[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 42.126185][ T27] audit: type=1800 audit(1547644764.706:25): pid=7911 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 42.170931][ T27] audit: type=1800 audit(1547644764.706:26): pid=7911 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 42.202528][ T27] audit: type=1800 audit(1547644764.706:27): pid=7911 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.254' (ECDSA) to the list of known hosts. 2019/01/16 13:19:36 fuzzer started 2019/01/16 13:19:39 dialing manager at 10.128.0.26:41245 2019/01/16 13:19:40 syscalls: 1 2019/01/16 13:19:40 code coverage: enabled 2019/01/16 13:19:40 comparison tracing: enabled 2019/01/16 13:19:40 setuid sandbox: enabled 2019/01/16 13:19:40 namespace sandbox: enabled 2019/01/16 13:19:40 Android sandbox: /sys/fs/selinux/policy does not exist 2019/01/16 13:19:40 fault injection: enabled 2019/01/16 13:19:40 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/01/16 13:19:40 net packet injection: enabled 2019/01/16 13:19:40 net device setup: enabled 13:22:46 executing program 0: syzkaller login: [ 243.799819][ T8073] IPVS: ftp: loaded support on port[0] = 21 13:22:46 executing program 1: [ 243.920391][ T8073] chnl_net:caif_netlink_parms(): no params data found [ 243.993372][ T8073] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.001706][ T8073] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.010304][ T8073] device bridge_slave_0 entered promiscuous mode [ 244.018864][ T8073] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.026465][ T8073] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.034857][ T8073] device bridge_slave_1 entered promiscuous mode [ 244.058803][ T8073] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 244.069281][ T8073] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 244.092282][ T8073] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 244.108784][ T8073] team0: Port device team_slave_0 added [ 244.122158][ T8077] IPVS: ftp: loaded support on port[0] = 21 [ 244.128979][ T8073] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 244.142648][ T8073] team0: Port device team_slave_1 added [ 244.155802][ T8073] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 244.165996][ T8073] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready 13:22:46 executing program 2: [ 244.277219][ T8073] device hsr_slave_0 entered promiscuous mode 13:22:47 executing program 3: [ 244.514190][ T8073] device hsr_slave_1 entered promiscuous mode 13:22:47 executing program 4: [ 244.594437][ T8073] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 244.602149][ T8073] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 244.642048][ T8079] IPVS: ftp: loaded support on port[0] = 21 [ 244.661565][ T8081] IPVS: ftp: loaded support on port[0] = 21 [ 244.678251][ T8073] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.685515][ T8073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 244.693292][ T8073] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.700390][ T8073] bridge0: port 1(bridge_slave_0) entered forwarding state [ 244.838765][ T8083] IPVS: ftp: loaded support on port[0] = 21 [ 244.897296][ T8077] chnl_net:caif_netlink_parms(): no params data found 13:22:47 executing program 5: [ 244.937715][ T8084] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.946065][ T8084] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.028247][ T8073] 8021q: adding VLAN 0 to HW filter on device bond0 [ 245.076883][ T8073] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 245.150747][ T8077] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.159259][ T8077] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.167159][ T8077] device bridge_slave_0 entered promiscuous mode [ 245.180718][ T8077] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.188137][ T8077] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.197002][ T8077] device bridge_slave_1 entered promiscuous mode [ 245.205886][ T8073] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 245.212780][ T8081] chnl_net:caif_netlink_parms(): no params data found [ 245.250317][ T8079] chnl_net:caif_netlink_parms(): no params data found [ 245.252931][ T8088] IPVS: ftp: loaded support on port[0] = 21 [ 245.279836][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 245.292065][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 245.328004][ T8073] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 245.334904][ T8073] 8021q: adding VLAN 0 to HW filter on device team0 [ 245.364839][ T8077] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 245.419559][ T8077] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 245.436220][ T8079] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.443295][ T8079] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.451457][ T8079] device bridge_slave_0 entered promiscuous mode [ 245.459461][ T8079] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.466585][ T8079] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.474664][ T8079] device bridge_slave_1 entered promiscuous mode [ 245.515696][ T8077] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 245.524318][ T8077] team0: Port device team_slave_0 added [ 245.530733][ T8077] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 245.538824][ T8077] team0: Port device team_slave_1 added [ 245.546065][ T8073] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 245.554938][ T8077] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 245.578220][ T8081] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.585473][ T8081] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.593117][ T8081] device bridge_slave_0 entered promiscuous mode [ 245.602580][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 245.611469][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 245.619897][ T8076] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.626962][ T8076] bridge0: port 1(bridge_slave_0) entered forwarding state [ 245.636144][ T8077] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 245.655783][ T8079] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 245.668721][ T8079] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 245.677811][ T8081] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.686007][ T8081] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.693659][ T8081] device bridge_slave_1 entered promiscuous mode [ 245.727564][ T8083] chnl_net:caif_netlink_parms(): no params data found [ 245.762050][ T8073] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 245.818233][ T8077] device hsr_slave_0 entered promiscuous mode [ 245.874165][ T8077] device hsr_slave_1 entered promiscuous mode [ 245.918875][ T8077] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 245.927441][ T8079] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 245.935562][ T8079] team0: Port device team_slave_0 added [ 245.947106][ T8081] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 245.956692][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 245.967074][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 245.976131][ T8076] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.983177][ T8076] bridge0: port 2(bridge_slave_1) entered forwarding state [ 245.993476][ T8073] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 246.008862][ T8077] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 246.016914][ T8079] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 246.028137][ T8079] team0: Port device team_slave_1 added [ 246.034288][ T8079] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 246.047639][ T8081] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 246.063287][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 246.096801][ T8079] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 246.118727][ T8081] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 246.127049][ T8081] team0: Port device team_slave_0 added [ 246.133318][ T8081] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 246.141624][ T8081] team0: Port device team_slave_1 added [ 246.148885][ T8073] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 246.177786][ T8081] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 246.186897][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 246.200491][ T8073] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 246.209376][ T8083] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.216620][ T8083] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.225214][ T8083] device bridge_slave_0 entered promiscuous mode [ 246.276065][ T8079] device hsr_slave_0 entered promiscuous mode [ 246.324120][ T8079] device hsr_slave_1 entered promiscuous mode [ 246.379187][ T8081] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 246.387762][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 246.396231][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 246.405377][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 246.414940][ T8083] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.422003][ T8083] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.429852][ T8083] device bridge_slave_1 entered promiscuous mode [ 246.446206][ T8079] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 246.470232][ T8077] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 246.490057][ T8079] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 246.500482][ T8083] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 246.518227][ T8073] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 246.528758][ T8073] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 246.557761][ T8083] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 246.607143][ T8081] device hsr_slave_0 entered promiscuous mode [ 246.644506][ T8081] device hsr_slave_1 entered promiscuous mode [ 246.685661][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 246.694343][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 246.702551][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 246.710872][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 246.721544][ T8073] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 246.741736][ T8088] chnl_net:caif_netlink_parms(): no params data found [ 246.751237][ T8081] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 246.759833][ T8081] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 246.770289][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 246.778571][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 246.789384][ T8073] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 246.796583][ T8073] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 246.848641][ T8079] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 246.856564][ T8083] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 246.864874][ T8083] team0: Port device team_slave_0 added [ 246.871360][ T8083] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 246.879642][ T8083] team0: Port device team_slave_1 added [ 246.912795][ T8083] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 246.921336][ T8083] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 246.943449][ T8088] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.950663][ T8088] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.959315][ T8088] device bridge_slave_0 entered promiscuous mode [ 246.967690][ T8088] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.974799][ T8088] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.982401][ T8088] device bridge_slave_1 entered promiscuous mode [ 247.012378][ T8077] 8021q: adding VLAN 0 to HW filter on device bond0 [ 247.033308][ T8073] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 247.051488][ T8088] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 247.061836][ T8088] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 247.073081][ T8077] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 247.116997][ T8083] device hsr_slave_0 entered promiscuous mode [ 247.154193][ T8083] device hsr_slave_1 entered promiscuous mode [ 247.196288][ T8081] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 247.217506][ T8077] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 247.230463][ T8083] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 247.248157][ T8088] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 247.256925][ T8088] team0: Port device team_slave_0 added [ 247.263396][ T8084] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 247.274573][ T8084] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 247.285104][ T8073] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 247.296116][ T8077] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 247.302886][ T8077] 8021q: adding VLAN 0 to HW filter on device team0 [ 247.310654][ T8083] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 247.326971][ T8088] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 247.335490][ T8088] team0: Port device team_slave_1 added [ 247.345593][ T8088] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 247.353724][ T8088] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 247.375821][ T8083] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 247.392654][ T8077] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 247.430109][ T8079] 8021q: adding VLAN 0 to HW filter on device bond0 [ 247.446042][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 