x0, 0x2d, 0xffffffffffffffe0, 0x7, 0x3, 0x80000000, 0x200, 0x7, 0x5, 0x6, 0x0, 0x4, 0x1000, 0xed, 0x0, 0x3, 0x2, 0x800, 0x100000000, 0x7, 0xb64, 0x800, 0x2, 0x7, 0x401, 0xff, 0x5, 0x8, 0x6d, 0xda, 0x8, 0x3, 0x5, 0x200, 0x4, 0x81, 0x9, 0xffffffffffffffff, 0xff, 0x3, 0x0, 0xe1, 0x7fffffff, 0x5, 0x9433, 0x101, 0xffff, 0x3ff, 0x122b2dd9, 0x2, 0x2, 0x1, 0x0, 0x8000, 0x7ff, 0x7, 0x7, 0x41a, 0xffffffffffffffff, 0x10000, 0x1ff, 0x6, 0x8ac, 0x9, 0x2, 0x1000, 0x80, 0x100, 0x8, 0x7, 0x100000000, 0x80000001, 0x8, 0x0, 0x400, 0x7a1b, 0x4, 0x3f, 0x4, 0x10001, 0xfffffffffffffe01, 0x6, 0x70e, 0x5, 0x524d, 0x3, 0x67c1, 0x5, 0x301, 0x4, 0xb8, 0x1, 0x8, 0x9], {0x77359400}}) setsockopt$bt_BT_POWER(r2, 0x112, 0x9, &(0x7f0000002040)=0x101, 0x1) ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f0000002080)=0x1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f00000020c0)={0x0, @multicast1, 0x4e22, 0x2, 'wlc\x00', 0x19, 0x101, 0x53}, 0x2c) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000002100)={0x0}, &(0x7f0000002140)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000002180)={0x5, 0x200, 0x9, 0x4c1000000, r3}, 0x10) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000021c0)='/dev/sequencer\x00', 0x20000, 0x0) pipe2(&(0x7f00000022c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000002300)={0x624, 0x1, 0xb01, 0x7, r3}, 0x10) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000002340), &(0x7f0000002380)=0xc) ioctl$sock_SIOCBRADDBR(r5, 0x89a0, &(0x7f00000023c0)='ipddp0\x00') ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000002400)={'bond_slave_0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000002440)={@dev={0xfe, 0x80, [], 0xe}, @dev={0xfe, 0x80, [], 0x11}, @mcast2, 0xb6830000000, 0x400, 0x8, 0x500, 0x3, 0x1, r7}) setsockopt$llc_int(r4, 0x10c, 0x6, &(0x7f00000024c0)=0x7f89, 0x4) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000002500)={r3, 0xfffffffffffffffd, 0x9}, 0x8) [ 204.319288] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.335290] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.342660] device bridge_slave_1 entered promiscuous mode [ 204.451357] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 204.483689] IPVS: ftp: loaded support on port[0] = 21 [ 204.608326] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready 21:23:24 executing program 5: clock_nanosleep(0x7, 0x0, &(0x7f0000000000)={0x0, 0x989680}, &(0x7f0000000040)) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x4000, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f00000000c0)={0x800, 0x0, 'client1\x00', 0x2, "77ef7ff855c73ff0", "b4ca286ec9c25f7a5f54ddfcb95735633016b8b47788fcfe58ce8ee605512192", 0x9, 0x100}) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r0, 0xc0a85322, &(0x7f0000000180)) fchdir(r0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000240)={{{@in=@multicast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@mcast2}}, &(0x7f0000000340)=0xe8) ioctl$TUNSETOWNER(r0, 0x400454cc, r2) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000380)={0x0, 0x0, 0x1, 0x0, [], [{0x5, 0x10000, 0x0, 0x2b, 0x0, 0x3}, {0x8, 0xbd, 0x100000001, 0xfff, 0x80000000, 0x7}], [[]]}) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000480)={r1, 0x6, 0xfffffffffffffffb, 0x800, 0x6, 0x7, 0x8}) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000004c0)={0x0, 0x6, 0x20, 0x0, 0xfffffffffffffffd}, &(0x7f0000000500)=0x18) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000540)={r3, 0x2}, &(0x7f0000000580)=0x8) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f00000005c0)=""/74) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000640)=0x3, 0x4) r4 = syz_open_dev$midi(&(0x7f0000000680)='/dev/midi#\x00', 0x20, 0x10100) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r4, 0xc0405519, &(0x7f00000006c0)={0x7, 0x1, 0xfffffffffffffffc, 0xeab, 'syz1\x00', 0x1f}) getsockname$inet6(r0, &(0x7f0000000700)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000740)=0x1c) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000780)=0x9, 0x4) ioctl$VHOST_RESET_OWNER(r0, 0xaf02, 0x0) clock_gettime(0x0, &(0x7f0000001b00)={0x0, 0x0}) recvmmsg(r4, &(0x7f0000001ac0)=[{{&(0x7f00000007c0)=@vsock={0x28, 0x0, 0x0, @reserved}, 0x80, &(0x7f0000001980)=[{&(0x7f0000000840)=""/73, 0x49}, {&(0x7f00000008c0)=""/174, 0xae}, {&(0x7f0000000980)=""/4096, 0x1000}], 0x3, &(0x7f00000019c0)=""/234, 0xea, 0x7f}, 0x80000001}], 0x1, 0x2001, &(0x7f0000001b40)={r5, r6+10000000}) getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, &(0x7f0000001b80)={{{@in=@multicast1, @in=@multicast1}}, {{@in6=@mcast1}, 0x0, @in=@dev}}, &(0x7f0000001c80)=0xe8) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x2) ioctl$KVM_SET_PIT2(r4, 0x4070aea0, &(0x7f0000001cc0)={[{0x20, 0x1, 0x1, 0x5, 0x800, 0x5, 0x4, 0x401, 0x2, 0x2, 0xfff, 0x8, 0x9}, {0x2fc000000000000, 0x9, 0x4, 0x7, 0xcaf4, 0x7f, 0x64e0, 0x8001, 0x5, 0x8, 0x8cd0, 0x2, 0x3}, {0x5b, 0x2, 0x3f, 0x0, 0xff, 0x8, 0x401, 0x6, 0x7, 0xffff, 0x2, 0x7, 0x7}], 0x1a1}) r7 = syz_genetlink_get_family_id$fou(&(0x7f0000001d80)='fou\x00') sendmsg$FOU_CMD_ADD(r0, &(0x7f0000001e40)={&(0x7f0000001d40), 0xc, &(0x7f0000001e00)={&(0x7f0000001dc0)={0x2c, r7, 0x301, 0x70bd27, 0x25dfdbfd, {}, [@FOU_ATTR_PORT={0x8, 0x1, 0x4e21}, @FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000080}, 0x10) ioctl$EVIOCGID(r4, 0x80084502, &(0x7f0000001e80)=""/254) mknodat(r4, &(0x7f0000001f80)='./file0\x00', 0x101a, 0x6) ioctl$sock_inet_SIOCDARP(r4, 0x8953, &(0x7f0000001fc0)={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xf}}, {0x6, @remote}, 0x5a, {0x2, 0x4e21, @remote}, 'veth1_to_bond\x00'}) ioctl$INOTIFY_IOC_SETNEXTWD(r4, 0x40044900, 0x4) rt_sigtimedwait(&(0x7f0000002040)={0xfed}, &(0x7f0000002080), &(0x7f00000020c0)={0x0, 0x989680}, 0x8) [ 204.762795] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.781912] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.804441] device bridge_slave_0 entered promiscuous mode [ 204.917392] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.934292] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.947809] device bridge_slave_1 entered promiscuous mode [ 204.957442] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 205.018699] IPVS: ftp: loaded support on port[0] = 21 [ 205.079808] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 205.091003] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 205.148335] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 205.163916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.205112] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 205.340971] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.353519] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.375720] device bridge_slave_0 entered promiscuous mode [ 205.519988] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.532044] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.539776] device bridge_slave_1 entered promiscuous mode [ 205.571499] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 205.609315] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 205.620900] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 205.642336] team0: Port device team_slave_0 added [ 205.682745] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 205.710843] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 205.773533] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 205.811863] team0: Port device team_slave_1 added [ 205.834165] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 205.861368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 205.919085] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 205.930743] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 205.941693] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 205.969963] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 205.999726] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 206.019154] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.030286] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.045304] device bridge_slave_0 entered promiscuous mode [ 206.058865] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 206.078447] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 206.105715] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 206.113636] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 206.185371] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 206.208638] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.215886] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.223209] device bridge_slave_1 entered promiscuous mode [ 206.237301] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 206.252640] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 206.265441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 206.285914] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.292333] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.300713] device bridge_slave_0 entered promiscuous mode [ 206.327480] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 206.350236] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 206.361882] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 206.385437] team0: Port device team_slave_0 added [ 206.391118] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 206.410420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 206.443247] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.465099] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.472485] device bridge_slave_1 entered promiscuous mode [ 206.482816] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 206.550922] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 206.565743] team0: Port device team_slave_1 added [ 206.579176] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 206.651067] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 206.667138] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 206.772738] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 206.803507] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 206.815770] team0: Port device team_slave_0 added [ 206.838849] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 206.849693] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.858331] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.871021] device bridge_slave_0 entered promiscuous mode [ 206.885592] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 206.895535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 206.919489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 206.946194] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 206.953617] team0: Port device team_slave_1 added [ 206.966630] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 206.982870] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 206.995429] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.005355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 207.013368] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.021735] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.044957] device bridge_slave_1 entered promiscuous mode [ 207.067414] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 207.075937] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 207.084016] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 207.102998] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 207.128887] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 207.152217] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 207.174727] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 207.185097] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 207.192032] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 207.206739] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 207.227635] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 207.238946] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 207.267266] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 207.274957] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 207.282885] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 207.330200] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 207.342183] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 207.362577] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 207.380704] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 207.401239] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 207.552586] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 207.584827] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.591243] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.597924] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.604286] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.613989] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 207.667924] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 207.727198] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 207.747523] team0: Port device team_slave_0 added [ 207.761612] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 207.785712] team0: Port device team_slave_0 added [ 207.791493] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 207.806692] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 207.821421] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 207.839689] team0: Port device team_slave_1 added [ 207.845153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 207.903710] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 207.920332] team0: Port device team_slave_1 added [ 207.944034] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 207.965254] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 207.984723] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 207.993126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.001798] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.045075] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 208.052296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 208.065112] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.076790] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 208.092809] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.120756] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.149709] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 208.165554] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 208.177214] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.208486] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 208.225318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 208.240139] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 208.258128] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 208.267945] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.274323] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.281012] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.287414] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.301593] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 208.308690] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 208.318486] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 208.343466] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 208.355736] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 208.363830] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.397601] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 208.410296] team0: Port device team_slave_0 added [ 208.419561] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 208.452506] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 208.475200] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 208.497052] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 208.512550] team0: Port device team_slave_1 added [ 208.636128] bridge0: port 2(bridge_slave_1) entered blocking state [ 208.642542] bridge0: port 2(bridge_slave_1) entered forwarding state [ 208.649234] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.655634] bridge0: port 1(bridge_slave_0) entered forwarding state [ 208.685105] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 208.702091] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 208.803642] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 208.813323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 208.840340] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 208.900810] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 208.923587] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 208.934192] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 209.015739] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 209.023039] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 209.033808] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 209.430843] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.437273] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.443907] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.450308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.467981] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 209.729911] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.736332] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.742977] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.749411] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.769330] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 209.804800] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 209.812459] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 209.949668] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.956104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 209.962749] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.969143] bridge0: port 1(bridge_slave_0) entered forwarding state [ 209.977150] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 210.839429] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 212.035359] 8021q: adding VLAN 0 to HW filter on device bond0 [ 212.368696] 8021q: adding VLAN 0 to HW filter on device bond0 [ 212.497709] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 212.670496] 8021q: adding VLAN 0 to HW filter on device bond0 [ 212.775187] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 212.855987] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 212.862250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 212.875790] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 212.980156] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 213.131245] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 213.138118] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 213.147932] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 213.217760] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.325902] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 213.332149] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 213.340151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 213.439793] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.556059] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.632568] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.644565] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.759510] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.888504] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 213.942694] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 213.982659] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 214.237869] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 214.244043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 214.251806] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 214.294822] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 214.301064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 214.309343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 214.428353] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 214.454763] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 214.465306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 214.670464] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.678865] 8021q: adding VLAN 0 to HW filter on device team0 [ 214.785383] 8021q: adding VLAN 0 to HW filter on device team0 21:23:35 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x10000000000007) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4}, 0x1c) sendmmsg(r0, &(0x7f0000000140), 0x7b, 0x0) 21:23:35 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) unshare(0x0) 21:23:35 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) lstat(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x20000007}, 0x1c) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000015000/0x18000)=nil, &(0x7f0000000540)=[@text64={0x40, &(0x7f00000004c0)="440f20c03501000000440f22c0450f0766f3460f06c46279181c6e430f0742f70e0500000024893e643667660f38359b0e000000b9800000c00f3235000100000f3066baf80cb85ec13387ef66bafc0c66b84b0066ef", 0x56}], 0x1, 0x0, &(0x7f0000000580), 0x0) 21:23:35 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$netlink(0x10, 0x3, 