247.459960][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 247.472765][ T17] bridge0: port 1(bridge_slave_0) entered blocking state 13:22:50 executing program 0: pipe(&(0x7f0000000880)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setstatus(r0, 0x4, 0x6000) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x80300, 0x0) ioctl$LOOP_SET_DIRECT_IO(r1, 0x4c08, 0x244e) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x10001}, &(0x7f0000000440)=0x8) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000480)={r2}, 0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/loop-control\x00', 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000280)) unshare(0x40000000) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/snapshot\x00', 0x0, 0x0) ioctl$sock_ifreq(0xffffffffffffffff, 0x0, &(0x7f0000000040)={'lo\x00', @ifru_names='bridge0\x00'}) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r4, 0x80dc5521, &(0x7f00000001c0)=""/153) pipe2(&(0x7f0000000640), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r4, 0xc0505350, &(0x7f0000000500)={{0x0, 0xaf}, {0x7fffffff, 0x2}, 0x4, 0x4, 0x157c}) clock_gettime(0x3, &(0x7f0000000080)) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) r5 = syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x5, 0x0) io_setup(0xfffffffffffffff4, &(0x7f0000000300)=0x0) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f00000000c0), 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000340)='/dev/sg#\x00', r0}, 0x10) io_cancel(r6, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x3, 0x80000001, r1, &(0x7f00000006c0), 0x0, 0x101, 0x0, 0x1, r0}, 0x0) ioctl$BLKTRACESTART(r1, 0x1274, 0x0) ioctl$TIOCGETD(r1, 0x5424, &(0x7f0000000780)) fcntl$getflags(r5, 0x40b) ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000000)={[], 0x0, 0x100, 0x279d}) [ 247.479929][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 247.489497][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 247.523331][ T8077] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 247.539528][ T8079] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 247.567226][ C1] hrtimer: interrupt took 30315 ns [ 247.575615][ T8098] sched: DL replenish lagged too much [ 247.591955][ T8098] IPVS: ftp: loaded support on port[0] = 21 [ 247.602669][ T8088] device hsr_slave_0 entered promiscuous mode [ 247.674221][ T8088] device hsr_slave_1 entered promiscuous mode [ 247.681251][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 247.691756][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 247.700222][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.707309][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 247.720524][ T8077] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 247.730967][ T8079] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 247.741670][ T8079] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 247.752627][ T8079] 8021q: adding VLAN 0 to HW filter on device team0 [ 247.792758][ T8088] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 247.800979][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 247.809687][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 247.817442][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 247.827545][ T8077] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 247.873084][ T8088] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 247.881815][ T8084] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 247.892609][ T8079] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 247.904575][ T8081] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.173587][ T8088] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 248.191362][ T8077] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 248.202461][ T8084] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 248.217776][ T8084] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 248.229376][ T8084] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.236470][ T8084] bridge0: port 1(bridge_slave_0) entered forwarding state [ 248.251203][ T8084] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 248.254205][ T8100] IPVS: ftp: loaded support on port[0] = 21 [ 248.259922][ T8084] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 248.276059][ T8079] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 248.290600][ T8084] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 248.299415][ T8084] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 248.314210][ T8084] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 248.322809][ T8084] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 248.332158][ T8084] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.339239][ T8084] bridge0: port 2(bridge_slave_1) entered forwarding state [ 248.350808][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready 13:22:51 executing program 0: pipe(&(0x7f0000000880)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setstatus(r0, 0x4, 0x6000) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x80300, 0x0) ioctl$LOOP_SET_DIRECT_IO(r1, 0x4c08, 0x244e) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x10001}, &(0x7f0000000440)=0x8) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000480)={r2}, 0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/loop-control\x00', 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000280)) unshare(0x40000000) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/snapshot\x00', 0x0, 0x0) ioctl$sock_ifreq(0xffffffffffffffff, 0x0, &(0x7f0000000040)={'lo\x00', @ifru_names='bridge0\x00'}) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r4, 0x80dc5521, &(0x7f00000001c0)=""/153) pipe2(&(0x7f0000000640), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r4, 0xc0505350, &(0x7f0000000500)={{0x0, 0xaf}, {0x7fffffff, 0x2}, 0x4, 0x4, 0x157c}) clock_gettime(0x3, &(0x7f0000000080)) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) r5 = syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x5, 0x0) io_setup(0xfffffffffffffff4, &(0x7f0000000300)=0x0) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f00000000c0), 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000340)='/dev/sg#\x00', r0}, 0x10) io_cancel(r6, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x3, 0x80000001, r1, &(0x7f00000006c0), 0x0, 0x101, 0x0, 0x1, r0}, 0x0) ioctl$BLKTRACESTART(r1, 0x1274, 0x0) ioctl$TIOCGETD(r1, 0x5424, &(0x7f0000000780)) fcntl$getflags(r5, 0x40b) ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000000)={[], 0x0, 0x100, 0x279d}) [ 248.474594][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 248.492059][ T8081] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 248.498888][ T8081] 8021q: adding VLAN 0 to HW filter on device team0 [ 248.514050][ T8077] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 248.531453][ T8077] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 248.542878][ T8077] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 248.558323][ T8077] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 248.572191][ T8077] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 248.583040][ T8103] IPVS: ftp: loaded support on port[0] = 21 [ 248.589349][ T8077] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 248.610518][ T8077] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 248.630893][ T8077] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 248.691725][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 248.700500][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 248.711131][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 248.722876][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 248.731430][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 248.739762][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 248.748127][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 248.756501][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 248.768559][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready 13:22:51 executing program 1: syz_emit_ethernet(0x3e, &(0x7f0000000500)={@link_local={0x1, 0x80, 0xc2, 0x2c000000}, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "093a06", 0x8, 0x3a, 0x0, @remote={0xfe, 0x7e, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff5]}, @mcast2, {[], @udp={0x0, 0x0, 0x8}}}}}}, 0x0) 13:22:51 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) close(0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) creat(&(0x7f0000000140)='./file0\x00', 0x0) clone(0x1ff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='f2fs\x00', 0x0, 0x0) [ 249.003177][ T2479] print_req_error: I/O error, dev loop1, sector 0 flags 0 [ 249.012100][ T8111] F2FS-fs (loop1): Unable to read 1th superblock [ 249.031843][ T2479] print_req_error: I/O error, dev loop1, sector 8 flags 0 [ 249.042979][ T8111] F2FS-fs (loop1): Unable to read 2th superblock [ 249.060677][ T2479] print_req_error: I/O error, dev loop1, sector 0 flags 0 [ 249.071012][ T8111] F2FS-fs (loop1): Unable to read 1th superblock [ 249.082628][ T2479] print_req_error: I/O error, dev loop1, sector 8 flags 0 [ 249.092668][ T8111] F2FS-fs (loop1): Unable to read 2th superblock [ 249.108926][ T2479] print_req_error: I/O error, dev loop1, sector 0 flags 0 [ 249.117507][ T8114] F2FS-fs (loop1): Unable to read 1th superblock [ 249.130761][ T2479] print_req_error: I/O error, dev loop1, sector 8 flags 0 [ 249.139780][ T8114] F2FS-fs (loop1): Unable to read 2th superblock [ 249.152278][ T2479] print_req_error: I/O error, dev loop1, sector 0 flags 0 13:22:51 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) close(0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) creat(&(0x7f0000000140)='./file0\x00', 0x0) clone(0x1ff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='f2fs\x00', 0x0, 0x0) [ 249.161444][ T8114] F2FS-fs (loop1): Unable to read 1th superblock [ 249.176245][ T2479] print_req_error: I/O error, dev loop1, sector 8 flags 0 [ 249.183604][ T8114] F2FS-fs (loop1): Unable to read 2th superblock [ 249.241856][ T8079] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 249.252299][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 249.267985][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 249.281398][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready 13:22:51 executing program 0: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x13, 0x10, 0x3}, 0x2c) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x5, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x3000000, 0x18, 0x0, 0x0, 0x0, 0x1000000}, [@map={0x18, 0x3, 0x1, 0x0, r0}], {0x95, 0xffffffff00000000}}, &(0x7f0000000440)='syzkaller\x00', 0x6, 0x21a, &(0x7f00000000c0)=""/144}, 0x48) [ 249.289887][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.296998][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 249.305234][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 249.322286][ T2478] print_req_error: I/O error, dev loop1, sector 0 flags 0 [ 249.325914][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 249.332742][ T8120] F2FS-fs (loop1): Unable to read 1th superblock [ 249.364663][ T8079] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 249.380540][ T2478] print_req_error: I/O error, dev loop1, sector 8 flags 0 13:22:52 executing program 0: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x13, 0x10, 0x3}, 0x2c) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x5, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x3000000, 0x18, 0x0, 0x0, 0x0, 0x1000000}, [@map={0x18, 0x3, 0x1, 0x0, r0}], {0x95, 0xffffffff00000000}}, &(0x7f0000000440)='syzkaller\x00', 0x6, 0x21a, &(0x7f00000000c0)=""/144}, 0x48) 13:22:52 executing program 1: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="5fb88c750196077aa3214bebc13f7d74ad4d9320611cf5a33f2a3f09e1c926359dcfe20001c781cb67f79cb0c6f5f4bf8ed60dce2176c22a20b22b9b24172b5569ec67906e7df93b05b19ba5360f2eab62812070fc181a2483366595113b240804d882a7dcd7ac4ba53e06d02558968b978122716d1823dcc7d40155c1bc1e8433f5ba15f5ee48c0ca941fce872e497d1377e2a5bde956f003caaf58c7520f82d7346c266e8ea70dab3bb7af6d78602a31ab8d232b07f6e3ef524b552ed88a1b1c02bc89f4f671855d40a2c1c173d4bb121bc86270c32d39c4c0d09a29b8983169914d8df86417a802b772bb638f72ccdcbb46267b5751816c77b6739f484292d5ca5e1bc4efee06f4e07e6a795faee2af27a8f212", 0x115, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100)) [ 249.412332][ T8120] F2FS-fs (loop1): Unable to read 2th superblock [ 249.423486][ T8120] F2FS-fs (loop1): Unable to read 1th superblock [ 249.424323][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 249.438908][ T8120] F2FS-fs (loop1): Unable to read 2th superblock [ 249.445180][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 249.454483][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 249.483539][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.490622][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.497771][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 249.510898][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 249.560828][ T8079] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 249.579795][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 249.596984][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 249.613536][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 249.623323][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 249.634611][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 249.645531][ T8083] 8021q: adding VLAN 0 to HW filter on device bond0 [ 249.655999][ T8079] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 249.667828][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 249.676768][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 249.686743][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 249.697684][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 249.709430][ T8088] 8021q: adding VLAN 0 to HW filter on device bond0 [ 249.718577][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 249.727869][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 249.737340][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 249.750752][ T8083] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 249.758927][ T8079] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 249.768975][ T8088] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 249.778204][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 249.787614][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 249.796353][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 249.804850][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 249.813316][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 249.830462][ T8079] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 249.842410][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 249.852241][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 249.861480][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 249.870408][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 249.879294][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 249.889420][ T8079] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 249.896560][ T8079] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 249.906904][ T8088] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 249.913914][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 249.921573][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 249.934774][ T8083] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 249.951010][ T8088] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 249.959397][ T8088] 8021q: adding VLAN 0 to HW filter on device team0 [ 249.966782][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 249.975344][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 249.985364][ T8081] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 249.996690][ T8079] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 250.004971][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 250.013317][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 250.022518][ T8083] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 250.029449][ T8083] 8021q: adding VLAN 0 to HW filter on device team0 [ 250.041318][ T8081] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 250.048533][ T8081] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 250.059866][ T8088] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 250.071875][ T8083] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 250.085648][ T8079] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 250.092770][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 250.101984][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 250.110801][ T2979] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.118001][ T2979] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.125895][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 250.134846][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 250.143084][ T2979] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.150181][ T2979] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.157930][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 250.165977][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 250.176931][ T8088] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 250.190480][ T8081] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 250.201110][ T8083] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 250.211950][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 250.224687][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 250.233079][ T8076] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.240155][ T8076] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.247983][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 250.256598][ T8076] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 250.265410][ T8076] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.272449][ T8076] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.284928][ T8088] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 250.295622][ T8088] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 250.307694][ T8083] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 250.323376][ T8083] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 250.334730][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 250.343392][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 250.353041][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 250.362159][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 250.373483][ T8088] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 250.386396][ T8081] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 250.397939][ T8083] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 250.412325][ T8088] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready 13:22:53 executing program 2: [ 250.420918][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 250.466844][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 250.481429][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 250.490323][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 250.506394][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 250.519204][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 250.542068][ T8088] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 250.552921][ T8083] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready 13:22:53 executing program 3: [ 250.577484][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 250.588900][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 250.604949][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 250.613241][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 250.622888][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 250.631633][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 250.650177][ T8088] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 250.661971][ T8088] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 250.680111][ T8088] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 250.689099][ T8088] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 250.719643][ T8083] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 250.727803][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 250.737007][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 250.745774][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 250.754248][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 250.850344][ T8088] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 250.860653][ T8083] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 250.874385][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 250.883237][ T2979] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 250.896672][ T8088] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 250.905970][ T8083] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 250.912723][ T8083] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 250.961313][ T8083] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 251.012762][ T8083] 8021q: adding VLAN 0 to HW filter on device batadv0 13:22:53 executing program 4: syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/net\x00') syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) 13:22:53 executing program 1: r0 = socket$inet(0x2, 0x3, 0x19) connect$inet(r0, &(0x7f0000001400)={0x2, 0x0, @loopback}, 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000400)="0adc1f023c123f3188a070") r2 = socket$inet(0x2, 0x3, 0x19) setsockopt$inet_mreqn(r2, 0x0, 0x27, &(0x7f0000000380)={@multicast2, @local}, 0xc) setsockopt$inet_mreqn(r0, 0x0, 0x12, 0x0, 0x0) 13:22:53 executing program 0: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000), 0x8, 0x0) r1 = epoll_create1(0x0) syz_open_dev$sndtimer(&(0x7f0000000080)='/dev/snd/timer\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f000001bff4)) syz_open_dev$sndtimer(0x0, 0x0, 0x0) 13:22:53 executing program 2: 13:22:53 executing program 3: 13:22:53 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/net/tun\x00', 0x12, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'nr0\x01\x00', 0x4006}) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r1) socketpair$unix(0x1, 0x10200000000001, 0x0, &(0x7f0000000500)) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000140)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&') write$cgroup_subtree(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="3cbe5e301d3cff47c611ffa1232fc0605b9736c542bc12198145f791d22a9377aa59fb6800c47840d4dc1e2089ff78ef33e6ca2346340b00d646e0062c19fe83da49c3a049bfac0a4c50e2fc41d05476fece682ec124c8093ef418f1ada9c897067091a0e3de006e974b98ea2e2b31fa065035ec12f1a01d49d974d8f3fdcfe1df34e32e9893bf0f2e3b4afeb18da0bfbf2ef22e9431ac3b811192b7c0bf0294669e15f47d2dabcace5a8d2fc7f35eee7fad959c143d180ce588854e1ad90c8107112d642760dca2547457a24f1b08e64feb82b4f08ca268aea185bf0cae511d1b9ff30a3eb30aa37a51885141c95b1ae2d21671078d789ecf63e66c8563c8692f49aae419629902875a181b46a1737e7d3a21ce2414e437"], 0x118) 13:22:53 executing program 2: 13:22:53 executing program 3: 13:22:53 executing program 4: 13:22:53 executing program 1: [ 251.316297][ T8156] device nr0 entered promiscuous mode 13:22:53 executing program 0: 13:22:53 executing program 3: 13:22:53 executing program 2: 13:22:54 executing program 1: 13:22:54 executing program 0: 13:22:54 executing program 4: 13:22:54 executing program 2: 13:22:54 executing program 5: 13:22:54 executing program 3: 13:22:54 executing program 1: 13:22:54 executing program 4: 13:22:54 executing program 0: 13:22:54 executing program 2: 13:22:54 executing program 3: 13:22:54 executing program 1: 13:22:54 executing program 5: 13:22:54 executing program 4: 13:22:54 executing program 0: 13:22:54 executing program 3: 13:22:54 executing program 1: 13:22:54 executing program 2: 13:22:54 executing program 5: 13:22:54 executing program 4: 13:22:54 executing program 0: 13:22:54 executing program 3: 13:22:54 executing program 1: 13:22:54 executing program 5: 13:22:54 executing program 4: 13:22:54 executing program 2: 13:22:54 executing program 3: 13:22:54 executing program 0: 13:22:54 executing program 1: 13:22:55 executing program 3: 13:22:55 executing program 0: 13:22:55 executing program 2: 13:22:55 executing program 1: 13:22:55 executing program 4: 13:22:55 executing program 5: 13:22:55 executing program 0: 13:22:55 executing program 2: 13:22:55 executing program 4: 13:22:55 executing program 3: 13:22:55 executing program 1: 13:22:55 executing program 5: 13:22:55 executing program 0: 13:22:55 executing program 2: 13:22:55 executing program 1: 13:22:55 executing program 3: 13:22:55 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000080)=@assoc_value, &(0x7f00000000c0)=0x8) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x100, 0x0) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f00000002c0), &(0x7f0000000300)=0x4) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, 0x0, &(0x7f0000000100)) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$TIPC_CMD_GET_NODES(r3, 0x0, 0x4000) inotify_rm_watch(0xffffffffffffffff, 0x0) clone(0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f0000000280)) openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/current\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000006c0)={0x6, 0x118, 0xfa00, {{0x0, 0x1, "531da063050ef10225415ece9b5260d2ec7232585bddf6997717aa3b7eb716be5bac916654ca0e94a80dbe0ff5e266242a3326b3ddd076fd2190a8c20af6366d32b99cfac67fdf2b843cc335ceacee2deb34cadd834be6fb6169aa23568a2cc051238e9cfa84b9e381a81275319bb44ec96b6c822add51a843ed5c0fc499daac25c49caf6ea1c2433676f2f8136208faa3876e11c40df20ce7d09fe067a8bab8b35cb20ec5ed282245446d5910146bd557fd69ee5e5af32e3616b2134fdbb0c5083065b210f5f1176eea4449fff2e1b35769112ff945c7d04ef3a1978f8d5fb3f3833ce3240213b828e637c6e02007d4d55536e2a72ca1860fc8a3fc43a2eb0b", 0x0, 0x4000000000, 0x7}}}, 0x120) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x81, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 13:22:55 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x1, 0x2) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x0) 13:22:55 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="0adc1f023d121d4288a070") sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x880823, 0x0) 13:22:55 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x400000000001, 0x2, 0x100000001, 0x8}, 0x2c) bpf$MAP_CREATE(0x2, &(0x7f0000000000)={0x3, 0x0, 0x77fffb, 0x0, 0x820005, 0x0}, 0x2c) 13:22:55 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:55 executing program 3: r0 = socket$inet(0x10, 0x200000003, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) exit_group(0x2) sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="240000002d0007031dfffd946fa28300cee60a0009000000001d85680c1ba3a2ff030000280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) prctl$PR_SET_FP_MODE(0x2d, 