0xc) writev(r1, &(0x7f0000fb5ff0)=[{&(0x7f0000fb6000)="1f00000002031900000007000000e3800802bb0509000100010100493ffe58", 0x1f}], 0x1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00', 0x101}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000180)={'lo\x00'}) [ 215.697158] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. [ 215.768352] device lo entered promiscuous mode [ 215.818146] device lo left promiscuous mode 21:23:35 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, &(0x7f0000000040), 0x0, 0x8001, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x77) write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[], 0xffdc) read(r0, &(0x7f0000000140)=""/165, 0x1000000eb) [ 215.839815] device lo entered promiscuous mode 21:23:35 executing program 0: r0 = msgget$private(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) [ 215.918172] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 21:23:35 executing program 1: openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='fdinfo/3\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:23:35 executing program 0: r0 = msgget$private(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:35 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) socket$nl_route(0x10, 0x3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4) bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22, 0x0, @ipv4={[], [], @local}}, 0x1c) listen(r1, 0x0) r2 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r2, &(0x7f0000e11ff0)=[{&(0x7f0000000140)="580000001400add427323b470c458c5602067fffffff81004e220000ac1414aa0b4824ca945f64009400050028925aa80000000000000080000efffeffe809000000fff5dd00000010000100090a1000410400000000fcff", 0x58}], 0x1) 21:23:36 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r0, 0x10001) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000280), 0xa5, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) socket$netlink(0x10, 0x3, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r2, &(0x7f0000000040), 0x113, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) close(r0) 21:23:36 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = msgget$private(0x0, 0x0) unshare(0x8000400) msgctl$MSG_STAT(r1, 0xb, &(0x7f00000000c0)=""/130) 21:23:36 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @loopback}, 0xc) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000000)={@multicast2, @loopback}, 0x10) 21:23:36 executing program 0: r0 = msgget$private(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5420, &(0x7f0000000000)) r1 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x2b161344, 0xe000) ioctl$NBD_SET_SIZE_BLOCKS(r1, 0xab07, 0x0) ioctl$SCSI_IOCTL_DOORLOCK(0xffffffffffffffff, 0x5380) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000780), 0x3b028fb06411ad30, &(0x7f0000000880)={&(0x7f0000000080)=ANY=[@ANYRESOCT], 0x1}}, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r3, &(0x7f0000000700), 0x10000000000000e5) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000100)=ANY=[], &(0x7f0000000040)) setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080), 0x14) syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x8202) ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000001c0)={0x5004, 0x1000}) ioctl$EVIOCSFF(0xffffffffffffffff, 0x402c4580, &(0x7f0000000140)={0x0, 0x76, 0x0, {0x0, 0x7}, {0x1}, @period={0x0, 0x0, 0x9, 0x0, 0xf7, {0x0, 0x0, 0x8}, 0x0, &(0x7f0000000100)}}) lstat(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TUNSETGROUP(r0, 0x400454ce, r4) io_setup(0x3ff, &(0x7f0000000100)=0x0) io_submit(r5, 0x0, &(0x7f00000002c0)) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 21:23:36 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0xffd8) open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0) 21:23:36 executing program 3: setsockopt$inet_sctp6_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f00000004c0)=0x3aa0, 0x4) preadv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/7, 0x7}], 0x1, 0x8004c000002) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000600)={0x0, 0x0, 0x95a, 0x9, 0xf4a0}, &(0x7f0000000640)=0x14) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000680)={0x0, 0x7}, &(0x7f00000006c0)=0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_IO(r0, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, &(0x7f0000000440)}, &(0x7f0000000580)="5f39203a1ec61c000f2657a275e0338c73d24faf8117a1bbcec4ae78adceccee3f", &(0x7f0000000100)=""/44, 0x0, 0x0, 0x0, &(0x7f00000000c0)}) getitimer(0x0, &(0x7f0000000700)) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.stat\x00', 0x0, 0x0) futex(&(0x7f0000000500)=0x1, 0x3, 0x0, &(0x7f0000000540)={0x0, 0x1c9c380}, &(0x7f00000005c0)=0x2, 0x0) [ 216.741077] hrtimer: interrupt took 41349 ns [ 216.757585] sd 0:0:1:0: [sg0] tag#4764 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK [ 216.766871] sd 0:0:1:0: [sg0] tag#4764 CDB: Persistent reserve out, sa=0x19 [ 216.774460] sd 0:0:1:0: [sg0] tag#4764 CDB[00]: 5f 39 20 3a 1e c6 1c 00 0f 26 57 a2 75 e0 33 8c 21:23:36 executing program 0: r0 = msgget$private(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:36 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/if_inet6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 216.783788] sd 0:0:1:0: [sg0] tag#4764 CDB[10]: 73 d2 4f af 81 17 a1 bb ce c4 ae 78 ad ce cc ee [ 216.793158] sd 0:0:1:0: [sg0] tag#4764 CDB[20]: 3f 21:23:36 executing program 4: setsockopt$inet_sctp6_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f00000004c0)=0x3aa0, 0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000680)={0x0, 0x7}, &(0x7f00000006c0)=0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x21, 0x0, @scatter={0x0, 0x0, &(0x7f0000000440)}, &(0x7f0000000580)="5f39203a1ec61c000f2657a275e0338c73d24faf8117a1bbcec4ae78adceccee3f", &(0x7f0000000100)=""/44, 0x0, 0x0, 0x0, &(0x7f00000000c0)}) getitimer(0x0, &(0x7f0000000700)) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.stat\x00', 0x0, 0x0) syz_execute_func(&(0x7f0000000300)="43cff3430f0f1f8a6532d2f3a5c4427da828c4e3fd6fcbcf340a0f75b7000000000f0ffb1cdac1") futex(&(0x7f0000000500)=0x1, 0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c9c380}, &(0x7f00000005c0)=0x2, 0x0) [ 216.833448] sd 0:0:1:0: [sg0] tag#4764 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK [ 216.845126] sd 0:0:1:0: [sg0] tag#4764 CDB: Persistent reserve out, sa=0x19 [ 216.852430] sd 0:0:1:0: [sg0] tag#4764 CDB[00]: 5f 39 20 3a 1e c6 1c 00 0f 26 57 a2 75 e0 33 8c [ 216.861780] sd 0:0:1:0: [sg0] tag#4764 CDB[10]: 73 d2 4f af 81 17 a1 bb ce c4 ae 78 ad ce cc ee [ 216.871019] sd 0:0:1:0: [sg0] tag#4764 CDB[20]: 3f 21:23:36 executing program 0: r0 = msgget$private(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:36 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net\x00') fstat(r0, &(0x7f00000001c0)) [ 216.935700] sd 0:0:1:0: [sg0] tag#4758 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK [ 216.944647] sd 0:0:1:0: [sg0] tag#4758 CDB: Persistent reserve out, sa=0x19 [ 216.952252] sd 0:0:1:0: [sg0] tag#4758 CDB[00]: 5f 39 20 3a 1e c6 1c 00 0f 26 57 a2 75 e0 33 8c [ 216.961612] sd 0:0:1:0: [sg0] tag#4758 CDB[10]: 73 d2 4f af 81 17 a1 bb ce c4 ae 78 ad ce cc ee [ 216.970929] sd 0:0:1:0: [sg0] tag#4758 CDB[20]: 3f 21:23:36 executing program 5: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r0 = gettid() socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000040)) ptrace$setopts(0x4206, r0, 0x0, 0x0) wait4(0x0, &(0x7f0000000180), 0x0, &(0x7f0000000280)) nanosleep(&(0x7f0000000200)={0x77359400}, &(0x7f00000000c0)) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x0, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) tkill(r0, 0x11) 21:23:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0xffd8) execve(&(0x7f0000000400)='./file0\x00', &(0x7f0000000340), &(0x7f0000000480)) io_setup(0x0, &(0x7f0000000040)) getsockname(0xffffffffffffffff, &(0x7f00000005c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000640)=0x80) openat$vhci(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vhci\x00', 0x0, 0x0) ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000000)={'sit0\x00', {0x2, 0x0, @multicast1}}) 21:23:36 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:36 executing program 2: clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, &(0x7f0000000000), 0xffffffffffffffff) r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000180)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000001c80)={&(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10, &(0x7f00000003c0), 0x0, &(0x7f0000000100)=[@cswp={0x58, 0x114, 0x9, {{}, &(0x7f0000000040), &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0, 0xffffff7f}}], 0x58}, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f00000002c0), 0x1000) [ 217.298087] atomic_op 0000000061c484ec conn xmit_atomic (null) [ 217.299998] __ntfs_error: 3 callbacks suppressed [ 217.300008] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 217.396027] overlayfs: './file0' not a directory [ 217.405230] syz-executor1 (7686) used greatest stack depth: 8944 bytes left [ 217.413923] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:23:36 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5420, &(0x7f0000000000)) r1 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x2b161344, 0xe000) ioctl$NBD_SET_SIZE_BLOCKS(r1, 0xab07, 0x0) ioctl$SCSI_IOCTL_DOORLOCK(0xffffffffffffffff, 0x5380) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000780), 0x3b028fb06411ad30, &(0x7f0000000880)={&(0x7f0000000080)=ANY=[@ANYRESOCT], 0x1}}, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r3 = openat$cgroup_int(r2, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0) writev(r3, &(0x7f0000000700), 0x10000000000000e5) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000100)=ANY=[], &(0x7f0000000040)) setsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080), 0x14) syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x8202) ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000001c0)={0x5004, 0x1000}) ioctl$EVIOCSFF(0xffffffffffffffff, 0x402c4580, &(0x7f0000000140)={0x0, 0x76, 0x0, {0x0, 0x7}, {0x1}, @period={0x0, 0x0, 0x9, 0x0, 0xf7, {0x0, 0x0, 0x8}, 0x0, &(0x7f0000000100)}}) lstat(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TUNSETGROUP(r0, 0x400454ce, r4) io_setup(0x3ff, &(0x7f0000000100)=0x0) io_submit(r5, 0x0, &(0x7f00000002c0)) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 21:23:36 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f000000a000)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp, 0x8000000200000000, 0x800007f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000300)=ANY=[], &(0x7f0000343ff8)='./file0\x00', &(0x7f0000fb5ffc)='nfs\x00', 0x0, &(0x7f000000a000)) mount(&(0x7f0000000140)=ANY=[], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f000000a000)) 21:23:36 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) fchdir(r0) r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) r3 = open(&(0x7f00000004c0)='./bus\x00', 0x141042, 0x0) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x10000, 0x5}) write$binfmt_elf64(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="9d"], 0x1) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f00000001c0)=ANY=[@ANYBLOB="0000000000000000050000080000000000000000000000b28d"]) 21:23:36 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:37 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) [ 217.644010] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. [ 217.683061] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:23:37 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:37 executing program 0: r0 = msgget$private(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:37 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) [ 217.860679] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. [ 217.878857] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:23:39 executing program 5: syz_emit_ethernet(0x2a, &(0x7f0000000080)={@link_local, @empty, [], {@arp={0x806, @ether_ipv4={0x6, 0x800, 0x6, 0x4, 0x1, @broadcast, @empty=0xfeffffff, @dev, @local}}}}, &(0x7f00000001c0)) 21:23:39 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x802, 0x0) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000080)={0x0, 0x4004400}) 21:23:39 executing program 0: r0 = msgget$private(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:39 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:39 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:39 executing program 2: r0 = socket(0x10, 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/dev\x00') sendfile(r0, r1, &(0x7f0000000040), 0x80000002) 21:23:39 executing program 0: r0 = msgget$private(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:39 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_open_dev$vcsn(&(0x7f0000000240)='/dev/vcs#\x00', 0x0, 0x0) ioctl$KVM_GET_CLOCK(0xffffffffffffffff, 0x8030ae7c, &(0x7f0000000300)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getpeername(0xffffffffffffff9c, &(0x7f0000000100)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000080)=0x80) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4138ae84, &(0x7f0000000000)) [ 220.241284] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 220.256128] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. 21:23:39 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={"6c6f00000000000000000000020900", 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={&(0x7f0000000140), 0xc, &(0x7f0000000280)={&(0x7f0000000180)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r1}, [@IFA_LOCAL={0x8, 0x2, @rand_addr}]}, 0x20}}, 0x0) 21:23:39 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:39 executing program 0: r0 = msgget$private(0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:39 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:39 executing program 5: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xab, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) close(r0) [ 220.556455] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. 21:23:40 executing program 2: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000100)={0x100000000000000b, 0x0, [{0x174}]}) 21:23:40 executing program 1: keyctl$set_timeout(0xf, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f00009ff000)=ANY=[@ANYBLOB="18000000030000dc00000000000000819500000000000000"], &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48) add_key$user(&(0x7f0000000100)='user\x00', &(0x7f0000000140)={'syz'}, &(0x7f00000001c0), 0x0, 0xfffffffffffffffd) add_key(&(0x7f00000002c0)='id_resolver\x00', &(0x7f0000000300)={'syz'}, &(0x7f00000003c0), 0x0, 0xfffffffffffffffc) r2 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f000031aff8)={r0, r1}) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f0000000040)={r0}) 21:23:40 executing program 0: r0 = msgget$private(0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:40 executing program 5: [ 220.598585] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:23:40 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:40 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:40 executing program 0: r0 = msgget$private(0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) msgsnd(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:40 executing program 5: 21:23:40 executing program 2: 21:23:40 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000100), 0x1c) r1 = socket$inet6(0xa, 0x80003, 0x2) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0a5c2d023c126285718070") sendmmsg(r0, &(0x7f00000000c0), 0x182, 0x0) 21:23:40 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000600), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44b}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x20000007}, 0x1c) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000015000/0x18000)=nil, &(0x7f0000000540)=[@text64={0x40, &(0x7f00000004c0)="440f20c03501000000440f22c0450f0766f3460f06c46279181c6e430f0742f70e0500000024893e643667660f38359b0e000000b9800000c00f3235000100000f3066baf80cb85ec13387ef66bafc0c66b84b0066ef", 0x56}], 0x1, 0x0, &(0x7f0000000580), 0x0) 21:23:40 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:40 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000380), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) shutdown(r0, 0x1) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) 21:23:40 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:40 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:40 executing program 1: 21:23:40 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:40 executing program 5: 21:23:40 executing program 5: 21:23:40 executing program 1: 21:23:40 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) [ 221.130250] overlayfs: failed to resolve './file1': -2 21:23:40 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:40 executing program 2: 21:23:40 executing program 1: 21:23:40 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:40 executing program 5: 21:23:40 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:40 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:40 executing program 5: 21:23:40 executing program 1: 21:23:40 executing program 2: 21:23:40 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:40 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:40 executing program 1: 21:23:41 executing program 5: 21:23:41 executing program 2: 21:23:41 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:41 executing program 1: 21:23:41 executing program 2: 21:23:41 executing program 5: 21:23:41 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:41 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:41 executing program 2: 21:23:41 executing program 1: 21:23:41 executing program 5: [ 221.815404] overlayfs: failed to resolve './file1': -2 21:23:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:41 executing program 1: 21:23:41 executing program 5: 21:23:41 executing program 2: 21:23:41 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:41 executing program 4: syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:41 executing program 2: 21:23:41 executing program 1: 21:23:41 executing program 5: 21:23:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:41 executing program 2: 21:23:41 executing program 5: 21:23:41 executing program 1: 21:23:41 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:41 executing program 2: 21:23:41 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[]) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:41 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[], 0x0, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:41 executing program 5: 21:23:41 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:41 executing program 1: 21:23:41 executing program 2: [ 222.304677] __ntfs_error: 13 callbacks suppressed [ 222.304689] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. 