0x1) [ 252.989541][ T8264] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 13:22:55 executing program 4: sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @erspan={{0xc, 0x1, 'erspan\x00'}, {0xc, 0x2, [@gre_common_policy=[@IFLA_GRE_OFLAGS={0x8, 0x3, 0x59}]]}}}]}, 0x3c}}, 0x0) 13:22:55 executing program 2: setitimer(0x0, &(0x7f00003f8000)={{}, {0x0, 0x7530}}, 0x0) alarm(0x0) syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x3, &(0x7f0000000280)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x51, 0x54}}, &(0x7f0000000140)='GPL\x00', 0x1, 0x99, &(0x7f0000000180)=""/153}, 0x48) recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f0000001400)=@ipx, 0x80, &(0x7f0000000280)}}], 0x1, 0x0, 0x0) ioctl$void(0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00\x96\xab\xb5{\x02\xc3\xfb\xf6G;\xbe,^G\x13\x93Y\x19\x9fO\x83\x00\x00\x95\xe8\xe2664\xa9\\o\xcd\x96\xe6\x12\x1cB\x00\xe9D\x13\xb8G\x11~\xbf\xfd\x195\xa2\xa3\xc6\xbc\x17Or\xc5F\xe1\x9d\x8aF\xab\x9e\xda\x8a\xc8?^HR1G\xce\xc02AW\x9d4\x02=+\xcb>\xc2#\xd4\xbfJ!\xcc\xc5>\x8f\x12\x81\x9dD\x96\x1fi9a\xe6\xa2\x87\x95\xb8u\xb2.\x19$\xb1R\xe7Qt\xdf\xb9B\xb2\xa5\x89\xb8\xe4\xc4K\x1fL\xc4?\xe5~?Q\x7fC\xc5\xbaV\xe2\x87[`rr\x16\x1e\xf4\x11`.\xf1\xc2\x1d$\xed\xc8 \x8a-5\x96') preadv(r0, &(0x7f00000017c0), 0x1a4, 0x0) openat$vhci(0xffffffffffffff9c, 0x0, 0x0) 13:22:55 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x4000) getsockopt$inet6_tcp_int(r0, 0x6, 0x6, &(0x7f0000000080), &(0x7f00000000c0)=0x4) syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0xffffffffffffffff, 0x2) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x80046108, &(0x7f0000000140)) 13:22:55 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x80, 0x10) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000180)={0x10000, 0x0, &(0x7f0000ffc000/0x1000)=nil}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f00000000c0)={0x5, 0xf70, 0x8d}) openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x2001, 0x0) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) bind$nfc_llcp(r1, &(0x7f0000000000)={0x27, 0x40000, 0x0, 0x0, 0x0, 0x0, "9c893b5dd3dc683eb46cd46c895e0d2c8637bfb7c79f903539acac62743f8176e578ed3833c6ae57def86573968570a9bcaeb4189ca877074b5aa980dadc1b"}, 0x60) 13:22:55 executing program 4: r0 = socket$inet_smc(0x2b, 0x1, 0x0) fstatfs(r0, &(0x7f0000000040)) listen(r0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_to_bond\x00', @ifru_names='bcsh0\x00'}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x20000, 0x0) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x100, 0x0) fcntl$F_GET_FILE_RW_HINT(r2, 0x40d, &(0x7f00000004c0)) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='limits\x00') pipe2(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) ioctl$UDMABUF_CREATE_LIST(r1, 0x40087543, &(0x7f0000000140)={0x0, 0x4, [{r0, 0x0, 0x8000, 0x10000}, {r2, 0x0, 0xfffffffffffff000, 0x1002000}, {r3, 0x0, 0xfffff000}, {r4, 0x0, 0xfffff000, 0x10000a000}]}) getresuid(&(0x7f00000001c0), &(0x7f0000000200)=0x0, &(0x7f0000000240)) getgroups(0x2, &(0x7f0000000280)=[0x0, 0x0]) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast2, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@dev}}, &(0x7f00000003c0)=0xe8) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, &(0x7f0000000480)) write$P9_RSTATu(r5, &(0x7f0000000400)={0x71, 0x7d, 0x2, {{0x0, 0x56, 0x38b, 0x20, {0x10, 0x0, 0x1}, 0x300000, 0xffffffff80000001, 0x3, 0xffffffffffffff01, 0xf, ':keyringmd5sum-', 0x6, 'bcsh0\x00', 0x0, '', 0xe, 'veth0_to_bond\x00'}, 0x6, 'bcsh0\x00', r6, r7, r8}}, 0x71) [ 253.276024][ T8279] overlayfs: filesystem on './file0' not supported as upperdir 13:22:56 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:22:56 executing program 5: r0 = creat(&(0x7f0000000400)='./file0\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0) ioprio_get$uid(0x3, 0x0) pivot_root(&(0x7f00000001c0)='./file0\x00', 0x0) syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0x80c, 0x2000) ioctl$int_out(r0, 0x5460, &(0x7f0000000840)) getegid() ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000180)) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) mount$9p_rdma(&(0x7f00000003c0)='..7.0.0.1\x00', &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0xc004, &(0x7f0000000640)={'trans=rdma,', {'port', 0x3d, 0x4e21}, 0x2c, {[{@rq={'rq', 0x3d, 0x4}}, {@sq={'sq'}}, {@sq={'%q', 0x3d, 0x8}}, {@sq={'sq'}}, {@rq={'rq', 0x3d, 0x4}}, {@timeout={'timeout', 0x3d, 0x5}}], [{@fowner_gt={'fowner>'}}, {@smackfsroot={'smackfsroot', 0x3d, '/exe\x00\x00\xc1\x00\x00\x00\x00\x00\xe9\xff\a\x00\x00\x00\x00\x00\x00T\xfa\aBJ\xde\xe9\x16\xd2\xdau\xaf\xe7\v5\xa0\xfdj\x1f\x02\x00\xf5\xab&\xd7\xa0q\xfb53\x1c\xe3\x9cZehd\x10\x06\xd7\xc0 jt\xe33&S\x00'}}, {@subj_role={'subj_role'}}, {@fsmagic={'fsmagic', 0x3d, 0x9}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@fsname={'fsname', 0x3d, '\'-GPL'}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}], 0xc3ffffff}}) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000440)={&(0x7f0000000240), 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r2, 0x0, 0x70bd2d, 0x25dfdbfd, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x0, 0x0, 0x10000}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x41}, 0x4000) mount(&(0x7f0000000040)=ANY=[@ANYBLOB="3a3a010000e077833587f5b2"], &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x0, &(0x7f0000000140)='\xc6^-@\x00') fcntl$getown(r1, 0x9) ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000000000)) 13:22:56 executing program 0: mkdir(&(0x7f0000000440)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='fuse\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f75705f6964d9d96ffb843357400e4f0aa8b60600000000000000f133000000000000000000000000", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000480)={0xd9, 0x6, 0x0, {0x100000000000001, 0x0, 0xb0, 0x0, '\xe2\xabI&\xe1\xb7Y\nt\a\xc1\xd4\xdb\x1fR\x91\xdeK\xf1\xb1\xe4sn*\xdc\x13\x95\t9\xf4p:\x1b\t\xb1\xc0\x99I[{\f\xbc ;\xaf\xc4\x170\xf4\xae\xf9\x7fc\xae#\\\xe0\'\x89KD\x97O\xc1\x9d\xc9zkv4q\xa9\xa9\x1e\x8aPK\x01\x87\x8bZ\ah\xf4\x18bn\xf5 \x1c.\f\x8e\x06\xa8\r\xb5\v\xe6)<\x99N\xc4c\xec=#x\xb0Z\xfc\xf6\xa9\xb5\xdfV\xbd\x8bxo\xfd`\x14W\xca\xa1\xfeB\xe0\xdb\x1c\x8d\xc7\x83t-\xbd.