21:23:41 executing program 5: [ 222.349270] overlayfs: missing 'lowerdir' 21:23:41 executing program 1: [ 222.391974] overlayfs: failed to resolve './file1': -2 21:23:41 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB]) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:41 executing program 5: 21:23:41 executing program 2: 21:23:42 executing program 1: pipe(&(0x7f0000000000)={0xffffffffffffffff}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f00000000c0)=""/11, 0xb) dup2(r1, r0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)) clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f00000001c0), 0xffffffffffffffff) ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f0000000080)) 21:23:42 executing program 3: syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) [ 222.511470] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. [ 222.540288] overlayfs: missing 'lowerdir' [ 222.586688] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:23:42 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:42 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_GET_CLOCK(0xffffffffffffffff, 0x8030ae7c, &(0x7f0000000300)) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, &(0x7f0000000280)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4138ae84, &(0x7f0000000000)) 21:23:42 executing program 2: r0 = msgget(0x0, 0xf4) msgctl$IPC_RMID(r0, 0x0) r1 = msgget$private(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) msgsnd(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="dc082087a270968f7f31977a153d8bfc69ab72f6fad7cab8b9b7331511e1cabeff01"], 0x1, 0x0) r3 = gettid() migrate_pages(r3, 0x6, &(0x7f0000000100)=0x1, &(0x7f0000000140)=0x3) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0xfc, &(0x7f0000001180), &(0x7f0000000340)=""/252}, 0x28) close(0xffffffffffffffff) setreuid(0x0, 0x0) msgrcv(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="41a135ed240a011c61a78e4b7250f20080000000000000bcb7da8892cbea37f1b23073d32ca0ae544bb7d9e5ed3e000070499dda81c06f73051c704d86b5a379d289300acc07357b974986ee1a670626635f99ab5d855d6beb86021c043140c2cd82aca8ebc77009000000000000002e65367527a89af948"], 0x1, 0x0, 0x0) 21:23:42 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:42 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[]) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) [ 223.152623] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. [ 223.169462] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:23:42 executing program 5: r0 = socket$inet6_dccp(0xa, 0x6, 0x0) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000000)='trusted.overlay.upper\x00', &(0x7f00000000c0)={0x0, 0xfb, 0x2e, 0x4, 0x4, "000600e6d96ec7a3358683eccb91b236", "2f26264677d6a200e6ce8e9ed5c72318fe7b308eb0d7491957"}, 0x2e, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) keyctl$set_timeout(0xf, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10) connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f00009ff000)=ANY=[@ANYBLOB="18000000030000dc00000000000000819500000000000000"], &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48) add_key$user(&(0x7f0000000100)='user\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f00000001c0)="0a7b93a6bff5e1a25ada0ebdb7851051d2ee3057cf3826a7d2cb017d18ccb15f9019cf57c7411467ca29321a4c5d6878a78f86e036e6a1506715ef11a8b5416217a2a1a174df219b7342f16acfa304ba0650e3749f83e4185f07d96ad07eaa3e9c8524e30f42fce27a3dea6eea1bbacc", 0x70, 0xfffffffffffffffd) add_key(&(0x7f00000002c0)='id_resolver\x00', &(0x7f0000000300)={'syz'}, &(0x7f00000003c0)="002ed6f8b7cae7f0167d1782cb5c7648e811297c0a9d35767d1971d121765a725d0e", 0x22, 0xfffffffffffffffc) keyctl$dh_compute(0x17, &(0x7f0000000500), &(0x7f0000000540)=""/217, 0xd9, &(0x7f0000000680)={&(0x7f0000000640)={'sha3-256\x00'}, 0x0, 0xffffff35}) socket$xdp(0x2c, 0x3, 0x0) r3 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f000031aff8)={r1, r2}) ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f0000000040)={r1}) [ 223.194507] overlayfs: unrecognized mount option "lowerdir" or missing value [ 223.195051] overlayfs: missing 'lowerdir' 21:23:42 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,wor']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:42 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB]) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) [ 223.288930] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 223.309712] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 223.330922] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. 21:23:42 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) [ 223.343978] overlayfs: missing 'lowerdir' [ 223.358006] overlayfs: unrecognized mount option "wor" or missing value 21:23:42 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f00000006c0)={'security\x00'}, &(0x7f0000000080)=0x24) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000240)=@nat={'nat\x00', 0x19, 0x3, 0x2a8, [0x20001700, 0x0, 0x0, 0x20001948, 0x20001a40], 0x0, &(0x7f00000000c0), &(0x7f0000001700)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x2, [{{{0x11, 0x8, 0x88fb, 'sit0\x00', 'ip6_vti0\x00', 'team_slave_1\x00', 'yam0\x00', @remote, [0x0, 0x0, 0xff, 0x0, 0xff, 0xff], @local, [0xff, 0xff, 0xff, 0x0, 0xff], 0xe8, 0xe8, 0x118, [@connbytes={'connbytes\x00', 0x18, {{0xfffffffffffffffc, 0x3, 0x1, 0x3}}}, @time={'time\x00', 0x18, {{0x2, 0x100000001, 0x8277, 0xa0a3, 0x9, 0x8, 0x2}}}]}}, @arpreply={'arpreply\x00', 0xc, {{@local, 0xffffffffffffffff}}}}, {{{0x11, 0x0, 0x0, 'tunl0\x00', 'irlan0\x00', 'syzkaller1\x00', 'veth0\x00', @local, [0x2f54ad779df57443, 0xff, 0xff, 0xff, 0xff, 0xff], @remote, [0xff, 0xff, 0xff, 0xff], 0x70, 0xd0, 0x100}, [@arpreply={'arpreply\x00', 0xc, {{@dev={[], 0x18}, 0xffffffffffffffff}}}, @snat={'snat\x00', 0xc, {{@empty, 0xffffffffffffffff}}}]}, @arpreply={'arpreply\x00', 0xc, {{@empty, 0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x2}, {0x0, '\x00', 0x3, 0xfffffffffffffffe}]}, 0x348) 21:23:42 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=.']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 223.419938] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:23:42 executing program 5: r0 = socket$inet6_dccp(0xa, 0x6, 0x0) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000000)='trusted.overlay.upper\x00', &(0x7f00000000c0)={0x0, 0xfb, 0x2e, 0x4, 0x4, "000600e6d96ec7a3358683eccb91b236", "2f26264677d6a200e6ce8e9ed5c72318fe7b308eb0d7491957"}, 0x2e, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) keyctl$set_timeout(0xf, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1}, 0x10) connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f00009ff000)=ANY=[@ANYBLOB="18000000030000dc00000000000000819500000000000000"], &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48) add_key$user(&(0x7f0000000100)='user\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f00000001c0)="0a7b93a6bff5e1a25ada0ebdb7851051d2ee3057cf3826a7d2cb017d18ccb15f9019cf57c7411467ca29321a4c5d6878a78f86e036e6a1506715ef11a8b5416217a2a1a174df219b7342f16acfa304ba0650e3749f83e4185f07d96ad07eaa3e9c8524e30f42fce27a3dea6eea1bbacc", 0x70, 0xfffffffffffffffd) add_key(&(0x7f00000002c0)='id_resolver\x00', &(0x7f0000000300)={'syz'}, &(0x7f00000003c0)="002ed6f8b7cae7f0167d1782cb5c7648e811297c0a9d35767d1971d121765a725d0e", 0x22, 0xfffffffffffffffc) keyctl$dh_compute(0x17, &(0x7f0000000500), &(0x7f0000000540)=""/217, 0xd9, &(0x7f0000000680)={&(0x7f0000000640)={'sha3-256\x00'}, 0x0, 0xffffff35}) socket$xdp(0x2c, 0x3, 0x0) r3 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f000031aff8)={r1, r2}) ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f0000000040)={r1}) [ 223.465791] overlayfs: unrecognized mount option "lowerdir" or missing value [ 223.503372] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. [ 223.512342] kernel msg: ebtables bug: please report to author: Wrong len argument [ 223.546343] overlayfs: workdir and upperdir must be separate subtrees [ 223.555506] kernel msg: ebtables bug: please report to author: Wrong len argument 21:23:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[], 0x0, 0x2, 0x0) 21:23:43 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,wor']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:43 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:43 executing program 5: r0 = socket$inet6(0xa, 0x6, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) setsockopt$inet_mreqsrc(r0, 0x10d, 0x2, &(0x7f0000013ff4)={@remote, @local, @dev={0xac, 0x14, 0x14, 0x16}}, 0xffd3) dup3(r1, r0, 0x0) 21:23:43 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./fi']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:43 executing program 2: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f0000011000/0x1000)=nil, &(0x7f0000010000/0x2000)=nil, 0x1000}) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x6, 0x101000) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000080)={0x7, 0x80000000}) syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x9, 0x0) 21:23:43 executing program 2: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x521000, 0x0) lseek(r0, 0x0, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000040)={0x0, {0x8, 0x7, 0x1000, 0x9, 0x0, 0x4762}}) write$FUSE_WRITE(r0, &(0x7f0000000000)={0xd, 0x40, 0x7, {0x6}}, 0x18) [ 223.985389] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. [ 224.023488] overlayfs: unrecognized mount option "wor" or missing value 21:23:43 executing program 5: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000600)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000000)=ANY=[@ANYBLOB="b702000008000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b7030000000000006a0a00fe00000000850000001f000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000001c0)={r1, 0x0, 0x22, 0xd7, &(0x7f0000000080)="3c08000000f08b41637c2fee86dd371da6e5ed6ed61583b2f02a7034f4447088bb6b", &(0x7f0000000380)=""/215, 0x7ff}, 0x28) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x8480, 0x0) getresuid(&(0x7f0000000100)=0x0, &(0x7f0000000140), &(0x7f0000000180)) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@ipv4={[], [], @local}, @in=@loopback, 0x4e23, 0x100, 0x4e23, 0x1, 0x2, 0x20, 0x80, 0x2c, 0x0, r3}, {0xf7, 0x8001, 0x2, 0x7, 0x0, 0x4, 0x1, 0x5}, {0xd3ad, 0x9, 0x9, 0x1ff}, 0x2, 0x6e6bb5, 0x0, 0x1, 0x2, 0x3}, {{@in=@multicast2, 0x4d3, 0xff}, 0xa, @in6, 0x34ff, 0x0, 0x0, 0x9, 0x7, 0x2, 0x1}}, 0xe8) [ 224.032086] overlayfs: failed to resolve './fi': -2 21:23:43 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=.']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:43 executing program 2: r0 = inotify_init() perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) flock(r0, 0x2) r1 = epoll_create(0x0) flock(r1, 0x5) 21:23:43 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:43 executing program 4: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x0, 0x0) 21:23:43 executing program 5: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(&(0x7f0000000480)=ANY=[@ANYBLOB="3c1b34d505291d6e2cf80e3d805eb9a1b695ca2c501362ffedd8140dc461002a354a8455b364934475053822a616ca45b4c4afc23fc63521438ede463169d832c6566473e292b39474ed4980927606975fd2c36d95f454b24b786429239c30cdfc45251cbbe83738a71ba10e592ceec82a8be8f37e7ba9a5f271f2293cc64f8cae5d5914682478c2891dd611eb8405ffbdd75fbeddf5297c72977ce8d6c201cf6c", @ANYPTR=&(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES32, @ANYRESDEC], @ANYPTR=&(0x7f0000000040)=ANY=[@ANYRESDEC=0x0, @ANYRES16], @ANYRES32, @ANYPTR=&(0x7f0000000340)=ANY=[@ANYRESDEC, @ANYPTR, @ANYBLOB="4015315c60816ce8299feafad7bcb8a798c29e9c1b374f48601c614a33eca866278a26979a5f69b9d18299d2c687ec3574befa57a963320d442b75db98c30215719b96c4746f45daa52008236e8eb7966c073c973bfee4e24e13e5b420d0a835ac7d1601b6b84f3402ff4688ffe592d7f2bf0b4d87586d1e601cc7c4f7de2fc33a422144df3a51b8ce099e4e11d5c48bb888922ec876a8ee305ffde1d24803e4625ddb5f47eb4fcb22b89bb11c75a2d1b99f9505a262cf6c1dcdda161db693aa53dce58adf188c6716e53fff464de6f4ccef8b51da5851a275d316a9cff4f35a17b43f9144d00b709f967cca"]], &(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4, 0x0) mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)='bpf\x00', 0x20, &(0x7f0000000300)={[{@mode={'mode', 0x3d, 0x100000000000}}]}) [ 224.251829] overlayfs: workdir and upperdir must be separate subtrees [ 224.260946] overlayfs: failed to resolve './file': -2 21:23:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x0, 0x0) 21:23:43 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./fi']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x400, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}}, 0x2, 0x1, 0x6, 0x9, 0x8}, &(0x7f0000000140)=0x98) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000240)={r2, @in={{0x2, 0x4e23}}}, &(0x7f0000000180)=0x84) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000001c0)=@broute={'broute\x00', 0x20, 0x2, 0x1f0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200006c0], 0x0, &(0x7f0000000040), &(0x7f00000006c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000300000000000000000064756d6d79300000000000000000000074756e6c30000000000000000000000067726574617030000000000000000000766574683000000000000000000000000180c2000000000000000000aaaaaaaaaa0000000000000000007000000070000000c00000006c6f670000000000000000000000000000000000000000000000000000000000280000000000000000fb16204da4ed588223c2a464761bff275462a68af4bb7ddd19c01c7574ea0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000069706464703000000000000000000000626f6e645f736c6176655f31000000006970365f76746930000000000000000067726574617030000000000000000000aaaaaaaaaa00000000000000aaaaaaaaaa0000000000000000007000000070000000a0000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000"]}, 0x256) 21:23:43 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:43 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x100008912, &(0x7f0000000100)="025cc80700145f8f764070") socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000500), 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000140)=[@in={0x2, 0x4e21, @rand_addr=0x7112}, @in={0x2, 0x4e24, @broadcast}], 0x20) r2 = socket$inet_tcp(0x2, 0x1, 0x0) socketpair(0x11, 0xb, 0x4, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000640), &(0x7f0000000700)=0x4) ioctl$TUNGETFILTER(r4, 0x801054db, &(0x7f0000000480)=""/113) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000002c0)={0x0, 0x20000000000, 0x401, 0x10001, 0x9, 0x1, 0x1, 0xbaa60000, {0x0, @in={{0x2, 0x4e24, @multicast1}}, 0x401, 0x7ff, 0x2, 0x0, 0xffffffffffff8001}}, &(0x7f0000000380)=0xb0) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f00000003c0)={r5, 0xfffffffffffffff9}, &(0x7f0000000400)=0x8) bind$inet(r2, &(0x7f0000dc9ff0)={0x2, 0x4e20, @rand_addr}, 0x10) r6 = socket$packet(0x11, 0x2, 0x300) write$binfmt_misc(r6, &(0x7f00000014c0)=ANY=[@ANYBLOB="73797a311e0fe0739e26677b474083a98f8f20b3e380307307ba37de72549d132ca2294b586bc0dc2ca8780e8ffa3bc3ff48e6c51a57995cd4866c91133c3a3388e587069c713485cc736919b03a4e123722fdd11663e943bee5e1e8367dca374954b007e737022d16df5a43df0cd43065673a0ecceed23541b85501ddbcd85ea3c06f23659c18994c7e94d2de09024f7e7a128f04b487729bdb2ca624a811fd60e5795fbb947f9266d262ec70be0be0f0fd03f1a927ba5e26a5b7b1cfdb4290edf1e47b65127d68ad90ab68885ecd7ef704d059c298a44d241550bc2864f242b300e241498bbd3fc4f81077e13f1fe656d4cbc3235d2b8d4ad557cde6615069b5b787aaa971030f2f54853dc4fe1afeee151225b0dd69e5b55463ddef09447332bc47ea6b6ec3394089ac1d6fc575a814f4f062e11aa5e6168950662b5a9459037b5be4fbb0fb7d578cea20d9870df1611ae97d63d038f39946a3505c27e3f7ed7b426756d86ef4e5ec61ede50933021b5c69778137c5615404a6191f55487bddc2466bcccc7609f43d14e15884fec1a73c9515bc165e5972fa96413d79fa88001f854b933594f456fbd6ff4ed87813eab92266892b426fbc517e734a6d662216322f1dbf9070a4e4a7a0004b9a7d760a031139de4c60e1aef70412df9900237d51e943938a8294056ee5b99eca25f2ca36c715c3d30c92bebb0d3feaa983dc06f33ce24f9c3a09f06dcbfc6e23947404263a827d7a5d52b311874f77034f98b9654465b598c611768fdef9b9687f10f018eade10654ba76e2e8ad508478d2d4d926a5041e27b07a1a6aafd7ec10a506dbf2013bff178f3427e24dd53b28344e3effb078c4343d61a00c1ea91dfd172870e2e25e8874b76af1dcad342831d5fa545a7c2e34214f109cd1235145b1948c3c48760c266284b9060ce271e93b787a62f423187f19b2bcddb14477c8b8c32aafef09cae7c7853d937e30c7c1910c1689bc1099e8c59584f16945e801e9ecc895041fc0b91c5b25c39a97dbd24f92137792777d5f7e6ad6042c9e21be1e87e9e90e1eef71bfd1e6f31150a61afc886d7449682a94266736421a87efdf68a74da0ae4e50909fb61aea71f9ad7b0b48266e8a29f94fbe20ae25e7a10ad4581469d89be06fe59e5eb27c74b065eacab3311d25a3469cea50fa07fa66b14272de30219558dad6c70c5dcf873915ece2abf07f469ca85c301a847c7bce8dc6eb0725af515abe5f529f82b7dddb1f4d653032fcff89994abc08cff5c3b3998b72c315495a789dd89292a7b5a343d90a9b41cc31ea88311bde380d77a81a8ae2b8519a18faca501bfe43471712c706e5f8379aded6547741d715e3f3b24c915b01c2b1dd213434063eeae5cf530b4b4c89a7c8fcfbb0dc8829bb9ef701a0102bce5a15dcc8fe38d345158a8f784065c1669e99e24db74238c0f5319453064e2dac3b240f9aa1faeebb222c4e394f2ec6418a1a70927a4757aade0094fa86a355427be86772181ecf5dc9102e67059aaad68ff9787cd529181eeea590d80ead1849e7669d8e71d08756064caaebe9115980434d63efba42ae8756033a8f4e1b4f3432fe64277e744e215b4b9cf1633ec2b066ad79f5bca44ac07a0870977971a74e7431c87d108ffdf532ebb8931438126e579c3bee6e86b5890cad02557b2ff9af922dce432677589b126fefc58d55a327068099c9739e94596fe35335cbe503fd20b87db134dcec093207c090e664c330fc170c595f6855555f77b6f2b440fcd115d4017307e73f1cd2b1abe973995ba438cd0a0fe16d4285f1f34bc3e0092e84814e78ec089f19cdfe98afd52ad7df39b2c4d010349ac08440139594114118b30a2f1e80633363b2d0a19b2cc658e2f765f37adeff779d2a33cd4ccc98c3a922c078f7975c56e8e9f5d1c6f17e19a990b76ba005b915f6fe8c485732cbc889f0dde3ebb2405ad264a24085242cb926876aa1788e10ce227ecf71333e0c4796e71a4f396a659242a972f67d310d644c5a7f816764e16d7a5eef3ae61f5466bae0ae793184c9355db1d6dc244b7b6812a5a011746afb72b7632f9edbae434430aa4cb5e1f487c2f133dc17c12e45094a34301da8075a7f98f4c927cb743a71e78646457184e727fae7fd152b0adbceec4ead57ce89a413c5771a5a69b6646641bd4e41c7c4600d5b95dd190602dac601562f5014dd635a662fb1f25afc6685d991eb9fe604444ad9ab7a1f7690ef5ddab07c072adf6ceb6d2f41c7a34b4cf2174d0d42bc6917c2bcb2a4b3358d226a2a47cca2b6bee99517de2b8a34cd3fabc5d4b4b7065200a7d1292ada71a651920a140b4e86660997f5b065373b1bd7820ba27fc21380ace01beb9eede848d8b71e26e092cc0e837da1215f13ce7bde25be23b10d0fe93568c3709b9a16cf30adf70e3e0268fbd777bcb3c5115b7256ba9c55940438e2df499402aebc904eed1604a747b6ab9e98d2836b3c5cbf4aaffc47be75f1a888875864dbe071caefac5cd03f227223d01baca0f784ff7aa62ac57e8e6c7b9ae500fcbed7d70a1ff70c079d583de81b3b530456bb79205ec0100ec3221ead1159aa5f5398277283315139b6d5a8f7e9356ca990292331023ae1dc3ee0948d7a32b6ac083fe0fdb126d4a8a6500a07429dd66a58bea5f087259650eeab86359ecf4df3631676db5f6fa50ed578a994c73aecc13c114cb07e92e76a55144329cee9a97d5ac65200640174ba797195faa103083a0a5fb8dbaa811c81d9de9fe82a18657c67970316053c9577b6659f5112c90f2c675fc8f2cce287ba9ec4e229c4a946b9dc6ef45a45883b8d41f6f70c9259a0f1c86383e1fa9c9683fd1ee681210120eb7c0651a98dccbeec46b73fed5699f5f1a75406c6911f56674d7eb86406fd05696e87c3b93ae60e4d7b1e9fd0d69667b86fde66b2b8633b4cb1da0e2fdc92fe443832d34a4ea3db3212f33fb6a47bc943442ccff2e6cdb348cffd1b1a8cc05d67818d4e4e3bddf9ce1aec3853071e468c13229a4aa4259d2655e491c1cbb29b21f025c7bbf351fba7b71e0bab02f219b4231508c1c7c5e58e90c1188fa91b75b66ca630b3415df0b22ac11b6df93bd5069cac9e055ba1039bf776b45263b8d5c4fcaf12fe68dceb36c99681469713ad7d4a831137e334ecea059f8ddc8d4e00d055822a3a992e8491deaa03788fde413c6a41963f661d1a473fc1b91a9d4f39cced57516c2ac353a4aadda1a29fb48ec20ccb2a10156be26d1007c44fd68c02c97242fe2d85d1bd4d657b81115fde74c21d23992f3b91909a930f12d8b3b5d00bcb0e9af701a5793fe40990b9be757581bf648f8284fe9022e098e4e84f3bc42e1f3c9e8ae2931a9377f27f4eea986d0e5f168cb8e466a3684c8757d348181b0553fa2caa31b03d2a7e93ccacfd2eb6e1ed7946268deb30bec9c5bb2cf4bd517d5c5a979c03290f9c5449c8f1c515b515ef9fe732fe233a2f92bf4e85a0bfd7dd467d9a4f2c2049a9ec018e06f03a132e73929f9a140f3dd9e25fdc1015e5071093c16e70978843bdd3f60ff3c09fd4acf19232a8dd8098d9a611c3d262394b9c02bc51fa40dac783b8d5bc6a2da589342ca6230bed37452d833ab5dbcaf520e6590fe13f5cbae398c2af68d718d5b86a193b45cb101d9c5c02579555caa6985121118ddea7672ee2918a1bb52264b7986f4ee085939829765eda8ac1badf50e198010e1d4f33dad6ea20764b72453d7b8225fb3f9a38fa68123056864bfff1db8622dfb79ef2a42e86dc583e69bfc07ad3cabce50d7d0cef048cb3994ffb62ef24b0b394ca691d43b1f98c5f98cdf0959a1c4d8e69c661cf997f5445c2227d46932dee1310f7e1551bdb1255a3e73bfaffd0b84e64c956af8e8dc349b98b5c13544b5e92ec0fa6e4e7fe0adf022f993a259c9326468d16d48eec85b90f4656415322558406ce32b3aab18fcd0e373fd83890c1adab4466cf0a6d381012f36a75e33fa49be8d87e1ec404815cef78727b797a47c46435064003ff351bfa89b60dec4375eee9a4af6af605c025240bd2f292c750e3ebb1ae6ea45aa4b8f46c31a4ffc0bb1b58e74cc454007d2a7639a16dbcb221237921a0eaeeae605cc7750eafce7053811157766fd39351b664b0c21eff1f420b592f8d472da9bf7ffffffffffffff1be8a86bce0f8a536620eb58d1243a43348835a8bfdeca6e1cb8b5cfc0fca389720118459e9b208be4ede3f20cc5d1fd6d289b4503ddc63ae6a6dceec9fe52c7afa0ea1f3d5335b2ac078707d398c9a61dc8e1cce60baa31b0f9c539ce584bd38964f46196b1e47ee5acec46c45e13a6543a740fdd562f947208ce6148655d2efedddf4ee52d09864284a3621ee1882c9c89b16a2506e90149731f689063cd7faef5cb7f2ea3613e305bbcf36b7a01eec437f827e557cc9e8225e7fa7d5bef4c191ceb345573460b4c26e7da05e5b12cca842ae14c00f19ec481f97200a7dade18dde5cca638a478579227fef17db044b639eada388b778f91c5cfd01f3207cfdf96278121ed1495ee780abd22ada79f45556b3fd1bbb8366f1416fa7152351b1828c5e31662e52e26400b8d87e35c56831691bec6c1a189efa4ed00aa6ff2cd765c52de2d70a34a2081a3e39c05a920188770b810851e6e47abbdb5f91ea403f3c359b60806a36f2a3cd8cf93701c24b925cb115b2ea729da07d3c0aff73cf5d763b989609b0754eeb07b8d114571e1144b724947cd093d22da3a64976296725b5d8320b9a5e697f26c6cb20aea2c00e416c638c71c6cbcce25c021089d9f5a2f311b2362906fc86e6699e57e07670926cd635825fc46c70d7c5c8e3938dffbeb570b0bce8d48066dbb092029984b56255c2e49cce62cf537002d88dcb5b40f335184e08998e879e2d282fefa4ba7160d9ab10d6c66976025343b240c1eb95854d3c9378511c38aded2ae2cd63c754752ab42d4910148ebfb9d90f5896fe89467988ef8bc00f6bcef3ab00ff09c63138209552750080cf409641c5c9c32f0c509c1f23ec89bd9848f33038fda3462d88c286c1994d374c028e00b99cc36fa8f26d16b69ac7cb98b17befae08681f4a91e73a9bc6727d5edfbcb9f458b640d2081ff6bb09d7c80b644a9e20dfd6109b43a3d2a6a2b64d69691b8a63b0a56bdb664d9785deaac9a5268bb6b847f1c44f495a340f87a9125e2d13cc8e14adb3566e6061c48852e83884cb1de7a6fc1657b849dc23112b88e92798c239984f718fa4bf0db5ced2e245d50f4f39802dea479462b79693856366b9fc9cc005ae997c133f9cf0781b272e4860c0f4009be4b83dd7eb5153876af870cd744afd3b01b8e253877e90c357aa07d239c827339b39fce5272c683338f8781be0bcf41f86b42aaa98b7614659dfa6d13223f0a44d1361a7501c3fa80d24899a62e74e10f4f7b01510b837b7a019a01346e937d288c7da5b890312a4d05a92f05bfa44f794e6b067151d72d0a71f66f9eaf3c4a358526a7f2b77b36bbebc761025fdc2ca164fc7794f43271cfd301d3698839ab277b77dc30ead48b92d6755a3c7c1b7cbc121b574e2ca19481e514934ccad926bbbc4ab2595064158f6ca563861576dd0634c0d908be7cd6f94f81fee63f2e83b0f7fc101129a3785aeaf3831116fc36a238d3aa614edbfaa81ea5d138ae4a08c1f3be8f9651f403c77a7f60e39b4879e8b936dae98a83a3807c1c4315f86e471f0640ea538244cf392bb2a1abab79372849e6f05333fc5f6bad715904bd051a43269d85c465fd38922af70265bdf41633b04c312009f4e4e014af41b38cd1755b98a2df3aff7a5b8bfb4b6e3bfa8ee79a3180160f407bfb659139108f79f125e4ae8805e58ffce2de03546fa5b7a14947999650451eed34541c029c7166308f000b94c86a6fe0df3292563e34db3e491d09ede096"], 0x1079) getsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@dev, 0x0}, &(0x7f0000000040)=0x14) write$P9_RSETATTR(r4, &(0x7f0000000440)={0x7, 0x1b, 0x1}, 0x7) socket$packet(0x11, 0x3, 0x300) syz_genetlink_get_family_id$ipvs(&(0x7f0000000580)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r3, &(0x7f00000006c0)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x1000002}, 0xc, &(0x7f0000000680)={&(0x7f0000000740)=ANY=[@ANYBLOB="000028bd7000fedbdf25100000003c000300080001000300000014000600fe80000000000000000000000000001c08000300030000001400020067726530000000000000000000000000140003000800030004000000080007004e2400003000010008000500020000000800010002000000140003007efff80100000000f8000000000000000800060064680000"], 0x1}, 0x1, 0x0, 0x0, 0xc0}, 0x40004) setsockopt$packet_drop_memb(r6, 0x107, 0x2, &(0x7f0000000100)={r7, 0x1, 0x6, @broadcast}, 0x10) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000180)={0x0, 0x10000}, &(0x7f00000001c0)=0x5) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000200)=r8, 0x4) setsockopt$inet_tcp_int(r2, 0x6, 0x2, &(0x7f00000000c0)=0x17f, 0x163) getsockopt$packet_int(r6, 0x107, 0x17, &(0x7f00000005c0), &(0x7f0000000600)=0x4) setsockopt$sock_int(r2, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) sendto$inet(r2, &(0x7f0000000100), 0x0, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10) sendto$inet(r2, &(0x7f0000000100), 0xfe6b, 0x4008000, 0x0, 0xb4) 21:23:43 executing program 4 (fault-call:5 fault-nth:0): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:43 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x0, 0x0) [ 224.432775] kernel msg: ebtables bug: please report to author: Wrong len argument [ 224.444021] overlayfs: failed to resolve './fi': -2 [ 224.462446] kernel msg: ebtables bug: please report to author: Wrong len argument 21:23:44 executing program 2: setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.upper\x00', &(0x7f0000000380)={0x0, 0xfb, 0x1015, 0x2, 0x100, "8df6531208edc768805282b31cff1af5", "f4ee14f579f08ebea02073da363d151195776e90c04b147044f6762b74f1de091c351d546be3d67a79e309d570c02fb98b8c9790550c7dd3d481b08c5a14b9e6349cb7e7927e00dfe1d23b3998c55ae960c101f2daa29ca320b653cca36440080d667008e4c7dd84fd823129d2b992047f8cc0b3813d48766e96dc41ba53389061435519299df20f153b1afdc2b49a5b9de7fd40a12df81ce41eddb75643d542892acb8542539ce45e0cf6260160e4678a4785f7ecebd5c4dae8b24e48119246ca8fddcd291403aed7ef1f3b56463e1280b75bc2498d99d5df62ba1c98916be1e5909cc132f3bdee63d49960487ea84b808ad48b5aafa391e3265ccdbaa5ff090d8cb8de141a6d4cfc24cf48dbe803f74b581cc0a8fe645df8ca6bfa6695c317dfb4430373e5d258a57fc8d834841d9e5adb5c599a44ceeec6e643aa34f521f08df56b7f04d69314d9020c71fd6c4cffbb632b5b162e831069a36ec907c9e039c0c7fd22bb3194e0c9cb2cd7b7c19baa4f30c4f2190aa42a6c78ead1a697904571954551119826f7aa331463fdb7547504ffa946f2a9536133ad2a0ac0e05dace0baaf3a897dad4d949d22945c3b4a6ce5318de5fb93a299f068c284ed6f2fa334c29a085bd8d51a003ac6e16bae6a130c86b0f3cb316d1260d29a783232b77e302548910f93810dc2e7afb07282c08af49a7207a655df6e0051e3185d3601394e9e6e82a13032fe893d48e25c4bf82f967397258759d94b8d9d4551751068518ce96d3ba0fa07b56f4d49d84414951c11179a8d0aac3cad8a077430d3f3f62afdb9f122e4002a16a484b2bc93c1eb740296e233e7852816c8f60127677a4840eecf59a44ba5ec2331dc7da5071dda75b02f57bd6ecfa2d9d740f7a1c896cab8e06d8530d6f0851e0e764e5b92d5511bd109259a5d8f6bfb785abf6f77b79e8812bce73cc5f28935346ee7c2d01acabe6ee2ad89dc2621cd03e869c6f89c4358d3563a71acd918a01b2292943d8073af2ff5761b46a44f44b1dd7b8034a43ecb5661a0d991be40834e7bcf5d2dcd8e55662d65e9be07b0662ca09f06f448c44ab4bf20b55a42393d7af678e579429d8c81d4965b6e76f50ce73b8b90f3ef91c3bf7341c0398a08b13aadd89b97b422e908e8abb6c939cfe7182a6ae26aaff57aacaed9cc81c89a9f812368bdae7b3f76b5d1454cd287910e3d00516c6192cbf901bb74f74d54d1253a973edc0f6b7194990a9001a2b002e5ee9cd7e33aca35b92af332cba2402847589f182b26e53524933cc61f75a5df4c0451208350b3c6df103c882971f1a345fd85ccbcdbc3b659ec3d17fe6a4903f2d8a338ee8cb0548b856b0569bb7006eb9930bf2188944792889848547c5104851806f4382bcec5e544744687b36c9cfa77c6407937891943cb00a89383e51f74317886903e8b796f101568ee676b5545034e34fb413eb5aa7c41a41b49fcdc2aa63c7b6554a8e5d14f1bdcf2344491f546ad1cf73e5e029d496f670cf1a79d6883d5260bce4f32520e517aba4a4a4792cfc7dadc652b39ea141fb57f2260379bf0643cc5f3b0b58d152354e67d04861a4b85e3aeb85ac2616c98e0fb5027a05fc27fe8b3ec78bcfe7d074631fbaa65723338751bf8cfe746d1c4813d77dfeeb24fcdcfeb1f1c1032de855fab1fa0bc84d1b60eb3453b28c975f37070af99076b3bffac34362404a42945e263a3576c35cf5548400c662604badc2873395e4add2b90d287b8524c27000dc81f45016f12fb6761860e7ce997ef690fa3161f6715553635b831d6112c00b23c6e860c1a54e2183b56ab0849e851be9f44148939582d6d152d9784978900b7b251f5619cf84d38d0b9e6c85714c6c5372396838842d3c22d519b7d2a59ffea49f8ca322aebe4533353d85da59880743b39c2fbb073326ecece252975eda934d40fc25c9db192684ab507903c3761ab7fc25d72106d56d715d79d491d81d5ad581a8659d9db0c9a1b80680f61c5e628bd0f6acb917d9c9d1adfcaee4994f5aa900206127f6fd6b88b7e675e92c50424d23132b1aef9852323704610352985eaeabdc581be410379dbbc9fa7b89eafb9478413a63c5bd2a739820b412050f8eda8cbb461a6a27d44bbf86ced77e064c72d3dc4254e73641ceab13ad55cfad477938095ba65659a21f2117ce72ffe6918b0a7b789fff2f71b07c707ff93cf5357275bb51b74d289ec8e9dc1df172021490b2ea2f9e7b5fe4171fc87acae9b880c4ceb90337dff08133c64dbb5c1f55aa87dccddeaa65c636ae371df52ccb6aee862a2a51740b4c267690f0ddad4f12e4e501e0c9e8643ed0dce9f5ded628c523e9db306ee68571a73ce5435a0e766f13cba4ac123c15cb032a5ead09a626f1760e2085ab25d6045767a7f0b04d85eb4aa2ab2623dad6fd4127e7e2e1deba7e9580b4f35b8ccfa7e68d1dbca0972a2c265e63be565e081c1eb2dc8345ba535a5f5ea432f7918709447c23152f388f114792a1faba214f6704d30da147d205665c3724cde80a91f2a72d02fed629fd1ed44e842199c25a06447562935808c58434b7b54fe24bfcf483f5c132e2d034eac7cca60bafff9a0635b7447f00e07172eea685130120ce31c5fc8807970439d0597b0630bf748d2353ecb6d3aece1c1a8971603d9f83e89759fc08e79293a1e744e2d772cde706d21d8950194a564d4a9e19f4580a996d47cbec6b568b40129518a6233378e313b1947c569d25ff9e7513a35857cec0fa6b0e3867e477533e3e35299a5030b2590cf13459fa980f1819389baec0e00ee40d81ec8860f6b544d52681b68c1462622d1943f6f25e78a48501a7f6d94be40ed1cdc6c95d895218c5e6304550ec0f6b40daf278d209c877d9ca47c31322a11ebaefbcc9839a742257a37f5a5fe8c792e424ee21740228c24bcd802adc3d8dd291a3f04f5d1ee1f3b128bd08ffa3a7f917681c267544e7dfc3b54477fc160a177e41f54e13468ee6bde5b282d767e8670ff07110255d56b17159817451d705de3f4284f47546aeb4bd9593ece8dd9ea35a47c66c88d0df88d759ba9e293a0b1f95ab07557e0abc5861eb410423f675e9515edbb4e6116508a359e76f267b48d3a4e55aca01f9355538fcf07136f22487210935565d0132ce1cb46f53ebc43bfe8f83823537a7e7220d0e4a7c68b9544dc4da7bd257372f7a78cef1c2157299d4096a0e975100d4e7b850a654190561bf11fc2c73c303a0538ed416b5f076c213c2b872f3291f9fb3b27c757df6ee09ae6fd2c7afab5254f2b7e85872b5eca87f897142aac20b3c44e89a213e713a45a9e15480839517724c531fcceff0812ab13d939b3155adc4091756574f221d65712c415fa685e55be542f50a806ad209eb1e3d036fe65f4a7585cfddb31e14211c12b4a5185c8e1c32f9755ad3cf24ca83275008f95f5915ba50a40fc64e18c411455cef76665e8c3f370860640544b4a7af4de6d34bfa4b45521e60181eaaf87c3781ac2e68d0054fdeaa6d2e00baeabbd12d122cf8f0b31a030f8be211d2db1e1c08d3ab7f8de521b01702a276f2269c09b145c25da749b4932ee2353b08864b7875c0abbd409f49fb6ba8fe12d9ffccbd5a6400fb2631de98b87e66e6a2dfdf04f7027d8b3837b8fc5e1b366e05d207304c6b38a660a72a19499ee487284ed598dd7844f94abfb1568090fa8a65491767b81dee0cf720382283651ddc0ffc7b8c200c6d3b1e25add36f296a61d33c1050d90ad3310a07a398c25f6a693274fe0ffc6e77721f11863305eab9f0abf6c2b012f3f2373e81dd5ba67e5a77771de1fb43868e4e3728d96f952bfbec482032533a9b02cce5454a24f99b47dbfdbbc4a8105e1c3092abbcaee392c1ef147937bebc8621751784b2e56287460baf6e4503a7999b0dc8899a73cdadb51c2ce270c9136e41b63bd6470d012b2698fcdb77fae5662bd3c2afed1e7a8e18a083dc2b30d33fc294e2a5d846ebdceff0376120c5f2a0c1123de45e92f80c6a3b22915f52972c3a15626a34b736ca83ffc243a6e1ac2eb26fc5eb2ff91b0bb45720fc484f9764c945de227801fcd4aa0fec145b13843be0e1bd4abf1c49395584ae23bf240f13358ccac1e81a48ed10586b719bf32888b63585fccf8be135054711a20e7f52972082ae63fa2064446be44645d81740a68919a98ad4ed18967eeba2285b758674dc2c1230403fc6d45e0941b95c83b2d120e818da984f2f79f629d5d8c9f1ab80446b8b18218c8c96b0e610308bfc63d4d2af915a7e283036566ad62295a51c90e8e41372da3e7383ebcdd03e27cda899c4a0326b1d5f7d75207b5d948ab5e1c8a2162f18020b8e829cb3a8f013bcdd01a8a29a327482a419edaadaf3424dd81fa9b1c557f76e2eea2e3d0630ad583642abc80a942a5bb9d94176166e5d58277e8c69b98a7e4eeb5036bced7c74be00331219e5281dd3bafaf7740fa8c1b577952717239be3678aa02ff8548d38b6368cae7dc473be36358f5b162a72a1e85e512f26dcb016092ac5cc2d85e74adbe797907b425fba8ab16ecec12d5dad90252ea37049e1ad584236727ed81db48b81f3bffa41b003bf5931462135521a359e86122affcc635a9e99e3389ed3d8b65022f2537d115b376736975cdcd2e0aee0660c11216ea624a69abdcd88c81dd92b9aef101cfce26f5a6f7033fe12916268bb56b9e57c8006eac5411e27124cab13fe0944c1ebc6e5ae4071b12ce0bec032fe86c0275d17d719ea258d091006e9e7731d623b5fcbb50bd3f64b1f86f9c0b687f8d79e51a13b76e0723e518e5942ce53524f09a698f8ccf400ca9908ad57fdc2d804bfcd6f09b09aeb3ee5307eb46648a7550b823eeb73e4eb4299b3dfcfe270a210e7f93af4f0c97f2d59c1545e0710c0f501fca92104df2ced29de26e240a0dd7e9dba61a76f6b7eaad5887131cc160060caf8fde691a7cb10a29741c39ec7707abc39da5cac6999a192d14542be44cb9817bf48549fa3d0f4eaad432b5d80b590b77731bf8bd32adda2b4ea2145797fa59c064bcebb25766fe5d43da44e07c6f1506d3cb943a878b1fd4a96444399937f848dbbbf70e0ef26f6e113f83b5859846ce368438c6f2681e1b8dd129515ae181aa585581d6054fbafaeb5138ac06730e5158e3f48e7a1c6794754a25a8b282b42aba12ea0a75bcfd2ec443b0b607971671bb2178b69a7b9baacc58a6996656247245003239e45c622278e56d4000a6cacf2e05dc59211f183470c16028e38acb51254e4de423f858bb7298bcc837a7a7f804b84814b8c0a59ae9c272552cac296bb8e1ca256ef8e53a74df8c6e32d340cae607896c1901f9ddb4d78404d4534fe7a601fdbf78fb41434b99393ed7b98482db8632a5bd166ec25792ac2edfbf7f071f1f32e4a94583b40451f4ff8f9b987496e9df52d944e8d9a5fbf980df218a1642c85fa89c9be04077024da55c4833be7d85a4964297dfacfa7741b2dbbd695b82adf8a13cbf354d267cd88a136df76b0ca3be2cb3dddb3cd77e0ae69d0843dd784e8aeb92b9fd90aa9cd5db1351da7d2b29be3f1c582d21f87583904b53b5d2df15057fd2ad4aa797d0888e0569ccf5f0b69fd491b4ee6290165c9f17245cc78b7ec31bbdd31787d07c29e0b65c6fe565ddbc540709103e4f9e7ef1ed284111889087892162513070689f9fd678a8ff5b54eb78d85c4bed26ba4316e4838b63b99e45d821439c37d9b2fe8e26e2d3e297f60d94b14d9857882b0a464e27d94f15ec"}, 0x1015, 0x3) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1) open$dir(&(0x7f0000001400)='./file0/file0\x00', 0xa0042, 0x0) r0 = open$dir(&(0x7f0000000340)='./file0\x00', 0x4000, 0x0) openat(r0, &(0x7f00000013c0)='./file0/file0\x00', 0x484c40, 0x100) truncate(&(0x7f0000000000)='./file0\x00', 0x400) finit_module(r0, &(0x7f0000000180)='system\x00', 0xffffffffffffffff) pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0/file0\x00') r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x280000, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000200)=@sack_info={0x0, 0x335, 0x8}, &(0x7f0000000240)=0xc) ioctl$EVIOCGSND(r1, 0x8040451a, &(0x7f0000000300)=""/63) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000280)={r2, 0x55d, 0x30}, &(0x7f00000002c0)=0xc) [ 224.508651] FAULT_INJECTION: forcing a failure. [ 224.508651] name failslab, interval 1, probability 0, space 0, times 1 [ 224.557361] CPU: 1 PID: 8257 Comm: syz-executor4 Not tainted 4.19.0-rc6-next-20181003+ #86 [ 224.565828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.565834] Call Trace: [ 224.565864] dump_stack+0x1d3/0x2c4 [ 224.565883] ? dump_stack_print_info.cold.2+0x52/0x52 [ 224.565903] ? check_same_owner+0x330/0x330 [ 224.565924] should_fail.cold.4+0xa/0x17 [ 224.565945] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 224.565959] ? get_pid_task+0xd6/0x1a0 21:23:44 executing program 0 (fault-call:3 fault-nth:0): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) [ 224.565983] ? lock_downgrade+0x900/0x900 [ 224.606326] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 224.606350] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 224.621052] ? pid_task+0x115/0x200 [ 224.624710] ? find_vpid+0xf0/0xf0 [ 224.628285] ? __f_unlock_pos+0x19/0x20 [ 224.632292] ? lock_downgrade+0x900/0x900 [ 224.636467] ? fs_reclaim_acquire+0x20/0x20 [ 224.640811] ? lock_downgrade+0x900/0x900 [ 224.644978] ? check_same_owner+0x330/0x330 [ 224.649323] ? __mutex_unlock_slowpath+0x197/0x8c0 21:23:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) [ 224.654295] __should_failslab+0x124/0x180 [ 224.658552] should_failslab+0x9/0x14 [ 224.662370] kmem_cache_alloc+0x2be/0x730 [ 224.666558] ? __fsnotify_parent+0xcc/0x420 [ 224.670916] ? fsnotify+0xf10/0xf10 [ 224.674561] getname_flags+0xd0/0x590 [ 224.678381] user_path_at_empty+0x2d/0x50 [ 224.682555] path_setxattr+0xd6/0x230 [ 224.686373] ? setxattr+0x450/0x450 [ 224.690031] ? trace_hardirqs_on+0xbd/0x310 [ 224.694375] ? __ia32_sys_read+0xb0/0xb0 [ 224.698460] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 21:23:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x20000109, 0x2, 0x0) 21:23:44 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) bind$inet(r0, &(0x7f0000134000)={0x2, 0x4e23, @broadcast}, 0x10) connect$inet(r0, &(0x7f00000e5000)={0x2, 0x4e23, @loopback}, 0x10) [ 224.703849] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 224.710204] __x64_sys_setxattr+0xc4/0x150 [ 224.714458] do_syscall_64+0x1b9/0x820 [ 224.718364] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 224.723756] ? syscall_return_slowpath+0x5e0/0x5e0 [ 224.728704] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 224.733565] ? trace_hardirqs_on_caller+0x310/0x310 [ 224.738616] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 224.743659] ? prepare_exit_to_usermode+0x291/0x3b0 [ 224.748710] ? trace_hardirqs_off_thunk+0x1a/0x1c 21:23:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0xffffff1f, 0x2, 0x0) [ 224.753582] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 224.758790] RIP: 0033:0x457579 [ 224.762005] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 224.780949] RSP: 002b:00007f6fa503bc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 224.788690] RAX: ffffffffffffffda RBX: 00007f6fa503bc90 RCX: 0000000000457579 [ 224.795981] RDX: 00000000200006c0 RSI: 0000000020000680 RDI: 0000000020000640 21:23:44 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:44 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0xffff, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r1 = gettid() prctl$setptracer(0x59616d61, r1) r2 = getpid() r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x400000, 0x0) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) write(r5, &(0x7f00000001c0), 0xfffffef3) ioctl$DRM_IOCTL_ADD_CTX(r5, 0xc0086420, &(0x7f0000000140)={0x0}) ioctl$DRM_IOCTL_RM_CTX(r3, 0xc0086421, &(0x7f0000000180)={r6, 0x3}) ptrace(0x4206, r2) [ 224.803272] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 224.810551] R10: 0000000000000014 R11: 0000000000000246 R12: 00007f6fa503c6d4 [ 224.810559] R13: 00000000004bddd0 R14: 00000000004d7140 R15: 0000000000000004 21:23:44 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 224.857380] overlayfs: failed to resolve './file': -2 21:23:44 executing program 5: ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f00000000c0)=0x0) ptrace(0x11, r0) socket(0x8, 0x6, 0x7) socket$inet6(0xa, 0x802, 0x9) add_key(&(0x7f0000482ff6)='blacklist\x00', &(0x7f0000e25ffb), &(0x7f0000d26f49), 0x0, 0xfffffffffffffffe) getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)) keyctl$set_reqkey_keyring(0xe, 0x2) socket$inet6_tcp(0xa, 0x1, 0x0) mount(&(0x7f0000000240)=ANY=[@ANYBLOB="2fff65762f73b1d064765af8b0517420a38ef62e21673000"], &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='nfs4\x00', 0x800, &(0x7f0000000180)='blacklist\x00') r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000200)=0x3) 21:23:44 executing program 4 (fault-call:5 fault-nth:1): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:44 executing program 3 (fault-call:6 fault-nth:0): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:44 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x5, 0x0) [ 225.040756] FAULT_INJECTION: forcing a failure. [ 225.040756] name failslab, interval 1, probability 0, space 0, times 0 [ 225.057588] FAULT_INJECTION: forcing a failure. [ 225.057588] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 225.069453] CPU: 1 PID: 8319 Comm: syz-executor4 Not tainted 4.19.0-rc6-next-20181003+ #86 [ 225.078059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.087527] Call Trace: [ 225.090140] dump_stack+0x1d3/0x2c4 [ 225.093796] ? dump_stack_print_info.cold.2+0x52/0x52 [ 225.099008] ? mark_held_locks+0x130/0x130 [ 225.103277] should_fail.cold.4+0xa/0x17 [ 225.107362] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 225.112667] ? shrink_dcache_sb+0x350/0x350 [ 225.117036] ? mark_held_locks+0x130/0x130 [ 225.121294] ? lock_release+0x970/0x970 [ 225.125303] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 225.130865] ? _parse_integer+0x134/0x180 [ 225.135042] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 225.140598] ? _kstrtoull+0x188/0x250 [ 225.144428] ? _parse_integer+0x180/0x180 [ 225.148600] ? lock_release+0x970/0x970 [ 225.152591] ? check_same_owner+0x330/0x330 [ 225.156942] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 225.162497] ? should_fail+0x22d/0xd01 [ 225.166421] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 225.171548] __alloc_pages_nodemask+0x34b/0xdd0 [ 225.176242] ? __alloc_pages_slowpath+0x2de0/0x2de0 [ 225.181277] ? pid_task+0x115/0x200 [ 225.184945] ? find_vpid+0xf0/0xf0 [ 225.188506] ? __f_unlock_pos+0x19/0x20 [ 225.192508] ? fs_reclaim_acquire+0x20/0x20 [ 225.196847] ? lock_downgrade+0x900/0x900 [ 225.201031] ? trace_hardirqs_off+0xb8/0x310 [ 225.205467] cache_grow_begin+0x91/0x8c0 [ 225.209544] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 225.215117] ? check_preemption_disabled+0x48/0x200 [ 225.220174] kmem_cache_alloc+0x665/0x730 [ 225.224339] ? __fsnotify_parent+0xcc/0x420 [ 225.228684] getname_flags+0xd0/0x590 [ 225.232524] user_path_at_empty+0x2d/0x50 [ 225.236687] path_setxattr+0xd6/0x230 [ 225.240510] ? setxattr+0x450/0x450 [ 225.244146] ? trace_hardirqs_on+0xbd/0x310 [ 225.248481] ? __ia32_sys_read+0xb0/0xb0 [ 225.252569] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 225.257958] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 225.263443] __x64_sys_setxattr+0xc4/0x150 [ 225.267699] do_syscall_64+0x1b9/0x820 [ 225.271601] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 225.276997] ? syscall_return_slowpath+0x5e0/0x5e0 [ 225.281948] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 225.286810] ? trace_hardirqs_on_caller+0x310/0x310 [ 225.291845] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 225.296879] ? prepare_exit_to_usermode+0x291/0x3b0 [ 225.301915] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 225.306777] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 225.311975] RIP: 0033:0x457579 [ 225.315174] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 225.334082] RSP: 002b:00007f6fa503bc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 225.341803] RAX: ffffffffffffffda RBX: 00007f6fa503bc90 RCX: 0000000000457579 [ 225.349081] RDX: 00000000200006c0 RSI: 0000000020000680 RDI: 0000000020000640 [ 225.356378] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 225.363664] R10: 0000000000000014 R11: 0000000000000246 R12: 00007f6fa503c6d4 [ 225.370942] R13: 00000000004bddd0 R14: 00000000004d7140 R15: 0000000000000004 [ 225.378259] CPU: 0 PID: 8318 Comm: syz-executor3 Not tainted 4.19.0-rc6-next-20181003+ #86 21:23:44 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:44 executing program 5: r0 = open(&(0x7f0000000400)='./bus\x00', 0x98000, 0x1) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x5a, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_ifreq(r1, 0x895b, &(0x7f0000000380)={'yam0\x00', @ifru_settings={0x9, 0x4, @fr=&(0x7f0000000340)={0xe1, 0x5, 0x3, 0xfffffffffffffffd, 0xffffffffffffffff, 0x726fa330, 0x9}}}) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0xfffffeb3) lseek(r3, 0x200000000, 0x3) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./bus\x00', &(0x7f0000000140)='trusted.overlay.upper\x00', &(0x7f0000000180)={0x0, 0xfb, 0x24, 0x1, 0x8, "41032fb6fc10b6559849e784e449ca51", "3253ef1ea4fcfdc4142c0fabe0438b"}, 0x24, 0x1) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f0000000440)=ANY=[@ANYRES32=0x0, @ANYBLOB="78000000952a0f118508db2d1ac7339fd3a8f51536fcd27337254352f68dc3c575490d68988521f87dc314595db48d168b9ea7b72200251a62dc10e63cca5ea7c37a53c348536c4d0db3455829f3cbce5864d8b6f21a139170459f0080000050b020a284e2614398541942af8cd058cca4efb677e90ee75afeb7764c26"], &(0x7f0000000040)=0x80) setsockopt$inet_sctp_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000300)={r4, 0xfffffffffffffffc, 0x34, 0x6}, 0x10) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f00000001c0)=0xffffffffffffff5d, 0x4) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f00000003c0)={0x1}) lsetxattr$security_evm(&(0x7f0000000240)='./bus\x00', &(0x7f0000000080)='security.evm\x00', &(0x7f0000000100)=@md5={0x1, "de2e36987ebd602e40b31e67e7a89a2a"}, 0xfffffffffffffff6, 0x3) [ 225.386689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.396081] Call Trace: [ 225.398689] dump_stack+0x1d3/0x2c4 [ 225.402373] ? dump_stack_print_info.cold.2+0x52/0x52 [ 225.407617] should_fail.cold.4+0xa/0x17 [ 225.411697] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 225.416820] ? _parse_integer+0x180/0x180 [ 225.420986] ? lock_release+0x970/0x970 [ 225.424982] ? usercopy_warn+0x110/0x110 [ 225.429070] ? get_pid_task+0xd6/0x1a0 [ 225.429090] ? lock_downgrade+0x900/0x900 [ 225.429113] ? fs_reclaim_acquire+0x20/0x20 21:23:44 executing program 4 (fault-call:5 fault-nth:2): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 225.437178] ? lock_downgrade+0x900/0x900 [ 225.437196] ? check_same_owner+0x330/0x330 [ 225.437208] ? lock_downgrade+0x900/0x900 [ 225.437225] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 225.437245] __should_failslab+0x124/0x180 [ 225.437270] should_failslab+0x9/0x14 [ 225.467850] kmem_cache_alloc+0x2be/0x730 [ 225.472028] ? kasan_check_write+0x14/0x20 [ 225.476291] getname_flags+0xd0/0x590 [ 225.480134] user_path_at_empty+0x2d/0x50 [ 225.484367] vfs_statx+0x129/0x210 [ 225.487953] ? vfs_statx_fd+0xc0/0xc0 [ 225.491797] __do_sys_newlstat+0x8f/0x110 [ 225.495974] ? __do_sys_newstat+0x110/0x110 [ 225.500328] ? fput+0x130/0x1a0 [ 225.503660] ? ksys_write+0x1ae/0x260 [ 225.507533] ? trace_hardirqs_on+0xbd/0x310 [ 225.511894] ? __ia32_sys_read+0xb0/0xb0 [ 225.515982] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 225.521416] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 225.527078] __x64_sys_newlstat+0x54/0x80 [ 225.531257] do_syscall_64+0x1b9/0x820 [ 225.535169] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 225.540565] ? syscall_return_slowpath+0x5e0/0x5e0 [ 225.545517] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 225.550392] ? trace_hardirqs_on_caller+0x310/0x310 [ 225.555448] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 225.560489] ? prepare_exit_to_usermode+0x291/0x3b0 [ 225.565550] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 225.570429] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 225.575632] RIP: 0033:0x457579 [ 225.578838] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 225.597757] RSP: 002b:00007f10c217bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 225.605533] RAX: ffffffffffffffda RBX: 00007f10c217bc90 RCX: 0000000000457579 [ 225.612832] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000020000480 [ 225.620147] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 225.627443] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f10c217c6d4 [ 225.634829] R13: 00000000004c27ae R14: 00000000004d3a38 R15: 0000000000000004 21:23:45 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$reiserfs(&(0x7f0000000140)='reiserfs\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200000000000000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000000080)) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'team0\x00', 0x4000}) 21:23:45 executing program 3 (fault-call:6 fault-nth:1): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:45 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x3, 0x0) [ 225.835897] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal 21:23:45 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 225.886148] FAULT_INJECTION: forcing a failure. [ 225.886148] name failslab, interval 1, probability 0, space 0, times 0 [ 225.944650] REISERFS warning (device loop2): reiserfs_fill_super: Filesystem cannot be mounted because it is bigger than the device [ 225.980269] CPU: 1 PID: 8367 Comm: syz-executor4 Not tainted 4.19.0-rc6-next-20181003+ #86 [ 225.988742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.998109] Call Trace: [ 226.001516] dump_stack+0x1d3/0x2c4 [ 226.004672] REISERFS warning (device loop2): reiserfs_fill_super: You may need to run fsck or increase size of your LVM partition [ 226.005173] ? dump_stack_print_info.cold.2+0x52/0x52 [ 226.022251] ? kasan_check_read+0x11/0x20 [ 226.027120] ? __zone_watermark_ok+0x330/0x7b0 [ 226.031733] should_fail.cold.4+0xa/0x17 [ 226.032603] REISERFS warning (device loop2): reiserfs_fill_super: Or may be you forgot to reboot after fdisk when it told you to [ 226.035815] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 226.035831] ? lock_release+0x970/0x970 [ 226.035851] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 226.035873] ? trace_hardirqs_on+0x310/0x310 [ 226.052777] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 226.052793] ? get_page_from_freelist+0x488b/0x5340 [ 226.052815] ? mark_held_locks+0x130/0x130 [ 226.083073] ? fs_reclaim_acquire+0x20/0x20 [ 226.087432] ? lock_downgrade+0x900/0x900 [ 226.091609] ? check_same_owner+0x330/0x330 [ 226.096127] ? __isolate_free_page+0x610/0x610 [ 226.100729] __should_failslab+0x124/0x180 [ 226.105244] should_failslab+0x9/0x14 [ 226.109060] kmem_cache_alloc+0x2be/0x730 [ 226.113243] __d_alloc+0xc8/0xb90 [ 226.116771] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 226.121804] ? trace_hardirqs_on+0xbd/0x310 [ 226.126141] ? ima_match_policy+0x848/0x1560 [ 226.130582] ? lock_downgrade+0x900/0x900 [ 226.134759] ? do_raw_spin_lock+0xc1/0x200 [ 226.139026] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 226.143987] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 226.149117] ? __wake_up_common+0x7d0/0x7d0 [ 226.153465] d_alloc+0x96/0x380 [ 226.157031] ? mark_held_locks+0x130/0x130 [ 226.161824] ? __d_alloc+0xb90/0xb90 [ 226.165567] ? mark_held_locks+0x130/0x130 [ 226.169860] d_alloc_parallel+0x15a/0x1f40 [ 226.174122] ? mark_held_locks+0x130/0x130 [ 226.178379] ? mark_held_locks+0x130/0x130 [ 226.182654] ? up_write+0x7b/0x220 [ 226.186212] ? __d_lookup_rcu+0xaa0/0xaa0 [ 226.190378] ? mark_held_locks+0x130/0x130 [ 226.194641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 226.200195] ? process_measurement+0x280/0x1bf0 [ 226.204890] ? mark_held_locks+0x130/0x130 [ 226.209277] ? ima_add_template_entry.cold.4+0x3c/0x3c [ 226.214838] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 226.220434] ? lockref_get_not_dead+0x70/0x90 [ 226.224932] ? __lockdep_init_map+0x105/0x590 [ 226.229437] ? __lockdep_init_map+0x105/0x590 [ 226.233933] ? lockdep_init_map+0x9/0x10 [ 226.238008] ? __init_waitqueue_head+0x9e/0x150 [ 226.242691] ? init_wait_entry+0x1c0/0x1c0 [ 226.246932] ? lock_acquire+0x1ed/0x520 [ 226.250904] __lookup_slow+0x1e6/0x540 [ 226.254790] ? vfs_unlink+0x510/0x510 [ 226.258588] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 226.263642] ? __follow_mount_rcu.isra.33.part.34+0x890/0x890 [ 226.269529] lookup_slow+0x57/0x80 [ 226.273099] walk_component+0x92b/0x25b0 [ 226.277430] ? inode_permission+0xb2/0x560 [ 226.281841] ? path_init+0x1ed0/0x1ed0 [ 226.285730] ? walk_component+0x25b0/0x25b0 [ 226.290833] ? save_stack+0xa9/0xd0 [ 226.294466] ? kasan_slab_alloc+0x12/0x20 [ 226.298619] ? kmem_cache_alloc+0x12e/0x730 [ 226.302933] ? getname_flags+0xd0/0x590 [ 226.306910] ? user_path_at_empty+0x2d/0x50 [ 226.311488] path_lookupat.isra.43+0x212/0xc00 [ 226.316070] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 226.321259] ? path_parentat.isra.41+0x160/0x160 [ 226.326014] ? usercopy_warn+0x110/0x110 [ 226.330078] ? kasan_check_read+0x11/0x20 [ 226.334740] ? do_raw_spin_unlock+0xa7/0x2f0 [ 226.339142] filename_lookup+0x26a/0x520 [ 226.343218] ? nd_jump_link+0x1d0/0x1d0 [ 226.347182] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 226.352989] ? digsig_verify+0x1530/0x1530 [ 226.357215] ? kmem_cache_alloc+0x306/0x730 [ 226.361538] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 226.367071] ? getname_flags+0x26e/0x590 [ 226.371144] user_path_at_empty+0x40/0x50 [ 226.376366] path_setxattr+0xd6/0x230 [ 226.381162] ? setxattr+0x450/0x450 [ 226.384825] ? trace_hardirqs_on+0xbd/0x310 [ 226.389186] ? __ia32_sys_read+0xb0/0xb0 [ 226.393266] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 226.398637] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 226.404097] __x64_sys_setxattr+0xc4/0x150 [ 226.408360] do_syscall_64+0x1b9/0x820 [ 226.412511] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 226.417903] ? syscall_return_slowpath+0x5e0/0x5e0 [ 226.423430] ? trace_hardirqs_on_caller+0x310/0x310 [ 226.428490] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 226.433513] ? recalc_sigpending_tsk+0x180/0x180 [ 226.438293] ? kasan_check_write+0x14/0x20 [ 226.442788] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 226.447634] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 226.452909] RIP: 0033:0x457579 [ 226.456097] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 226.476044] RSP: 002b:00007f6fa501ac78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 226.483770] RAX: ffffffffffffffda RBX: 00007f6fa501ac90 RCX: 0000000000457579 21:23:46 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) 21:23:46 executing program 4 (fault-call:5 fault-nth:3): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 226.491040] RDX: 00000000200006c0 RSI: 0000000020000680 RDI: 0000000020000640 [ 226.498827] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 226.506115] R10: 0000000000000014 R11: 0000000000000246 R12: 00007f6fa501b6d4 [ 226.513665] R13: 00000000004bddd0 R14: 00000000004d7140 R15: 0000000000000006 [ 226.610304] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 226.637666] REISERFS warning (device loop2): reiserfs_fill_super: Filesystem cannot be mounted because it is bigger than the device [ 226.689388] REISERFS warning (device loop2): reiserfs_fill_super: You may need to run fsck or increase size of your LVM partition 21:23:46 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0}) 21:23:46 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 226.750568] FAULT_INJECTION: forcing a failure. [ 226.750568] name failslab, interval 1, probability 0, space 0, times 0 [ 226.762577] REISERFS warning (device loop2): reiserfs_fill_super: Or may be you forgot to reboot after fdisk when it told you to [ 226.781549] CPU: 1 PID: 8390 Comm: syz-executor4 Not tainted 4.19.0-rc6-next-20181003+ #86 [ 226.790527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.799921] Call Trace: [ 226.802543] dump_stack+0x1d3/0x2c4 [ 226.806214] ? dump_stack_print_info.cold.2+0x52/0x52 [ 226.811441] ? _raw_spin_unlock+0x2c/0x50 [ 226.816243] should_fail.cold.4+0xa/0x17 [ 226.820765] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 226.826766] ? dput.part.25+0x4dd/0x790 [ 226.830802] ? lock_downgrade+0x900/0x900 [ 226.834999] ? do_raw_spin_unlock+0xa7/0x2f0 [ 226.839450] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 226.844081] ? _raw_spin_unlock+0x2c/0x50 [ 226.848262] ? fs_reclaim_acquire+0x20/0x20 [ 226.853240] ? lock_downgrade+0x900/0x900 [ 226.857526] ? check_same_owner+0x330/0x330 [ 226.861873] ? ovl_lookup_single+0xd0/0x870 [ 226.866207] ? mark_held_locks+0x130/0x130 [ 226.871011] __should_failslab+0x124/0x180 [ 226.876113] should_failslab+0x9/0x14 [ 226.880304] __kmalloc+0x2d4/0x760 [ 226.883862] ? ovl_lookup_single+0x870/0x870 [ 226.889244] ? ovl_path_real+0x400/0x400 [ 226.894117] ? ovl_lookup+0x1178/0x29c0 [ 226.898116] ovl_lookup+0x1178/0x29c0 [ 226.901947] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 226.907502] ? process_measurement+0x280/0x1bf0 [ 226.912203] ? ovl_path_next+0x2e0/0x2e0 [ 226.916553] ? ima_add_template_entry.cold.4+0x3c/0x3c [ 226.921861] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 226.927437] ? lockref_get_not_dead+0x70/0x90 [ 226.932216] ? __lockdep_init_map+0x105/0x590 [ 226.936736] ? lockdep_init_map+0x9/0x10 [ 226.940820] ? __init_waitqueue_head+0x9e/0x150 [ 226.945506] ? init_wait_entry+0x1c0/0x1c0 [ 226.949951] ? lock_acquire+0x1ed/0x520 [ 226.954042] __lookup_slow+0x2b5/0x540 [ 226.957958] ? vfs_unlink+0x510/0x510 [ 226.961791] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 226.967275] ? __follow_mount_rcu.isra.33.part.34+0x890/0x890 [ 226.973463] lookup_slow+0x57/0x80 [ 226.977291] walk_component+0x92b/0x25b0 [ 226.981369] ? inode_permission+0xb2/0x560 [ 226.986330] ? path_init+0x1ed0/0x1ed0 [ 226.990242] ? walk_component+0x25b0/0x25b0 [ 226.994587] ? save_stack+0xa9/0xd0 [ 226.998247] ? kasan_slab_alloc+0x12/0x20 [ 227.002413] ? kmem_cache_alloc+0x12e/0x730 [ 227.006753] ? getname_flags+0xd0/0x590 [ 227.010744] ? user_path_at_empty+0x2d/0x50 [ 227.015086] path_lookupat.isra.43+0x212/0xc00 [ 227.019689] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 227.025435] ? path_parentat.isra.41+0x160/0x160 [ 227.030213] ? usercopy_warn+0x110/0x110 [ 227.034292] ? fs_reclaim_acquire+0x20/0x20 [ 227.039680] ? lock_downgrade+0x900/0x900 [ 227.043859] filename_lookup+0x26a/0x520 [ 227.047941] ? nd_jump_link+0x1d0/0x1d0 [ 227.051952] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 227.057962] ? digsig_verify+0x1530/0x1530 [ 227.062226] ? kmem_cache_alloc+0x306/0x730 [ 227.066567] ? fsnotify+0xf10/0xf10 [ 227.070229] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 227.075807] ? getname_flags+0x26e/0x590 [ 227.079895] user_path_at_empty+0x40/0x50 [ 227.084076] path_setxattr+0xd6/0x230 [ 227.088167] ? setxattr+0x450/0x450 [ 227.091810] ? trace_hardirqs_on+0xbd/0x310 [ 227.096167] ? __ia32_sys_read+0xb0/0xb0 [ 227.100264] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.105658] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 227.111140] __x64_sys_setxattr+0xc4/0x150 [ 227.115413] do_syscall_64+0x1b9/0x820 [ 227.119325] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 227.124708] ? syscall_return_slowpath+0x5e0/0x5e0 [ 227.129659] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 227.134721] ? trace_hardirqs_on_caller+0x310/0x310 [ 227.139762] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 227.144801] ? prepare_exit_to_usermode+0x291/0x3b0 [ 227.149851] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 227.155070] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.160281] RIP: 0033:0x457579 [ 227.163491] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 227.182417] RSP: 002b:00007f6fa503bc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 227.190145] RAX: ffffffffffffffda RBX: 00007f6fa503bc90 RCX: 0000000000457579 21:23:46 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x4, 0x0) 21:23:46 executing program 5: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 227.197445] RDX: 00000000200006c0 RSI: 0000000020000680 RDI: 0000000020000640 [ 227.204730] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 227.212017] R10: 0000000000000014 R11: 0000000000000246 R12: 00007f6fa503c6d4 [ 227.219315] R13: 00000000004bddd0 R14: 00000000004d7140 R15: 0000000000000004 21:23:46 executing program 2: r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f00001bf000/0x3000)=nil, 0x3000, 0x0, 0x4011, r0, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x3, 0xfff, 0x2}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, r0, 0x0, 0x17, &(0x7f0000000080)='wlan1securityeth0]eth0\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)=r1, 0x4) mmap(&(0x7f00001be000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x200000000000000) keyctl$session_to_parent(0x12) 21:23:46 executing program 4 (fault-call:5 fault-nth:4): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 227.332860] __ntfs_error: 24 callbacks suppressed [ 227.332871] ntfs: (device loop1): ntfs_fill_super(): Unable to determine device size. [ 227.369281] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. 21:23:46 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x7, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0x1002}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000180)={0x15, 0x110, 0xfa00, {r1, 0x8001, 0x0, 0x0, 0x0, @in6={0xa, 0x4e24, 0x0, @remote, 0x4}, @in6={0xa, 0x4e23, 0xffffffff, @empty, 0x6}}}, 0x118) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f0000000000)) setxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)=@known='trusted.overlay.nlink\x00', &(0x7f0000000340)="24837573657200", 0x7, 0x1) r2 = open(&(0x7f0000000140)='./file0\x00', 0x40c2, 0x0) r3 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write$9p(r2, &(0x7f0000000800)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb9693dd6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b804bfe70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9ca8bec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b60fca627576ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c46a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca0403b3c6da327afe21720024881def9fa15ec15bb0cb39374f19d63b357936a748e0bb2099ec2a79035bec4a89224cf37c93b534a5348ee94ba3f5f55fa92acaf8e0061598d802fcdc1f7253969a3278154696f42eaf07c89aacdfb016fcb0485a72fc2cdfd7d72f132ff82028a47b61d4dd4d1201d87bd883f74ac1710e05a8fe598dbd94c78adc2ad0e9ae6cb911691b61feaf07539d17c2b05a608dc1f71011c10c92f7faae952e304f0b6c94f754b11e416c4df32f5ca6c0caa6070ee04bfd47adf2f90843fc143b52d2ff50e63ea46a2677baf1df09e67c0768ee6382a8de5dc91eb5552dbd3ba7647b47efc8dc6c9de913710ad2314e3e94a2f9193c5fc3120474261c4914925707530c3a41ec98741aa30fabd70fc38cc57c6707bead0cf24b369f8989b366507b6a261842c727efa97032314f09626954d357374b42fee36fafd448fd0836bea7397b2ac03dff44372e987316fdacf8477befe768dc1505eb58bdb052a5eb3ab1a79014008c8ab55b3ea432beba4434f5199fc6f3b08934cc3fb4cc62b7a733826030153750fa61bbf0dbc1cdfef66ef77aa047c04b9ceb80ff0b99959fdeeaec0e3838dced78e9f12f997bcd992ef36baff4de252999d00406a379272912bab80fbecbd334eb4b844c66c0018312dc20ccb52f36dc84ba4c3876fe9f5b49f39e49e9348f38bcfb4a77a36790971c41c0ed554ebf03c145336e77bca86fcce945c43075d583233b2c36ff471d140ff8b4d91b33ad13540f5f2cffe0ced42839848a13cbc66f1d7393f01a8fe63b37619665d1c98bc1ae09fa9dcc642f2047a555bc8aab2ebfc00b13b902494b139ebe4b96026bf5c441b30b11611371386fac1ccf99df87093bd6609b24f7e7a1bfc175e720c7bb496c45d6f42acfacc216307f7f3bebb96f443e68717442b6ae5a9c29e10a5be02f30007653c9debdaa1e69c28d15d3bfd69232dfafae13622f4cbe9a030ae880375f7415d10770aae1c8271393546f40fa07e6e205de1f52ab215d7c2a1dc474d28e79081913f19c2c53fc8b8d86c699523e836a548c1315610ca4542b0ae145a1fac88d417252fdbec86b4d2d824ca2702102b18062a7194e2f96904dd210c1d2cbd12d253f4243324f61cbb42a0271527d7b871a1ddee9b55030a173ed9573a5cce7924946474c21e39bdddd559aa5f85e981d6ca79e967d5edb484ed6c70bf1d1c57f3ad64b5ede6ba51158d044578d395c561abd382335c5342883d6588d94fb860c0025adab4df23b2c9c00638fe33816b609267ad80e2b6b04d6b7872db753b3ed3dba724bec6c02d5a40cca99e074682f0fc6e0db69a265e5b2757dafd5db7d8a9d5f00b94e6afe662b180b750bedbbb3ba03c52bee15be40b259471fca2fd32696d241d6f9dea3beac4054146e334969e4dae0ef929a4b762bd44612353dbe8275ed21b3f34bf9b38d64e7cfbd8aebf826bd40eb2cb2331b410ca7753c40250954fa8ad12c09e7a54e18a645ad1e501d93e540c6560e702e80e360def60ccab4fd18bc3a33a9ef798aa77ccd30a0175e35b1d6df6963a489322b149d673d920695294f0e6267a4a078c4ab4b2e2cfefb7e81f45f6dd7207e2c8b7e57ac9d988856fa8c0c4c6e49be3c4f9dc7aa078f76268f0be9e2af88a0fe658b243ded33b3836d559a1fb480278f82e546eec2666def860686e9abb898d80f018edb937f7a902238194a16be357e91fd86eaab3c19ae9446a27810dfe586f2d354e251c4afdd89af87421f943d7b9e12b6640897459bd988ef31960784c8072184456fa99d33c3978a0dfc5dd88bfe941da4681d6e31894f5100b2e6fdbd75e51f2f32a0bc00976721b453c5c670b04ca27c23232be7734c35f2898512c3138c78d42626693084826d195299fdb4467db31c79761e40112d1e47d8fe1b846bec1dc7f92d59d088af95a7d4b0d10b7ece85bf6aef12693c429e3df8f7f27289857e16005a233ac1c526afcfa2d4a82ffdd0d52724b3a635e4415d7c0fbcacd1c24294919ad8bd6edc2dcc7e8c66f5980b8483d50a9f5b2204d2f9fbfccffd578dd718b342a1443be5e4f18fbc10691c678ec837ea9a37c8456dde7e3f420bd61e918270b83c3f5c3f9495b33c7be6ea81b78df808cdd55862beb2ad246bf402cbc90918f6d4ff0d24755c346cac9093a101f8ae9eb863139e012c73e10f4e09ae69f822f2bace32429dbbff181115c9eaf00deae55ac0c5c2563672947820b7d016d15049b9fe294a4613954832521727fbac1d900b441174140864c9c5d1fb58b2f0dbfbec0b62c4216a408b8b7f6c3aaaa8b3f153161173dc48daf0f2ddb3f30ac6e573430df30d6ea7259e460a19cf329c661dee097b871b351ffd22b8090df3dd9fdb22cb636f18eb4df69a63299ff3e2acf0d08a944e46907007be920a3672c215dc9fc8aa3066399d9b7494a8a2bc0416aec022389a52bb110ee99ce773132c61c04095c3d591dc273d7b91a99ec99911e7dfcc4b4522431d543ae1710ebfa4c0ac8c3b2af2827233d4b4edda49b98c7086e65b05930d2014cc44bb92217c9578282fdb9c2ce817eba860a14c8f9914353ca14f14d4baad9be49f03e91ecc42d199c3e3704d0476cbb01016326e351f6995e59287197cdc1b1a103a749b6d6a55bbc3cfdb9b8211653d55c46618fd1a0e4a2c755ab4c5d3503d4900648c6adc486ff1ea7e3228300ea161a32a55702de9115bb75928fff82d3761599792a359c3d04e738be8a16ecf1db16935bc2a6c54bd1c33f881b7f1ea687a06504667ec0f05c058392af51a4141123c6090f5ddb12845dc0a486d5f318f0efe1926b9bd5e3ae982e75f49225ee6b71899b7483b501466767a05320eebe3e94c54ec335a33eaa54ea97912a0cf844ad2edf59294af5f07ae3ffdeb7d6f03d10b7bb1616dce11ca2140ea859ddd2536602320eab4801360f821090a67562db436c0dd1209cc717bfe8fa9696ee917ca8985a0abc54b9f6f1b462e00b29b36a413e2fc784d153e95f2b7fc75b048c7aba3db76941b090e1fd76dddc8f6f2758c5e72cf101f0dc8185fb8f86fc4ec615312eb559954c2a32fb7add4699bc486c219744126c077a30f8402a03c95405f8a7981933ec1e9cf145fe8a0f0053794efacc1e8ad066841c87ff819ecf87c75e7e741faef1ade631bd2cb1572d00b341fc6306b56da50f53638e979f093fd789a28cd4cc320da4c43640a0394691f809fc0268d95e81773dfcae593f17f04864712eb47cedf4b0375399cef0982a78e1654085fb8a8704f27b1dfa5378919e4977aad38b5771c8f3402bb93a697abc7c21dd4374c4b74c1a923cdb3e532a4d2be5dd5897723f1ac3ec744b1ec87c324f93c9845456b72d7da990ec8a133864f247f5c9c88e9d3fc999b86c51d8a7d8c833dc5570b0d4339eabb0456f5b39e5216d8ee0be3465caf182d3373a50ba98b653c30b7986bed8687a005b14b344bd49cf487a96090565c35969d7e7c58af5199fe14eefe947cad9ef0fb6ab156438d5855c4bf03bb5095b72333bded3c35c5764c73abd73889d04e9904f44580726cd7491ba09840ecacac8f61e9711dcb5fd232ba71a586", 0x1000) sendfile(r2, r3, 0x0, 0x10000) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e24, @local}}, [0xeaff, 0x4, 0x6, 0x4, 0x10000, 0x3, 0x3, 0x800, 0x100000001, 0xffffffffffffffe1, 0x1, 0x2, 0x1, 0x6, 0x6]}, &(0x7f0000000480)=0x100) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000004c0)={r4, @in={{0x2, 0x4e21, @remote}}}, 0x84) [ 227.429066] overlayfs: './file0' not a directory 21:23:46 executing program 5: socketpair$unix(0x1, 0x802, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@errors_continue='errors="ontinue'}]}) r1 = open(&(0x7f0000000000)='./file0\x00', 0x4002, 0x154) getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000080)={@multicast1, @dev}, &(0x7f00000000c0)=0xc) 21:23:46 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0}) 21:23:46 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 227.457461] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. [ 227.524899] FAULT_INJECTION: forcing a failure. [ 227.524899] name failslab, interval 1, probability 0, space 0, times 0 [ 227.565228] CPU: 1 PID: 8444 Comm: syz-executor4 Not tainted 4.19.0-rc6-next-20181003+ #86 [ 227.574249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.583645] Call Trace: [ 227.586312] dump_stack+0x1d3/0x2c4 [ 227.589988] ? dump_stack_print_info.cold.2+0x52/0x52 [ 227.595252] ? _raw_spin_unlock+0x2c/0x50 [ 227.599447] should_fail.cold.4+0xa/0x17 [ 227.603539] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 227.608666] ? dput.part.25+0x4dd/0x790 [ 227.613455] ? lock_downgrade+0x900/0x900 [ 227.614754] audit: type=1800 audit(1538601827.040:36): pid=8446 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor2" name="file0" dev="sda1" ino=16530 res=0 [ 227.617637] ? do_raw_spin_unlock+0xa7/0x2f0 [ 227.617652] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 227.617678] ? _raw_spin_unlock+0x2c/0x50 [ 227.651646] ? fs_reclaim_acquire+0x20/0x20 [ 227.653822] audit: type=1804 audit(1538601827.040:37): pid=8446 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor2" name="/root/syzkaller-testdir208494817/syzkaller.OBSvsK/31/file0" dev="sda1" ino=16530 res=1 [ 227.655985] ? lock_downgrade+0x900/0x900 [ 227.656004] ? check_same_owner+0x330/0x330 [ 227.656028] ? ovl_lookup_single+0xd0/0x870 [ 227.656043] ? mark_held_locks+0x130/0x130 [ 227.656065] __should_failslab+0x124/0x180 [ 227.656087] should_failslab+0x9/0x14 [ 227.684168] __kmalloc+0x2d4/0x760 [ 227.684186] ? ovl_lookup_single+0x870/0x870 [ 227.684200] ? ovl_path_real+0x400/0x400 [ 227.684219] ? ovl_lookup+0x1178/0x29c0 [ 227.694937] ovl_lookup+0x1178/0x29c0 [ 227.694961] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 227.694976] ? process_measurement+0x280/0x1bf0 [ 227.694996] ? ovl_path_next+0x2e0/0x2e0 [ 227.695015] ? ima_add_template_entry.cold.4+0x3c/0x3c [ 227.705378] JFS: "ontinue is an invalid error handler [ 227.707963] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 227.707984] ? lockref_get_not_dead+0x70/0x90 [ 227.708008] ? __lockdep_init_map+0x105/0x590 [ 227.720089] ? lockdep_init_map+0x9/0x10 [ 227.720103] ? __init_waitqueue_head+0x9e/0x150 [ 227.720117] ? init_wait_entry+0x1c0/0x1c0 [ 227.720137] ? lock_acquire+0x1ed/0x520 [ 227.727904] __lookup_slow+0x2b5/0x540 [ 227.727919] ? vfs_unlink+0x510/0x510 [ 227.727935] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 227.727965] ? __follow_mount_rcu.isra.33.part.34+0x890/0x890 [ 227.727985] lookup_slow+0x57/0x80 [ 227.742124] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 227.742503] walk_component+0x92b/0x25b0 [ 227.820547] ? inode_permission+0xb2/0x560 [ 227.824780] ? path_init+0x1ed0/0x1ed0 [ 227.828663] ? walk_component+0x25b0/0x25b0 [ 227.832981] ? save_stack+0xa9/0xd0 [ 227.836631] ? kasan_slab_alloc+0x12/0x20 [ 227.840778] ? kmem_cache_alloc+0x12e/0x730 [ 227.845086] ? getname_flags+0xd0/0x590 [ 227.849058] ? user_path_at_empty+0x2d/0x50 [ 227.853384] path_lookupat.isra.43+0x212/0xc00 [ 227.858226] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 227.863417] ? path_parentat.isra.41+0x160/0x160 [ 227.868194] ? usercopy_warn+0x110/0x110 [ 227.872246] ? kasan_check_read+0x11/0x20 [ 227.876382] ? do_raw_spin_unlock+0xa7/0x2f0 [ 227.880789] filename_lookup+0x26a/0x520 [ 227.884839] ? nd_jump_link+0x1d0/0x1d0 [ 227.888896] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 227.895903] ? digsig_verify+0x1530/0x1530 [ 227.900133] ? kmem_cache_alloc+0x306/0x730 [ 227.904495] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 227.910298] ? getname_flags+0x26e/0x590 [ 227.914349] user_path_at_empty+0x40/0x50 [ 227.918495] path_setxattr+0xd6/0x230 [ 227.922300] ? setxattr+0x450/0x450 [ 227.925914] ? trace_hardirqs_on+0xbd/0x310 [ 227.930241] ? __ia32_sys_read+0xb0/0xb0 [ 227.935335] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.941135] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 227.946579] __x64_sys_setxattr+0xc4/0x150 [ 227.951786] do_syscall_64+0x1b9/0x820 [ 227.955679] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 227.961050] ? syscall_return_slowpath+0x5e0/0x5e0 [ 227.965985] ? trace_hardirqs_on_caller+0x310/0x310 [ 227.971005] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 227.976044] ? recalc_sigpending_tsk+0x180/0x180 [ 227.980789] ? kasan_check_write+0x14/0x20 [ 227.985014] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 227.989869] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 227.995328] RIP: 0033:0x457579 [ 227.998510] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 228.019580] RSP: 002b:00007f6fa501ac78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 228.027296] RAX: ffffffffffffffda RBX: 00007f6fa501ac90 RCX: 0000000000457579 [ 228.034586] RDX: 00000000200006c0 RSI: 0000000020000680 RDI: 0000000020000640 [ 228.041852] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 228.049108] R10: 0000000000000014 R11: 0000000000000246 R12: 00007f6fa501b6d4 [ 228.056376] R13: 00000000004bddd0 R14: 00000000004d7140 R15: 0000000000000006 21:23:47 executing program 4 (fault-call:5 fault-nth:5): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 228.083207] audit: type=1804 audit(1538601827.550:38): pid=8446 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor2" name="/root/syzkaller-testdir208494817/syzkaller.OBSvsK/31/file0" dev="sda1" ino=16530 res=1 21:23:47 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x2000000) 21:23:47 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="66b9800000c00f326635000800000f300f2325363e0f01cb66b9800000c00f326635002000000f30018c448b2e0f0171860fc72cba4200ed67f26cd0bf9f30", 0x3f}], 0x1, 0x0, &(0x7f0000000300), 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000100), 0x106}}, 0x20) openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffd14, 0xfa00, {0x0, &(0x7f0000000280), 0x142, 0x5}}, 0xffffffffffffff51) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000500)={0x1000, "db000195c227715871ba1bf8cc8cd5c216667f587fe881c28dcfef5e3c5ae185ea3ff0896085437e34b4f79d59ecd9de28d02b578c4f7fc20c21f9b2a643df517e008fdc0ad6cf6aebcee8b544ea93d003f788dd45f0645eac9cf505f92b47c5e104c68e8aa67d643f01ec5de2fce35095682964c67c053f4031d216195bbefe291f5c5dd1eb3a6f381c3e6719178681bcc1ce87ca045dbce5583d248006409fd6f9aa051297ddc878eb7a94452eaa7d7f23c42b4a064829b0d164a2f4abe29fad9611a58140d26ac7a29e44d4224e5d4c1d933e3de68e466cd33834661ed41b20226b347733ba9ccb2d6b0777df1234b9f3381adcf70062769e3845724617a611e6e6d7912870c6f572cd7e0bca2faa5bf18ba03c7a4a727e8c1cf809b2c9a020bd2afaab4231d42fdbdda2a49483d551b99754ff19328d5e50d51643462db7c2cca9e24aa663113351c1673219262f029fa314bf6c1a68be0511984115435f75f2ad00c754d7be5c631c422b02908f6e57f7d275d12638c75b0431b9463aad4894ad2bd90478fa886dbcdb09ebc7603699a38857ead13844f854459c8a066cb2b81b4620e290e76d00df3e228255a26d63f0f198bdef88ed8f6bee67ecf8d2a3b432431fd3f1e1b2df66db162983ddedd8150dc04c7cf1e51990a61e749b84bdda1e1de70c3b190a2680b88ae05608df8f6a7db01e788700682b18761ff448318b67703f2049f6ef3a64ad8f93364d8975b407421547783a453156af96f0639a2f5f63f2a5203c18e9c9dcf1b30619ccf038e7dbd7cb7748073cec4ee7eca36cc21df82a527d4abdc8940165b7b84ff5a44f69b98b79dd60ee48313927e701300434663b31c58c22dafddd2516d759c6f54b2ce84817648e4cc2589c0d887bce5ee15758b9505becbef95d1d9325637e74ec397b59c7841c8220621ee93d4561c676ae5f2754bd062cad99302f5b09643b95603784403d836205d86a694837a733f17a9816222e89d9ed4dea4b3d8d3bcc18f9bf2412311285f67f36d428adfc4a35e7f8fbbbb50d2380a9bda5f557458c62e82145c82072484a01bfcb802c0189947c148ee6f0737afd7047219c736bf5b6b1768749fac853dd58597233e4e39a1a3648157f0e1bd9890578fef43c812d6d9c4981eb8c0f511e2ffbc6cf273b3724af1a957497a5b40fb4cb601ca597a5dcfaf02bb4f4e8f50e06487d5dca35db7be1912a526e502d6d54fb69d243f3bba471e085a343183fd30690eeb7f817f0f0f76f191c463f6bee67ed20e2d93466b2e1708b46aeabc2d43ca44a4ae72f285636e0df6afad6dde9527c45193fe404da351b798f13c218c5eeae738fd1fc123b5db40e439da19fa431dbfaf9b68e9e06674cbe4fe98a8d0ba69425f98522e8f8f2fd371f9b9fcf60ff6bfd355e47a0d38cd1ca3300ad62691d34c312a81060d283cab22c352152876d83156eed8ff27a2d390416d480de69655d3ff43f279e38d6856869fcda2e2ff382dd4f21bcf8a7db82c5066528ac80a87a1482b1179f4b55a9849af6b28f09a91051ceaeb7a5b4d5ce931d75ffd0cd86d4bfa94e30fe161b1a3922a32f4da39e9a7fcae73feae3bef6d9a28db481841debebcd6c72521f961600c1bc2de21bc5ba960883e850d8cbce3b91654e7c573d4fd9c34f9c525fdd33eed5037740c33af35c9a3f8b7f9110c259bccbe91f0f237a63464944196a1566e006b2eebff6eb0586cd56c7473f23a5cb73d1e964f8413f6475c71570f65e209c193ba783ea2839b98977fa0f21734bc5bb3c1ec0317fe8a8439625bd4e32b425873a2d5bfc9a4d90cd76e4a6c00a070befb098272bf1d7cb4c1520816d13435b32a0ad6e2c54b19acd2f0c4097f8fb979a7c81d0ad65c8aa8b4c6bf1e0a0d63e7a1489a8553d4d706bc73d79876c9a71a50d3ffd91c975917dcf384b22c963b58490f0fd4114a870331443e7b08ca36434eaf70ca6fd10cd63ae815a202bd376e7be673d87fd1bdf284e9ae0ef6817028dd00d4b11168b89be44bb0d00f36043d2361a5d31239e6b7f5bf5784d4f08e8e3bef985460cb75126d01a0760233a14c80df857730b8c4da73905e88b4a9a0a241ef1c1c686dabc7fe547b73eae3dc111b33dd8cbe561213daa2dc75167e9674bc5fd7cbf8e7384a0b9a051450152b6c0911a0713adc401e8289afff36aac44384952f24aab0edd61ca881f0375194ba8914f3d5806ecd082dbb427e8b9d19344bc2db814c079aa20ef180432952f1a33394be2d01963fd09d2ec3e7eb16a0a3e2877f2c68a015f197c2810fc511ec7a7c65fc66b14dfe37e0dc2b3795bcd7a89046e59629f549cb05bb37cbd35f50d610e18260028da60ee1fa72936a3f1d9db0f6ae7e602119d903fede53598ecb2f8406017f52268593875ea6fe2ce867db9d107e7e405e347b9af590b9468892a8b130b9d23e18b823866bafec556fcdda27c8e7c745ef759ba198b247fa14b5cc652000d86811de24068351f830de9ce275f2f95151abf2570d9fd8da58456bf6bc205c1b6b3eb0dc32c383161085b0f81aab1292b8d110b4b2c410515594ab2f6270948dd5032db332912c743a8408c1d92f5487f976a6198974bab860956ebceec4018e14e7a03221aff39787e5beb5751fa7c62b9c2a6942e903b7132d6f2446b83738d131acfd6fd22e81a045c0e7740ed8ab842e02cf99f8e2fc6bdb6ff1a36729bae133a21cbbc9b4b75b8cd8f89e2dec68bc9d266ad5a1187c90de16bee64b8c02534737d65ceb97452d00a91bf373ef1e06ab3e62970c10c3946830a0eaacf49fb8c76165cfd97099838ccbd14831fb19a34afee30b9c1db2a99cde49c09ba167a8f3e20a855fa7b8c97a4d82cd49e1224110bdb27fc753512e451bb0541bd61b8b3863e8065524adcad6d3a7e64484cce6e0412dede3499559c1d241c7a012435b8dbb8445015cc4faf646fd0e8e8d0cfb70db1c17be05176816a523f5a6ac12ee0b9a80bc65f9c137070a2b0cc6800a655d31bbcc26c443bca351b7d71590d2a27baabce2f2d83a51d760f3c965ecd1f9bf07c995f1d265e334f059fc77d4691a4136207adc677e89750fbbc47ef875c28be5a11e3c0cee1a4d300c9d4c5afdfefc7dc399a988f383417209365577f4b26938df98ddfb5c67098b1581ffea906c04d32f3eb233a6806c10c0f7d0331e8502826710f7a543e8d452dcb2da920da75949d0ed7e3f87e1b73a8f407f0a1198b2dcf60953a2f1379499c188deb93358c6a4351116c580499620b8d0d29a2679bfb3feeda71e7b265d7f84d8a026c2d59f13d7998ddfaf0527abfa1abf775832c1295d2d074956e9a0b2bc1d1f56e51ed9a4d19f79a645f5f5091b26fef80dcee062a82095304216a2fdc64b68e1eb392639647f5f4cd4d97dab6c52e9b849a3b3206d7103442ddf0cf6d3646df3c1e517724a5ab2761cf9fc06d989510fcdefc05abf953594c803f821fe7fd60d1d6d62be075101d384d3c902a52c3512768a2965b0ac9d509c20f265b8c17d9e59265f66a8a1c76f9ba237f0ff145aab6ece6ec46d1821ae9f81e06db438218b2452271f4e20d5bef0c0b1cce10aaf335e9acdb41f8205eac056086610dacc716d58c08929d190a8d001d0a09d4577fccfde87293b4121ea59f87a370b55c56252eddb1573d85e3091f7f22ec7b6d3c9ca0dc4822f63a740793bd3616c95cc27105c14dbaeacc4b012c127338ff5fe31a805cc8c1498f2dad48b01b56d370d1a734632c8790d5532fb18ea4ae41ad025c8db8a441757c8e4a6a6abcf730c653d03d75f47656eddd84f24160a0551f16aff42b03399f86fc9de239f100c702573edd98a5117158f06cbcf1e133ec50fd0627a9f1e7a3e155590382570d9babd07c4f234d658a384d7b27391f62f2eae5f98083e18fc9a843d42d0a281fd76f8c3b5aff48f3f498fa0381481ac323330975da037d83d8a3dc3c94df0ce6a3d659d324b08914db90af97e01d801ac7642b123c691902207ccfd0fe98ce6328d200858c4b1b667fd84d86ab6094b3edb98e3f7557042367b7da229664acee19258d1612347a57f9da32f22206662a1dbafddbfc3291ad4f25fc5e7a76af8cc5ebf318a7eba01ad3b5e73147abbca863fd1238432fa21b6101bc05958987f138431930b67ef51dda52767e9ce4295ea2283cd6fd4f0bc647cb824b1ffe6c21714b8e689c8e781c303aea5bfd32cba46fb783342ce3c2271ac55c12d6eccd46e97a6eb0988a4039dc98afa2f1de391d3c37306bb781292575bf7a2a6cf7a656a8d226034af8a8873bf00a1273ed77c0b5e76c6b3860ab42474de57b43046802c08305e04c05e4f393f6dc2a78240a5ea9f5fec276ba0b93deb19a72a607780c32a149be7832d3a41e967689f37da8c0a9d289ec6c7891ede99ac145a5b23cd835066bd361e64ce731c2a7e72db333bd980d5a76c3ed76727758863852a96873d7e5d0d26705c52fc659b2fc7b857f84e344b8f101197f542cf15b87b9eb1c7105ba224116f587e0a1440adb84b875035e74dfb90cfea0ec584e590a3cd3faf3ba649941984a09f59292cdaf5e93376c8155660ec46550c2ab5de8330c18889f14415eb797596b52fc6ef50ea07b9a0ef4ecd7fc693dccb5b66be2190caed56ae38f076de1acf8801253446d6ccc97fc75bf811a2e4d31470d388dec4c64ed3fc30c264903de721c9b37baa26c25385452bd8a2c893ded88d5e94fe0add032a60a79714de5c31f96cb2b2dc2abc56a6bf7179aca425ac29c4d626aa4931c9c802f350ee4ebb56c8685e39e438ebf755f0c3f7b45d7df6a248a0eff3bc73a99d793f2e17f264c02520326f06755d3c42fd803f80c3b8107e5ac952ab0954ae8a857e3ca443c1c80fe2c797807e74e9e0a2b93f997991a19ee977c66a14031a68f28eb8af1ee87569ac68a417c11a2fe18adb83f95742af7591a8ef048250e1ffc57756e0dfa657f2478938f2fdfc9c1ec9c277aa2e63a75cc54b9748a97286cd3520d1c8d7a5e5aa7072dea7ffe360c77921f6605bdec723f4c959e636cd9ee094803271da9a76a6282f8938b1f17095df64741522dc6058de2f749918e3a6b21cfc16e23b7c977c920848c41bee6ed6edd3be428ce0fe89556465699b9521b123d1e1be5c3eae1fd8d5774de910add51679ba1474596f7b4d46b5ee147f6c235e3111fc84abbd2fe1a6738785fd19842cc91b4573a32dfe1039e99966fcee0f6d122c2703f0f25267b221e1e2d3e0b917be0d036bdce0a6999eebe1db92327d31096665a7ee5014ab13f63945474ef3f9d83624ddf65facdf34dc394257916d6fd7d8ba79a3959beb3cc8b6ccda59203411066702779b9ab16d31b481afb3ac6a6be6890976d1a17105e94f9420d2ccb4732c7298c1b4ab2f660372652f929c7dc2b61ff50c6e104d11944fdf6a345705fae12ec82fa6a16bf6a2ba0a3a7b71d9e55fed8ac981802fcd705ea0c29495f0da7bdd760847e2e35039e98ef9351d1fde4a9c5d4c78ffbe89ab4c266504e91d2be394933f432ee351b43c0427f49a15e8de5a425b8b392eb8f0dcb067f4a14f36d3ea9063844a7e76a47e6499177a3bc3ddf991a59c8aa0d3161445cd939d80e6bec04ca01ac7388e6c6b23acabe3ac789c5bbeb2a54904d37314ddd2f8333128cdc3e3ae80a8c59b17a2aceee4b83317e028899e2b7fef4e3b51868eaa9eedaf68ac628a21f0553dd7d20b7b64ee9e60b54a28da778e6258edb0297b80566599f5602aab05cb29377"}) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 228.123553] JFS: "ontinue is an invalid error handler [ 228.127752] overlayfs: './file0' not a directory [ 228.148070] ntfs: (device loop1): ntfs_fill_super(): Unable to determine device size. 21:23:47 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc8070014") ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000440)={'team0\x00', 0x0}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x0, 0x200000ee, &(0x7f00000002c0)=ANY=[], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f0000006f3d)=""/195, 0x0, 0x1, [], r2, 0xfffffffffffffffc}, 0x48) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000008ffc), 0x4) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x34, &(0x7f0000000300)=r3, 0x4) r4 = socket$inet(0x2, 0x0, 0x401) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'lo\x00', 0x0}) socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000000c0)={r5, 0x1, 0x6}, 0x10) ioctl$sock_ifreq(0xffffffffffffffff, 0x8991, &(0x7f0000000040)={'bond0\x00', @ifru_names='bond_slave_1\x00'}) bind$inet(r4, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0xb) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8910, &(0x7f0000000240)=@req) socket$inet6_udp(0xa, 0x2, 0x0) connect$netlink(r4, &(0x7f0000000040)=@unspec, 0xc) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x6, 0x4, 0x8000, 0x3f}, 0x2c) mq_timedsend(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0xffffffffffffae2c, &(0x7f0000000100)={0x77359400}) r7 = accept$inet(r6, &(0x7f0000000140)={0x2, 0x0, @multicast2}, &(0x7f0000000180)=0x10) fcntl$dupfd(r4, 0x406, r7) r8 = socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(serpent)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r9 = accept$alg(r8, 0x0, 0x0) write$binfmt_script(r9, &(0x7f0000000500)=ANY=[], 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000004740), 0x0, 0x0, &(0x7f0000004840)) 21:23:47 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0}) 21:23:47 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:47 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x3f000000) [ 228.296921] ntfs: (device loop4): ntfs_fill_super(): Unable to determine device size. 21:23:47 executing program 1: syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 228.348799] overlayfs: failed to resolve './file1': -2 [ 228.349717] FAULT_INJECTION: forcing a failure. [ 228.349717] name failslab, interval 1, probability 0, space 0, times 0 [ 228.372420] ntfs: (device loop3): ntfs_fill_super(): Unable to determine device size. [ 228.439740] CPU: 0 PID: 8497 Comm: syz-executor4 Not tainted 4.19.0-rc6-next-20181003+ #86 [ 228.448194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.457558] Call Trace: [ 228.457586] dump_stack+0x1d3/0x2c4 [ 228.457604] ? dump_stack_print_info.cold.2+0x52/0x52 [ 228.457621] ? lock_downgrade+0x900/0x900 [ 228.457639] should_fail.cold.4+0xa/0x17 [ 228.457656] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 228.457675] ? kasan_check_write+0x14/0x20 [ 228.457693] ? up_read+0x225/0x2c0 [ 228.487127] ? down_read+0x8d/0x120 [ 228.487147] ? up_read_non_owner+0x100/0x100 [ 228.487167] ? __d_lookup+0x5b8/0x9e0 [ 228.487186] ? ext4_xattr_get+0x1ad/0xb30 [ 228.487206] ? fs_reclaim_acquire+0x20/0x20 [ 228.487221] ? lock_downgrade+0x900/0x900 [ 228.487239] ? check_same_owner+0x330/0x330 [ 228.487252] ? ext4_xattr_trusted_set+0x40/0x40 [ 228.487273] ? __vfs_getxattr+0xf6/0x150 [ 228.510837] overlayfs: './file0' not a directory 21:23:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x3f00) [ 228.512528] __should_failslab+0x124/0x180 [ 228.512550] should_failslab+0x9/0x14 [ 228.544928] kmem_cache_alloc_trace+0x2d7/0x750 [ 228.549619] ? vfs_getxattr+0xc4/0x390 [ 228.553535] ? xattr_permission+0x310/0x310 [ 228.557889] ovl_encode_real_fh+0xca/0x500 [ 228.562143] ? ovl_set_attr+0x550/0x550 [ 228.566130] ? ovl_check_metacopy_xattr+0x79/0x140 [ 228.571076] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 228.578295] ? ovl_lookup_single+0xd0/0x870 [ 228.583164] ovl_get_index_name+0x1c/0x80 [ 228.587326] ovl_lookup_index+0xe4/0x700 [ 228.591418] ? ovl_get_index_fh+0x2d0/0x2d0 [ 228.595751] ? ovl_path_real+0x400/0x400 [ 228.599829] ? ovl_lookup+0x1178/0x29c0 [ 228.603820] ovl_lookup+0x9f2/0x29c0 [ 228.607564] ? ovl_path_next+0x2e0/0x2e0 [ 228.611643] ? ima_add_template_entry.cold.4+0x3c/0x3c [ 228.617113] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 228.623710] ? lockref_get_not_dead+0x70/0x90 [ 228.628215] ? __lockdep_init_map+0x105/0x590 [ 228.628233] ? lockdep_init_map+0x9/0x10 [ 228.628246] ? __init_waitqueue_head+0x9e/0x150 [ 228.628259] ? init_wait_entry+0x1c0/0x1c0 [ 228.628276] ? lock_acquire+0x1ed/0x520 [ 228.628293] __lookup_slow+0x2b5/0x540 [ 228.628313] ? vfs_unlink+0x510/0x510 [ 228.636856] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 228.636888] ? __follow_mount_rcu.isra.33.part.34+0x890/0x890 [ 228.636903] lookup_slow+0x57/0x80 [ 228.636919] walk_component+0x92b/0x25b0 [ 228.636933] ? inode_permission+0xb2/0x560 [ 228.636952] ? path_init+0x1ed0/0x1ed0 [ 228.684760] ? walk_component+0x25b0/0x25b0 [ 228.689073] ? save_stack+0xa9/0xd0 [ 228.692945] ? kasan_slab_alloc+0x12/0x20 [ 228.697082] ? kmem_cache_alloc+0x12e/0x730 [ 228.701416] ? getname_flags+0xd0/0x590 [ 228.705376] ? user_path_at_empty+0x2d/0x50 [ 228.710828] path_lookupat.isra.43+0x212/0xc00 [ 228.716743] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 228.721943] ? path_parentat.isra.41+0x160/0x160 [ 228.726726] ? usercopy_warn+0x110/0x110 [ 228.730789] ? kasan_check_read+0x11/0x20 [ 228.735379] ? do_raw_spin_unlock+0xa7/0x2f0 [ 228.742047] filename_lookup+0x26a/0x520 [ 228.746368] ? nd_jump_link+0x1d0/0x1d0 [ 228.750349] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 228.755878] ? digsig_verify+0x1530/0x1530 [ 228.760119] ? kmem_cache_alloc+0x306/0x730 [ 228.764434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 228.769960] ? getname_flags+0x26e/0x590 [ 228.774018] user_path_at_empty+0x40/0x50 [ 228.778158] path_setxattr+0xd6/0x230 [ 228.781964] ? setxattr+0x450/0x450 [ 228.785594] ? trace_hardirqs_on+0xbd/0x310 [ 228.790430] ? __ia32_sys_read+0xb0/0xb0 [ 228.794495] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 228.799859] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 228.805330] __x64_sys_setxattr+0xc4/0x150 [ 228.809554] do_syscall_64+0x1b9/0x820 [ 228.813432] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 228.819050] ? syscall_return_slowpath+0x5e0/0x5e0 [ 228.823982] ? trace_hardirqs_on_caller+0x310/0x310 [ 228.828991] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 228.834008] ? recalc_sigpending_tsk+0x180/0x180 [ 228.838753] ? kasan_check_write+0x14/0x20 [ 228.842977] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 228.847810] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 228.853001] RIP: 0033:0x457579 [ 228.856183] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 228.875942] RSP: 002b:00007f6fa501ac78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 228.883644] RAX: ffffffffffffffda RBX: 00007f6fa501ac90 RCX: 0000000000457579 21:23:48 executing program 4 (fault-call:5 fault-nth:6): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:48 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0}) [ 228.890904] RDX: 00000000200006c0 RSI: 0000000020000680 RDI: 0000000020000640 [ 228.899464] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 228.906721] R10: 0000000000000014 R11: 0000000000000246 R12: 00007f6fa501b6d4 [ 228.914016] R13: 00000000004bddd0 R14: 00000000004d7140 R15: 0000000000000006 21:23:48 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) accept$packet(0xffffffffffffff9c, &(0x7f00000025c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000002600)=0x14) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) ioctl$KVM_SET_CLOCK(r2, 0x4030ae7b, &(0x7f00000000c0)={0x3, 0x6}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002640)={'veth0_to_team\x00', r1}) r3 = socket(0x1000000000000a, 0x80000000001, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f0000000300)=@bridge_delneigh={0x28, 0x1d, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@NDA_LLADDR={0xc, 0x2, @local}]}, 0x28}}, 0x0) 21:23:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x2) 21:23:48 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[]) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:48 executing program 2: r0 = socket$inet6(0xa, 0xffffffffffffffff, 0x80000000080) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x401000) r1 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r2 = accept4(r0, &(0x7f00004d4000)=@nl=@proc, &(0x7f0000047ffc)=0x80, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x2, &(0x7f0000000040)=0x1f, 0x4) sendmmsg(r2, &(0x7f0000003d40)=[{{&(0x7f0000001b00)=@l2={0x1f, 0x1f4}, 0x80, &(0x7f0000001d00), 0x0, &(0x7f0000001d40)}}, {{&(0x7f0000002300)=@nl, 0x80, &(0x7f0000003740), 0x0, &(0x7f00000037c0)}}], 0x4000000000001eb, 0x0) [ 229.101471] FAULT_INJECTION: forcing a failure. [ 229.101471] name failslab, interval 1, probability 0, space 0, times 0 [ 229.137913] overlayfs: './file0' not a directory 21:23:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x3f00000000000000) [ 229.155457] CPU: 1 PID: 8547 Comm: syz-executor4 Not tainted 4.19.0-rc6-next-20181003+ #86 [ 229.163948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.173317] Call Trace: [ 229.175932] dump_stack+0x1d3/0x2c4 [ 229.179708] ? dump_stack_print_info.cold.2+0x52/0x52 [ 229.184923] ? __kernel_text_address+0xd/0x40 [ 229.189461] should_fail.cold.4+0xa/0x17 [ 229.193558] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 229.198689] ? save_stack+0xa9/0xd0 [ 229.202332] ? save_stack+0x43/0xd0 [ 229.205968] ? kasan_kmalloc+0xc7/0xe0 [ 229.209877] ? kmem_cache_alloc_trace+0x152/0x750 [ 229.215856] ? ovl_encode_real_fh+0xca/0x500 [ 229.215872] ? ovl_get_index_name+0x1c/0x80 [ 229.215890] ? ovl_lookup+0x9f2/0x29c0 [ 229.224615] ? __lookup_slow+0x2b5/0x540 [ 229.224626] ? lookup_slow+0x57/0x80 [ 229.224638] ? walk_component+0x92b/0x25b0 [ 229.224651] ? path_lookupat.isra.43+0x212/0xc00 [ 229.224663] ? filename_lookup+0x26a/0x520 [ 229.224677] ? user_path_at_empty+0x40/0x50 21:23:48 executing program 2: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000080)={0x0, 0x0}) r1 = syz_open_procfs(r0, &(0x7f0000000000)='net/kcm\x00\b\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, &(0x7f0000000280), 0xe620f7d}}], 0x11fe5d3376fc68a, 0x0, &(0x7f0000003280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)) write$eventfd(r1, &(0x7f0000000300)=0x8, 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x1f) r2 = socket$inet(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000240007031dfffd946fa2830020200a00090000000600000000ffffffff00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000240)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r1, &(0x7f00000002c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000180), r4, 0xff}}, 0x18) preadv(r3, &(0x7f00000017c0), 0x1a1, 0x4c000000) openat(r3, &(0x7f0000000140)='./file0\x00', 0x400, 0x0) 21:23:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x100000000000000) 21:23:48 executing program 5: unshare(0x2000400) r0 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/cgroup\x00') r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x10001, 0x0) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f0000000040)={0x2, 0x81, 0x5, 0x0, 0xf}) setns(r0, 0x0) [ 229.224694] ? path_setxattr+0xd6/0x230 [ 229.232627] ? __x64_sys_setxattr+0xc4/0x150 [ 229.232644] ? do_syscall_64+0x1b9/0x820 [ 229.232659] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.232679] ? ext4_xattr_get+0x1ad/0xb30 [ 229.240885] ? fs_reclaim_acquire+0x20/0x20 [ 229.240904] ? lock_downgrade+0x900/0x900 [ 229.240918] ? lock_downgrade+0x900/0x900 [ 229.240937] ? check_same_owner+0x330/0x330 [ 229.259758] ? trace_hardirqs_on+0xbd/0x310 [ 229.259782] __should_failslab+0x124/0x180 21:23:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x200000000000000) [ 229.259806] should_failslab+0x9/0x14 [ 229.270585] __kmalloc+0x2d4/0x760 [ 229.270602] ? dput+0x15/0x20 [ 229.270617] ? ovl_encode_real_fh+0x1bb/0x500 [ 229.270639] ovl_encode_real_fh+0x1bb/0x500 [ 229.327591] ? ovl_set_attr+0x550/0x550 [ 229.331618] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 229.337174] ? ovl_lookup_single+0xd0/0x870 [ 229.341530] ovl_get_index_name+0x1c/0x80 [ 229.345694] ovl_lookup_index+0xe4/0x700 [ 229.349769] ? ovl_get_index_fh+0x2d0/0x2d0 21:23:48 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x1000000) [ 229.354103] ? ovl_path_real+0x400/0x400 [ 229.358176] ? ovl_lookup+0x1178/0x29c0 [ 229.362170] ovl_lookup+0x9f2/0x29c0 [ 229.366184] ? ovl_path_next+0x2e0/0x2e0 [ 229.370254] ? ima_add_template_entry.cold.4+0x3c/0x3c [ 229.370275] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 229.370294] ? lockref_get_not_dead+0x70/0x90 [ 229.370315] ? __lockdep_init_map+0x105/0x590 [ 229.382436] ? lockdep_init_map+0x9/0x10 [ 229.382450] ? __init_waitqueue_head+0x9e/0x150 [ 229.382463] ? init_wait_entry+0x1c0/0x1c0 [ 229.382485] ? lock_acquire+0x1ed/0x520 [ 229.408602] __lookup_slow+0x2b5/0x540 [ 229.412509] ? vfs_unlink+0x510/0x510 [ 229.416379] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 229.421452] ? __follow_mount_rcu.isra.33.part.34+0x890/0x890 [ 229.427366] lookup_slow+0x57/0x80 [ 229.430939] walk_component+0x92b/0x25b0 [ 229.435807] ? inode_permission+0xb2/0x560 [ 229.441765] ? path_init+0x1ed0/0x1ed0 [ 229.445680] ? walk_component+0x25b0/0x25b0 [ 229.450028] ? save_stack+0xa9/0xd0 [ 229.454286] ? kasan_slab_alloc+0x12/0x20 [ 229.459760] ? kmem_cache_alloc+0x12e/0x730 [ 229.464100] ? getname_flags+0xd0/0x590 [ 229.468087] ? user_path_at_empty+0x2d/0x50 [ 229.472434] path_lookupat.isra.43+0x212/0xc00 [ 229.477727] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 229.482936] ? path_parentat.isra.41+0x160/0x160 [ 229.487705] ? usercopy_warn+0x110/0x110 [ 229.491781] ? kasan_check_read+0x11/0x20 [ 229.495939] ? do_raw_spin_unlock+0xa7/0x2f0 [ 229.500364] filename_lookup+0x26a/0x520 [ 229.504455] ? nd_jump_link+0x1d0/0x1d0 [ 229.508454] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 229.514018] ? digsig_verify+0x1530/0x1530 [ 229.518278] ? kmem_cache_alloc+0x306/0x730 [ 229.522624] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 229.528533] ? getname_flags+0x26e/0x590 [ 229.532351] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. [ 229.532606] user_path_at_empty+0x40/0x50 [ 229.532624] path_setxattr+0xd6/0x230 [ 229.550009] ? setxattr+0x450/0x450 [ 229.553653] ? trace_hardirqs_on+0xbd/0x310 [ 229.557988] ? __ia32_sys_read+0xb0/0xb0 [ 229.562422] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.567811] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 229.573283] __x64_sys_setxattr+0xc4/0x150 [ 229.577806] do_syscall_64+0x1b9/0x820 [ 229.581705] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 229.587080] ? syscall_return_slowpath+0x5e0/0x5e0 [ 229.592033] ? trace_hardirqs_on_caller+0x310/0x310 [ 229.597067] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 229.602098] ? recalc_sigpending_tsk+0x180/0x180 [ 229.607129] ? kasan_check_write+0x14/0x20 [ 229.608846] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. [ 229.611929] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 229.611950] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 229.611962] RIP: 0033:0x457579 [ 229.611978] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 229.611986] RSP: 002b:00007f6fa501ac78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 229.660395] RAX: ffffffffffffffda RBX: 00007f6fa501ac90 RCX: 0000000000457579 [ 229.667711] RDX: 00000000200006c0 RSI: 0000000020000680 RDI: 0000000020000640 [ 229.675605] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 229.682888] R10: 0000000000000014 R11: 0000000000000246 R12: 00007f6fa501b6d4 [ 229.691212] R13: 00000000004bddd0 R14: 00000000004d7140 R15: 0000000000000006 21:23:49 executing program 4 (fault-call:5 fault-nth:7): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:49 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0}) 21:23:49 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4002) r1 = memfd_create(&(0x7f0000000380)="000000000000000100000001000000768e05f7c155ad7dc6947c573e5a69244e76382c0aa63d575ea3597f8b1728277ef76b30544d7ba92dcf978f1f81dc1b7f8f7b3451dada02ecb4f1ddcc8b5241da8945666e0073c25a6201004dbea37aabd3eb9888c4c629419f50937a6848e0d281dbee568c4de9a036c26f1922f64971d4df97fbab04e8ce4938b31dcf259b4bc60901e18661fab8fb2988cd2bc260c2f572353e6bb0a002fc164d4f189b068062d10100000000000000400c0c4ca57b546b9430172ea5362ee0141b3df06ad235e815d89eead3d9473409c09c2e27a952337a24f20188c013123cc0316a33d8b443453773e4a09edd8031124dee13ce9c75288f2ec833c7e66af5b19a00000000000000", 0x0) pwritev(r1, &(0x7f0000000340)=[{&(0x7f00000001c0)='\'', 0x1}], 0x1, 0x81806) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r3 = socket$inet(0x10, 0x3, 0xc) sendmsg(r3, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000010907031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1) sendfile(r0, r1, &(0x7f0000000240)=0x4800, 0x20000102000007) 21:23:49 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) msgsnd(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="128f015d1f06ed9e89114eb0b0ea713cf9e0da50afc736f7a9677381cb46871edbbab7f6b72aa9fdb7f3b2d9b598390f52c4386ab70b15531c676133420c5b480fe0109155a6496720f8a10a67bbdde0a89838d411406e21232729bf357501bbe32922a794bb79314421608efc"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x1, 0x2, 0x0) 21:23:49 executing program 2: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000080)={0x0, 0x0}) r1 = syz_open_procfs(r0, &(0x7f0000000000)='net/kcm\x00\b\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, &(0x7f0000000280), 0xe620f7d}}], 0x11fe5d3376fc68a, 0x0, &(0x7f0000003280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)) write$eventfd(r1, &(0x7f0000000300)=0x8, 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x1f) r2 = socket$inet(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000240007031dfffd946fa2830020200a00090000000600000000ffffffff00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000240)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r1, &(0x7f00000002c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000180), r4, 0xff}}, 0x18) preadv(r3, &(0x7f00000017c0), 0x1a1, 0x4c000000) openat(r3, &(0x7f0000000140)='./file0\x00', 0x400, 0x0) 21:23:49 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB]) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 229.771461] netlink: 20 bytes leftover after parsing attributes in process `syz-executor5'. 21:23:49 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) msgsnd(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="d01916a8b12ccf7b53e432f4024ada53065a2c3b83d289133aad5a11792f9c972b11cef8ed6a65aec5579d2ad98b669b34bcbdd6b640e6a13db390d0d9a9aaacbd72ce710f4defb00be28ade73614aad2029f248c39240484876670b097a"], 0x1, 0x2, 0x0) [ 229.812115] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. [ 229.836620] netlink: 20 bytes leftover after parsing attributes in process `syz-executor5'. [ 229.840604] overlayfs: missing 'lowerdir' 21:23:49 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:49 executing program 5: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000080)={0x0, 0x0}) r1 = syz_open_procfs(r0, &(0x7f0000000000)='net/kcm\x00\b\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, &(0x7f0000000280), 0xe620f7d}}], 0x11fe5d3376fc68a, 0x0, &(0x7f0000003280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)) write$eventfd(r1, &(0x7f0000000300)=0x8, 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x1f) r2 = socket$inet(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000240007031dfffd946fa2830020200a00090000000600000000ffffffff00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000240)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r1, &(0x7f00000002c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000180), r4, 0xff}}, 0x18) preadv(r3, &(0x7f00000017c0), 0x1a1, 0x4c000000) openat(r3, &(0x7f0000000140)='./file0\x00', 0x400, 0x0) [ 229.995898] overlayfs: './file0' not a directory [ 229.996069] overlayfs: unrecognized mount option "lowerdir" or missing value [ 230.012099] FAULT_INJECTION: forcing a failure. [ 230.012099] name failslab, interval 1, probability 0, space 0, times 0 [ 230.050273] CPU: 0 PID: 8610 Comm: syz-executor4 Not tainted 4.19.0-rc6-next-20181003+ #86 [ 230.058731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.068089] Call Trace: [ 230.070322] netlink: 8 bytes leftover after parsing attributes in process `syz-executor5'. [ 230.070704] dump_stack+0x1d3/0x2c4 [ 230.070727] ? dump_stack_print_info.cold.2+0x52/0x52 [ 230.088211] ? __kernel_text_address+0xd/0x40 [ 230.093067] ? unwind_get_return_address+0x61/0xa0 [ 230.098016] should_fail.cold.4+0xa/0x17 [ 230.102177] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 230.107299] ? save_stack+0xa9/0xd0 [ 230.110936] ? __kasan_slab_free+0x102/0x150 [ 230.115350] ? kasan_slab_free+0xe/0x10 [ 230.119331] ? kfree+0xcf/0x230 [ 230.122617] ? ovl_encode_real_fh+0x3ba/0x500 [ 230.127130] ? ovl_get_index_name+0x1c/0x80 [ 230.131473] ? ovl_lookup_index+0xe4/0x700 [ 230.135714] ? ovl_lookup+0x9f2/0x29c0 [ 230.139608] ? lookup_slow+0x57/0x80 [ 230.143332] ? walk_component+0x92b/0x25b0 21:23:49 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0}) 21:23:49 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,wor']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 230.147578] ? path_lookupat.isra.43+0x212/0xc00 [ 230.152340] ? filename_lookup+0x26a/0x520 [ 230.156590] ? user_path_at_empty+0x40/0x50 [ 230.160919] ? path_setxattr+0xd6/0x230 [ 230.164903] ? __x64_sys_setxattr+0xc4/0x150 [ 230.169317] ? do_syscall_64+0x1b9/0x820 [ 230.173828] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 230.179382] ? do_raw_spin_unlock+0xa7/0x2f0 [ 230.183899] ? trace_hardirqs_on+0x310/0x310 [ 230.188319] ? fs_reclaim_acquire+0x20/0x20 [ 230.188335] ? lock_downgrade+0x900/0x900 [ 230.188347] ? debug_check_no_obj_freed+0x305/0x58d [ 230.188365] ? check_same_owner+0x330/0x330 [ 230.188379] ? ovl_encode_real_fh+0x3ba/0x500 [ 230.188411] __should_failslab+0x124/0x180 [ 230.201972] should_failslab+0x9/0x14 [ 230.201991] __kmalloc+0x2d4/0x760 [ 230.210796] ? ovl_encode_real_fh+0x3bf/0x500 [ 230.210816] ? ovl_get_index_name_fh+0x57/0x180 [ 230.231603] ovl_get_index_name_fh+0x57/0x180 [ 230.236117] ovl_get_index_name+0x5c/0x80 [ 230.240750] ovl_lookup_index+0xe4/0x700 [ 230.244833] ? ovl_get_index_fh+0x2d0/0x2d0 [ 230.249167] ? ovl_path_real+0x400/0x400 [ 230.253236] ? ovl_lookup+0x1178/0x29c0 [ 230.257221] ovl_lookup+0x9f2/0x29c0 [ 230.260955] ? ovl_path_next+0x2e0/0x2e0 [ 230.265029] ? ima_add_template_entry.cold.4+0x3c/0x3c [ 230.270349] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 230.275903] ? lockref_get_not_dead+0x70/0x90 [ 230.280425] ? __lockdep_init_map+0x105/0x590 [ 230.284947] ? lockdep_init_map+0x9/0x10 [ 230.289025] ? __init_waitqueue_head+0x9e/0x150 [ 230.293720] ? init_wait_entry+0x1c0/0x1c0 [ 230.297968] ? lock_acquire+0x1ed/0x520 [ 230.297989] __lookup_slow+0x2b5/0x540 [ 230.305853] ? vfs_unlink+0x510/0x510 [ 230.305869] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 230.305896] ? __follow_mount_rcu.isra.33.part.34+0x890/0x890 [ 230.305912] lookup_slow+0x57/0x80 [ 230.305933] walk_component+0x92b/0x25b0 [ 230.328207] ? inode_permission+0xb2/0x560 [ 230.332444] ? path_init+0x1ed0/0x1ed0 [ 230.336362] ? walk_component+0x25b0/0x25b0 [ 230.340444] overlayfs: unrecognized mount option "wor" or missing value [ 230.340689] ? save_stack+0xa9/0xd0 [ 230.351053] ? kasan_slab_alloc+0x12/0x20 [ 230.355193] ? kmem_cache_alloc+0x12e/0x730 [ 230.359548] ? getname_flags+0xd0/0x590 [ 230.363511] ? user_path_at_empty+0x2d/0x50 [ 230.368088] path_lookupat.isra.43+0x212/0xc00 [ 230.372661] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 230.377841] ? path_parentat.isra.41+0x160/0x160 [ 230.382852] ? usercopy_warn+0x110/0x110 [ 230.387175] ? kasan_check_read+0x11/0x20 [ 230.391335] ? do_raw_spin_unlock+0xa7/0x2f0 [ 230.395737] filename_lookup+0x26a/0x520 [ 230.399785] ? nd_jump_link+0x1d0/0x1d0 [ 230.403762] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 230.409420] ? digsig_verify+0x1530/0x1530 [ 230.413660] ? kmem_cache_alloc+0x306/0x730 [ 230.418003] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 230.424359] ? getname_flags+0x26e/0x590 [ 230.428427] user_path_at_empty+0x40/0x50 [ 230.432571] path_setxattr+0xd6/0x230 [ 230.436886] ? setxattr+0x450/0x450 [ 230.440501] ? trace_hardirqs_on+0xbd/0x310 [ 230.444817] ? __ia32_sys_read+0xb0/0xb0 [ 230.448868] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 230.454237] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 230.459938] __x64_sys_setxattr+0xc4/0x150 [ 230.464165] do_syscall_64+0x1b9/0x820 [ 230.468312] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 230.473862] ? syscall_return_slowpath+0x5e0/0x5e0 [ 230.479950] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 230.485068] ? trace_hardirqs_on_caller+0x310/0x310 [ 230.490083] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 230.495661] ? prepare_exit_to_usermode+0x291/0x3b0 [ 230.500792] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 230.505660] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 230.511118] RIP: 0033:0x457579 [ 230.514847] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 230.535056] RSP: 002b:00007f6fa503bc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 230.542758] RAX: ffffffffffffffda RBX: 00007f6fa503bc90 RCX: 0000000000457579 21:23:50 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x8) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x440, 0x0) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000200), &(0x7f0000000240)=0x14) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000100)={{{@in=@broadcast, @in=@broadcast}}, {{@in=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000080)=0xe8) msgsnd(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="a8eb02"], 0x1, 0x0) msgrcv(0x0, &(0x7f0000000200)=ANY=[], 0x0, 0x4, 0x0) 21:23:50 executing program 4 (fault-call:5 fault-nth:8): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) 21:23:50 executing program 5: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040)) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000080)={0x0, 0x0}) r1 = syz_open_procfs(r0, &(0x7f0000000000)='net/kcm\x00\b\x00') recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, &(0x7f0000000280), 0xe620f7d}}], 0x11fe5d3376fc68a, 0x0, &(0x7f0000003280)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)) write$eventfd(r1, &(0x7f0000000300)=0x8, 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x1f) r2 = socket$inet(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000240007031dfffd946fa2830020200a00090000000600000000ffffffff00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000240)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r1, &(0x7f00000002c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000180), r4, 0xff}}, 0x18) preadv(r3, &(0x7f00000017c0), 0x1a1, 0x4c000000) openat(r3, &(0x7f0000000140)='./file0\x00', 0x400, 0x0) 21:23:50 executing program 2: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0}) [ 230.550428] RDX: 00000000200006c0 RSI: 0000000020000680 RDI: 0000000020000640 [ 230.557689] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 230.565737] R10: 0000000000000014 R11: 0000000000000246 R12: 00007f6fa503c6d4 [ 230.573016] R13: 00000000004bddd0 R14: 00000000004d7140 R15: 0000000000000004 21:23:50 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=.']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 230.707213] netlink: 8 bytes leftover after parsing attributes in process `syz-executor5'. 21:23:50 executing program 2: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0}) [ 230.766461] overlayfs: workdir and upperdir must be separate subtrees [ 230.776008] overlayfs: './file0' not a directory [ 230.790673] FAULT_INJECTION: forcing a failure. [ 230.790673] name failslab, interval 1, probability 0, space 0, times 0 21:23:50 executing program 5: r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = memfd_create(&(0x7f0000000100)="9099f73a1c7a8d070fc9118d5475663b2ed16f0008f441b01fd923c640a21c6619ecb5cf774b4a64549d57962a838f8edd993560a2f848bc483a9d16f602d4739aa45b3d5930d1865232afa712497380f8733173c58546fb224a6dd2e652c54dc25570fce3a59c1ee353a2dcdd719edc15752cee6ea21a24186d1ba23b0b61719b96815f5cbbb9", 0x0) getsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000280)={@multicast2, @multicast2}, &(0x7f0000000300)=0x8) write(r2, &(0x7f0000000540)='i', 0x1) setsockopt$bt_hci_HCI_DATA_DIR(r2, 0x0, 0x1, &(0x7f0000000340)=0x5064, 0x4) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) mount(&(0x7f0000000200)=ANY=[], &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='anon_inodefs\x00', 0x0, &(0x7f00000001c0)="d00a52e2de29fbac197943a0656645325427f90ce725f39129d9fc67311714e5d63cba79c3bb9d8d7a24e648e17a109c66c9d54ec89b2772fbab5fc248c9cab7421270971111d5e4ac9426be8c16fcc0fad5e8acfb0ef1f60c554a1a283ad81920031babafa95e00cc03c2df260f540ac35c0e8206d3c81e2f2f109e19e2ad4c3ee2860bad34b7c597b405a42a3912ada98e532d3875cb5069a5") ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f00000002c0)={0x0, 0x80000, r2}) [ 230.846548] CPU: 1 PID: 8665 Comm: syz-executor4 Not tainted 4.19.0-rc6-next-20181003+ #86 [ 230.855001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.864378] Call Trace: [ 230.866995] dump_stack+0x1d3/0x2c4 [ 230.870654] ? dump_stack_print_info.cold.2+0x52/0x52 [ 230.875868] should_fail.cold.4+0xa/0x17 [ 230.879946] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 230.885059] ? check_same_owner+0x330/0x330 [ 230.889392] ? lock_release+0x970/0x970 [ 230.893378] ? lookup_one_len_unlocked+0xf1/0x100 [ 230.898232] ? mark_held_locks+0x130/0x130 [ 230.902472] ? __might_sleep+0x95/0x190 [ 230.906452] ? __getblk_gfp+0x129/0x1030 [ 230.910518] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 230.916061] ? ext4_es_lookup_extent+0x48f/0xdd0 [ 230.920828] ? fs_reclaim_acquire+0x20/0x20 [ 230.925425] ? lock_downgrade+0x900/0x900 [ 230.929581] ? check_same_owner+0x330/0x330 [ 230.933912] ? mark_held_locks+0x130/0x130 [ 230.938164] __should_failslab+0x124/0x180 [ 230.942415] should_failslab+0x9/0x14 [ 230.946238] kmem_cache_alloc+0x2be/0x730 [ 230.950394] ? trace_hardirqs_on+0xbd/0x310 [ 230.954724] ? kasan_check_read+0x11/0x20 [ 230.958870] ? __wake_up_common_lock+0x1d0/0x330 [ 230.963635] __d_alloc+0xc8/0xb90 [ 230.967095] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 230.972989] ? mark_held_locks+0x130/0x130 [ 230.978750] ? mark_held_locks+0x130/0x130 [ 230.983079] ? mark_held_locks+0x130/0x130 [ 230.987313] ? __wake_up_common+0x7d0/0x7d0 [ 230.992337] ? mark_held_locks+0x130/0x130 [ 230.997280] d_alloc+0x96/0x380 [ 231.000559] ? __d_alloc+0xb90/0xb90 [ 231.004276] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 231.009294] ? bpf_prog_kallsyms_find+0xde/0x4a0 [ 231.014057] ? modules_open+0xa0/0xa0 [ 231.017863] d_alloc_parallel+0x15a/0x1f40 [ 231.022106] ? mark_held_locks+0x130/0x130 [ 231.026354] ? __d_lookup_rcu+0xaa0/0xaa0 [ 231.030504] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 231.035442] ? kasan_check_read+0x11/0x20 [ 231.039590] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 231.045407] ? __d_lookup+0x591/0x9e0 [ 231.050347] ? lock_downgrade+0x900/0x900 [ 231.055636] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 231.061451] ? refcount_inc_not_zero_checked+0x2f0/0x2f0 [ 231.066904] ? unwind_get_return_address+0x61/0xa0 [ 231.071847] ? __lockdep_init_map+0x105/0x590 [ 231.076351] ? __lockdep_init_map+0x105/0x590 [ 231.080851] ? lockdep_init_map+0x9/0x10 [ 231.084916] ? __init_waitqueue_head+0x9e/0x150 [ 231.090109] ? init_wait_entry+0x1c0/0x1c0 [ 231.094351] ? lock_acquire+0x1ed/0x520 [ 231.098334] __lookup_slow+0x1e6/0x540 [ 231.102228] ? vfs_unlink+0x510/0x510 [ 231.106050] ? inode_permission+0xb2/0x560 [ 231.110288] lookup_slow+0x57/0x80 [ 231.113836] lookup_one_len_unlocked+0xf1/0x100 [ 231.118511] ? lookup_slow+0x80/0x80 [ 231.122236] ovl_lookup_index+0x1c9/0x700 [ 231.126389] ? ovl_get_index_fh+0x2d0/0x2d0 [ 231.130721] ? ovl_path_real+0x400/0x400 [ 231.134785] ? ovl_lookup+0x1178/0x29c0 [ 231.138761] ovl_lookup+0x9f2/0x29c0 [ 231.142489] ? ovl_path_next+0x2e0/0x2e0 [ 231.146555] ? ima_add_template_entry.cold.4+0x3c/0x3c [ 231.151856] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 231.157411] ? lockref_get_not_dead+0x70/0x90 [ 231.161911] ? __lockdep_init_map+0x105/0x590 [ 231.166424] ? lockdep_init_map+0x9/0x10 [ 231.170584] ? __init_waitqueue_head+0x9e/0x150 [ 231.175254] ? init_wait_entry+0x1c0/0x1c0 [ 231.179500] ? lock_acquire+0x1ed/0x520 [ 231.183493] __lookup_slow+0x2b5/0x540 [ 231.187412] ? vfs_unlink+0x510/0x510 [ 231.191220] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 231.196355] ? __follow_mount_rcu.isra.33.part.34+0x890/0x890 [ 231.202254] lookup_slow+0x57/0x80 [ 231.205802] walk_component+0x92b/0x25b0 [ 231.209869] ? inode_permission+0xb2/0x560 [ 231.214113] ? path_init+0x1ed0/0x1ed0 [ 231.218011] ? walk_component+0x25b0/0x25b0 [ 231.222351] ? save_stack+0xa9/0xd0 [ 231.225990] ? kasan_slab_alloc+0x12/0x20 [ 231.230138] ? kmem_cache_alloc+0x12e/0x730 [ 231.234459] ? getname_flags+0xd0/0x590 [ 231.238455] ? user_path_at_empty+0x2d/0x50 [ 231.242787] path_lookupat.isra.43+0x212/0xc00 [ 231.247378] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 231.252589] ? path_parentat.isra.41+0x160/0x160 [ 231.257354] ? usercopy_warn+0x110/0x110 [ 231.261429] ? kasan_check_read+0x11/0x20 [ 231.266041] ? do_raw_spin_unlock+0xa7/0x2f0 [ 231.271151] filename_lookup+0x26a/0x520 [ 231.275228] ? nd_jump_link+0x1d0/0x1d0 [ 231.279205] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 231.284752] ? digsig_verify+0x1530/0x1530 [ 231.289685] ? kmem_cache_alloc+0x306/0x730 [ 231.294016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 231.299566] ? getname_flags+0x26e/0x590 [ 231.303657] user_path_at_empty+0x40/0x50 [ 231.307810] path_setxattr+0xd6/0x230 [ 231.311631] ? setxattr+0x450/0x450 [ 231.315260] ? trace_hardirqs_on+0xbd/0x310 [ 231.319581] ? __ia32_sys_read+0xb0/0xb0 [ 231.323647] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.329016] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 231.334474] __x64_sys_setxattr+0xc4/0x150 [ 231.338715] do_syscall_64+0x1b9/0x820 [ 231.342606] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 231.347975] ? syscall_return_slowpath+0x5e0/0x5e0 [ 231.354041] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 231.358891] ? trace_hardirqs_on_caller+0x310/0x310 [ 231.363914] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 231.369199] ? prepare_exit_to_usermode+0x291/0x3b0 [ 231.374225] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 231.380036] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.386896] RIP: 0033:0x457579 [ 231.390094] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 231.408999] RSP: 002b:00007f6fa503bc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 231.416738] RAX: ffffffffffffffda RBX: 00007f6fa503bc90 RCX: 0000000000457579 [ 231.424034] RDX: 00000000200006c0 RSI: 0000000020000680 RDI: 0000000020000640 [ 231.431318] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 231.439485] R10: 0000000000000014 R11: 0000000000000246 R12: 00007f6fa503c6d4 21:23:50 executing program 3: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./file1']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0}) 21:23:50 executing program 1: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000001c0)='./file1\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=./file1,workdir=./fi']) creat(&(0x7f0000000080)='./file1/file0\x00', 0x0) chdir(&(0x7f0000000280)='./file0\x00') setxattr$security_capability(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)='security.capability\x00', &(0x7f00000006c0)=@v2, 0x14, 0x0) [ 231.446758] R13: 00000000004bddd0 R14: 00000000004d7140 R15: 0000000000000004 [ 231.494697] ================================================================== [ 231.494702] BUG: KASAN: slab-out-of-bounds in string+0x298/0x2d0 [ 231.494706] Read of size 1 at addr ffff8801cdaa5e3a by task syz-executor4/8665 [ 231.494707] [ 231.494712] CPU: 0 PID: 8665 Comm: syz-executor4 Not tainted 4.19.0-rc6-next-20181003+ #86 [ 231.494716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.494718] Call Trace: [ 231.494720] dump_stack+0x1d3/0x2c4 [ 231.494723] ? dump_stack_print_info.cold.2+0x52/0x52 [ 231.494726] ? printk+0xa7/0xcf [ 231.494728] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 231.494731] print_address_description.cold.8+0x9/0x1ff [ 231.494734] kasan_report.cold.9+0x242/0x309 [ 231.494736] ? string+0x298/0x2d0 [ 231.494739] __asan_report_load1_noabort+0x14/0x20 [ 231.494741] string+0x298/0x2d0 [ 231.494743] ? widen_string+0x2e0/0x2e0 [ 231.494746] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 231.494748] vsnprintf+0x48e/0x1b60 [ 231.494751] ? pointer+0x990/0x990 [ 231.494753] ? lock_release+0x970/0x970 [ 231.494755] vscnprintf+0x2d/0x80 [ 231.494757] vprintk_store+0x43/0x510 [ 231.494760] ? do_raw_spin_lock+0xc1/0x200 [ 231.494762] vprintk_emit+0x1c1/0x930 [ 231.494765] ? wake_up_klogd+0x180/0x180 [ 231.494767] ? __lookup_slow+0x312/0x540 [ 231.494769] ? ___ratelimit+0x36f/0x655 [ 231.494772] ? lock_downgrade+0x900/0x900 [ 231.494774] ? trace_hardirqs_on+0xbd/0x310 [ 231.494777] ? kasan_check_read+0x11/0x20 [ 231.494779] ? ___ratelimit+0x36f/0x655 [ 231.494782] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 231.494784] vprintk_default+0x28/0x30 [ 231.494786] vprintk_func+0x7e/0x181 [ 231.494788] printk+0xa7/0xcf [ 231.494791] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 231.494794] ovl_lookup_index.cold.14+0xe8/0x1f8 [ 231.494796] ? ovl_get_index_fh+0x2d0/0x2d0 [ 231.494799] ? ovl_path_real+0x400/0x400 [ 231.494801] ? ovl_lookup+0x1178/0x29c0 [ 231.494803] ovl_lookup+0x9f2/0x29c0 [ 231.494806] ? ovl_path_next+0x2e0/0x2e0 [ 231.494809] ? ima_add_template_entry.cold.4+0x3c/0x3c [ 231.494812] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 231.494814] ? lockref_get_not_dead+0x70/0x90 [ 231.494817] ? __lockdep_init_map+0x105/0x590 [ 231.494819] ? lockdep_init_map+0x9/0x10 [ 231.494822] ? __init_waitqueue_head+0x9e/0x150 [ 231.494824] ? init_wait_entry+0x1c0/0x1c0 [ 231.494827] ? lock_acquire+0x1ed/0x520 [ 231.494829] __lookup_slow+0x2b5/0x540 [ 231.494831] ? vfs_unlink+0x510/0x510 [ 231.494834] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 231.494838] ? __follow_mount_rcu.isra.33.part.34+0x890/0x890 [ 231.494840] lookup_slow+0x57/0x80 [ 231.494842] walk_component+0x92b/0x25b0 [ 231.494845] ? inode_permission+0xb2/0x560 [ 231.494847] ? path_init+0x1ed0/0x1ed0 [ 231.494850] ? walk_component+0x25b0/0x25b0 [ 231.494852] ? save_stack+0xa9/0xd0 [ 231.494854] ? kasan_slab_alloc+0x12/0x20 [ 231.494857] ? kmem_cache_alloc+0x12e/0x730 [ 231.494859] ? getname_flags+0xd0/0x590 [ 231.494862] ? user_path_at_empty+0x2d/0x50 [ 231.494864] path_lookupat.isra.43+0x212/0xc00 [ 231.494867] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 231.494870] ? path_parentat.isra.41+0x160/0x160 [ 231.494872] ? usercopy_warn+0x110/0x110 [ 231.494875] ? kasan_check_read+0x11/0x20 [ 231.494877] ? do_raw_spin_unlock+0xa7/0x2f0 [ 231.494880] filename_lookup+0x26a/0x520 [ 231.494882] ? nd_jump_link+0x1d0/0x1d0 [ 231.494885] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 231.494887] ? digsig_verify+0x1530/0x1530 [ 231.494890] ? kmem_cache_alloc+0x306/0x730 [ 231.494893] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 231.494895] ? getname_flags+0x26e/0x590 [ 231.494898] user_path_at_empty+0x40/0x50 [ 231.494900] path_setxattr+0xd6/0x230 [ 231.494902] ? setxattr+0x450/0x450 [ 231.494905] ? trace_hardirqs_on+0xbd/0x310 [ 231.494907] ? __ia32_sys_read+0xb0/0xb0 [ 231.494910] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.494913] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 231.494916] __x64_sys_setxattr+0xc4/0x150 [ 231.494918] do_syscall_64+0x1b9/0x820 [ 231.494921] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 231.494924] ? syscall_return_slowpath+0x5e0/0x5e0 [ 231.494926] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 231.494929] ? trace_hardirqs_on_caller+0x310/0x310 [ 231.494932] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 231.494935] ? prepare_exit_to_usermode+0x291/0x3b0 [ 231.494937] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 231.494940] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.494942] RIP: 0033:0x457579 [ 231.494951] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 231.494954] RSP: 002b:00007f6fa503bc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 231.494961] RAX: ffffffffffffffda RBX: 00007f6fa503bc90 RCX: 0000000000457579 [ 231.494964] RDX: 00000000200006c0 RSI: 0000000020000680 RDI: 0000000020000640 [ 231.494968] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 231.494972] R10: 0000000000000014 R11: 0000000000000246 R12: 00007f6fa503c6d4 [ 231.494975] R13: 00000000004bddd0 R14: 00000000004d7140 R15: 0000000000000004 [ 231.494977] [ 231.494979] Allocated by task 8665: [ 231.494981] save_stack+0x43/0xd0 [ 231.494983] kasan_kmalloc+0xc7/0xe0 [ 231.494985] __kmalloc+0x14e/0x760 [ 231.494988] ovl_get_index_name_fh+0x57/0x180 [ 231.494990] ovl_get_index_name+0x5c/0x80 [ 231.494992] ovl_lookup_index+0xe4/0x700 [ 231.494994] ovl_lookup+0x9f2/0x29c0 [ 231.494997] __lookup_slow+0x2b5/0x540 [ 231.494999] lookup_slow+0x57/0x80 [ 231.495001] walk_component+0x92b/0x25b0 [ 231.495003] path_lookupat.isra.43+0x212/0xc00 [ 231.495006] filename_lookup+0x26a/0x520 [ 231.495008] user_path_at_empty+0x40/0x50 [ 231.495010] path_setxattr+0xd6/0x230 [ 231.495012] __x64_sys_setxattr+0xc4/0x150 [ 231.495015] do_syscall_64+0x1b9/0x820 [ 231.495017] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.495019] [ 231.495021] Freed by task 6103: [ 231.495023] save_stack+0x43/0xd0 [ 231.495027] __kasan_slab_free+0x102/0x150 [ 231.495031] kasan_slab_free+0xe/0x10 [ 231.495034] kfree+0xcf/0x230 [ 231.495037] __vunmap+0x335/0x460 [ 231.495039] vfree+0x8b/0x140 [ 231.495042] __do_replace+0x8c4/0xad0 [ 231.495044] do_ip6t_set_ctl+0x49c/0x64b [ 231.495046] nf_setsockopt+0x7d/0xd0 [ 231.495049] ipv6_setsockopt+0x105/0x170 [ 231.495051] tcp_setsockopt+0x93/0xe0 [ 231.495053] sock_common_setsockopt+0x9a/0xe0 [ 231.495056] __sys_setsockopt+0x1ba/0x3c0 [ 231.495058] __x64_sys_setsockopt+0xbe/0x150 [ 231.495060] do_syscall_64+0x1b9/0x820 [ 231.495063] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 231.495064] [ 231.495068] The buggy address belongs to the object at ffff8801cdaa5e00 [ 231.495071] which belongs to the cache kmalloc-64 of size 64 [ 231.495074] The buggy address is located 58 bytes inside of [ 231.495077] 64-byte region [ffff8801cdaa5e00, ffff8801cdaa5e40) [ 231.495080] The buggy address belongs to the page: [ 231.495084] page:ffffea000736a940 count:1 mapcount:0 mapping:ffff8801da800340 index:0x0 [ 231.495088] flags: 0x2fffc0000000200(slab) [ 231.495092] raw: 02fffc0000000200 ffffea0006eb5e88 ffffea0007369dc8 ffff8801da800340 [ 231.495096] raw: 0000000000000000 ffff8801cdaa5000 0000000100000020 0000000000000000 [ 231.495099] page dumped because: kasan: bad access detected [ 231.495100] [ 231.495103] Memory state around the buggy address: [ 231.495107] ffff8801cdaa5d00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 231.495110] ffff8801cdaa5d80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 231.495114] >ffff8801cdaa5e00: 00 00 00 00 00 00 00 02 fc fc fc fc fc fc fc fc [ 231.495117] ^ [ 231.495121] ffff8801cdaa5e80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 231.495124] ffff8801cdaa5f00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 231.495128] ================================================================== [ 231.495131] Kernel panic - not syncing: panic_on_warn set ... [ 231.495133] [ 231.495137] CPU: 0 PID: 8665 Comm: syz-executor4 Tainted: G B 4.19.0-rc6-next-20181003+ #86 [ 231.495142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.495144] Call Trace: [ 231.495146] dump_stack+0x1d3/0x2c4 [ 231.495149] ? dump_stack_print_info.cold.2+0x52/0x52 [ 231.495151] ? lock_downgrade+0x900/0x900 [ 231.495153] panic+0x238/0x4e7 [ 231.495156] ? add_taint.cold.5+0x16/0x16 [ 231.495159] ? print_shadow_for_address+0xb6/0x116 [ 231.495161] ? trace_hardirqs_off+0xaf/0x310 [ 231.495163] kasan_end_report+0x47/0x4f [ 231.495166] kasan_report.cold.9+0x76/0x309 [ 231.495168] ? string+0x298/0x2d0 [ 231.495171] __asan_report_load1_noabort+0x14/0x20 [ 231.495173] string+0x298/0x2d0 [ 231.495175] ? widen_string+0x2e0/0x2e0 [ 231.495178] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 231.495180] vsnprintf+0x48e/0x1b60 [ 231.495183] ? pointer+0x990/0x990 [ 231.495185] ? lock_release+0x970/0x970 [ 231.495187] vscnprintf+0x2d/0x80 [ 231.495189] vprintk_store+0x43/0x510 [ 231.495192] ? do_raw_spin_lock+0xc1/0x200 [ 231.495194] vprintk_emit+0x1c1/0x930 [ 231.495196] ? wake_up_klogd+0x180/0x180 [ 231.495199] ? __lookup_slow+0x312/0x540 [ 231.495201] ? ___ratelimit+0x36f/0x655 [ 231.495204] ? lock_downgrade+0x900/0x900 [ 231.495206] ? trace_hardirqs_on+0xbd/0x310 [ 231.495208] ? kasan_check_read+0x11/0x20 [ 231.495211] ? ___ratelimit+0x36f/0x655 [ 231.495214] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 231.495216] vprintk_default+0x28/0x30 [ 231.495218] vprintk_func+0x7e/0x181 [ 231.495220] printk+0xa7/0xcf [ 231.495223] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 231.495226] ovl_lookup_index.cold.14+0xe8/0x1f8 [ 231.495228] ? ovl_get_index_fh+0x2d0/0x2d0 [ 231.495231] ? ovl_path_real+0x400/0x400 [ 231.495233] ? ovl_lookup+0x1178/0x29c0 [ 231.495235] ovl_lookup+0x9f2/0x29c0 [ 231.495238] ? ovl_path_next+0x2e0/0x2e0 [ 231.495240] ? ima_add_template_entry.cold.4+0x3c/0x3c [ 231.495243] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 231.495246] ? lockref_get_not_dead+0x70/0x90 [ 231.495249] ? __lockdep_init_map+0x105/0x590 [ 231.495251] ? lockdep_init_map+0x9/0x10 [ 231.495254] ? __init_waitqueue_head+0x9e/0x150 [ 231.495256] ? init_wait_entry+0x1c0/0x1c0 [ 231.495258] ? lock_acquire+0x1ed/0x520 [ 231.495261] __lookup_slow+0x2b5/0x540 [ 231.495263] ? vfs_unlink+0x510/0x510 [ 231.495266] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 231.495269] ? __follow_mount_rcu.isra.33.part.34+0x890/0x890 [ 231.495271] lookup_slow+0x57/0x80 [ 231.495273] walk_component+0x92b/0x25b0 [ 231.495276] ? inode_permission+0xb2/0x560 [ 231.495278] ? path_init+0x1ed0/0x1ed0 [ 231.495280] ? walk_component+0x25 [ 231.495285] Lost 45 message(s)!