\x80\x1b{`|\x1ah\xe4\xd9\xff\xfd\xe0\x90\x13\xd6&Zu\x1e,\x93f\xbeb\x1c\x8ed#\rq\xd9\\\xff\x8a\xe5*\x03'}}, 0xd9) 13:22:56 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:56 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:56 executing program 4: r0 = creat(&(0x7f0000000a00)='./bus\x00', 0x0) io_setup(0xb, &(0x7f0000000240)=0x0) io_submit(r1, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x10000, 0x407000}]) open(&(0x7f0000000000)='./bus\x00', 0x40, 0x102) lseek(r0, 0x0, 0x4) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000040)=0xffff) 13:22:56 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:22:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = socket$inet(0x10, 0x3, 0xc) r2 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r3 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r3, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x185387, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0x70000, &(0x7f0000ffc000/0x2000)=nil, 0x2) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="000000000000000070bce308c31da2922a9bcce5192f15ec91d374acb0a92645733561a994fe9e00d900000900ef1887b30e97addbab2a8c15df1e812de4ec2264b2da4e6ccb7d148c91033d617db13543c041ea1aaad38231f5697d1bbe5dc1d07a08a6435e4a05c4cd7e58531b625984956f0200e32e3fbdb69db6194f4ff19d0c83b1c251043b14a36a0b80f09e5937d6a876f1a80da7dc7f64f13bea152990d2401d00000000bb9f542c07eb668ba50525187a6f541f2fe2e06b53e19c174a44a772cba8a167e69c622f134539b652618630672682716fea7ec7a2a2"], 0x0, 0x0) ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, &(0x7f0000000840)) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, 0x0) syz_open_procfs$namespace(0x0, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000000907031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 253.812389][ T27] kauditd_printk_skb: 3 callbacks suppressed [ 253.812405][ T27] audit: type=1804 audit(1547644976.386:31): pid=8325 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor4" name="/root/syzkaller-testdir739130750/syzkaller.wjmUvw/13/bus" dev="sda1" ino=16572 res=1 13:22:56 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) [ 253.942647][ T8336] ceph: device name is missing path (no : separator in ::) 13:22:56 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:56 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') [ 254.076991][ T8340] netlink: 20 bytes leftover after parsing attributes in process `syz-executor0'. [ 254.273403][ T27] audit: type=1804 audit(1547644976.846:32): pid=8325 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor4" name="/root/syzkaller-testdir739130750/syzkaller.wjmUvw/13/bus" dev="sda1" ino=16572 res=1 13:22:56 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) [ 254.443926][ T27] audit: type=1804 audit(1547644977.006:33): pid=8350 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor4" name="/root/syzkaller-testdir739130750/syzkaller.wjmUvw/13/bus" dev="sda1" ino=16572 res=1 13:22:57 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:57 executing program 5: r0 = creat(&(0x7f0000000400)='./file0\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0) ioprio_get$uid(0x3, 0x0) pivot_root(&(0x7f00000001c0)='./file0\x00', 0x0) syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0x80c, 0x2000) ioctl$int_out(r0, 0x5460, &(0x7f0000000840)) getegid() ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000180)) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) mount$9p_rdma(&(0x7f00000003c0)='..7.0.0.1\x00', &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0xc004, &(0x7f0000000640)={'trans=rdma,', {'port', 0x3d, 0x4e21}, 0x2c, {[{@rq={'rq', 0x3d, 0x4}}, {@sq={'sq'}}, {@sq={'%q', 0x3d, 0x8}}, {@sq={'sq'}}, {@rq={'rq', 0x3d, 0x4}}, {@timeout={'timeout', 0x3d, 0x5}}], [{@fowner_gt={'fowner>'}}, {@smackfsroot={'smackfsroot', 0x3d, '/exe\x00\x00\xc1\x00\x00\x00\x00\x00\xe9\xff\a\x00\x00\x00\x00\x00\x00T\xfa\aBJ\xde\xe9\x16\xd2\xdau\xaf\xe7\v5\xa0\xfdj\x1f\x02\x00\xf5\xab&\xd7\xa0q\xfb53\x1c\xe3\x9cZehd\x10\x06\xd7\xc0 jt\xe33&S\x00'}}, {@subj_role={'subj_role'}}, {@fsmagic={'fsmagic', 0x3d, 0x9}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@fsname={'fsname', 0x3d, '\'-GPL'}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}], 0xc3ffffff}}) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000440)={&(0x7f0000000240), 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r2, 0x0, 0x70bd2d, 0x25dfdbfd, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x0, 0x0, 0x10000}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x41}, 0x4000) mount(&(0x7f0000000040)=ANY=[@ANYBLOB="3a3a010000e077833587f5b2"], &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x0, &(0x7f0000000140)='\xc6^-@\x00') fcntl$getown(r1, 0x9) ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000000000)) 13:22:57 executing program 4: r0 = creat(&(0x7f0000000a00)='./bus\x00', 0x0) io_setup(0xb, &(0x7f0000000240)=0x0) io_submit(r1, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x10000, 0x407000}]) open(&(0x7f0000000000)='./bus\x00', 0x40, 0x102) lseek(r0, 0x0, 0x4) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000040)=0xffff) 13:22:57 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) 13:22:57 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') [ 254.741960][ T27] audit: type=1804 audit(1547644977.316:34): pid=8364 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor4" name="/root/syzkaller-testdir739130750/syzkaller.wjmUvw/14/bus" dev="sda1" ino=16552 res=1 13:22:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = socket$inet(0x10, 0x3, 0xc) r2 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r3 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r3, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x185387, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0x70000, &(0x7f0000ffc000/0x2000)=nil, 0x2) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="000000000000000070bce308c31da2922a9bcce5192f15ec91d374acb0a92645733561a994fe9e00d900000900ef1887b30e97addbab2a8c15df1e812de4ec2264b2da4e6ccb7d148c91033d617db13543c041ea1aaad38231f5697d1bbe5dc1d07a08a6435e4a05c4cd7e58531b625984956f0200e32e3fbdb69db6194f4ff19d0c83b1c251043b14a36a0b80f09e5937d6a876f1a80da7dc7f64f13bea152990d2401d00000000bb9f542c07eb668ba50525187a6f541f2fe2e06b53e19c174a44a772cba8a167e69c622f134539b652618630672682716fea7ec7a2a2"], 0x0, 0x0) ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, &(0x7f0000000840)) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, 0x0) syz_open_procfs$namespace(0x0, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000000907031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) [ 254.880816][ T8363] ceph: device name is missing path (no : separator in ::) 13:22:57 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:57 executing program 5: r0 = creat(&(0x7f0000000400)='./file0\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0) ioprio_get$uid(0x3, 0x0) pivot_root(&(0x7f00000001c0)='./file0\x00', 0x0) syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0x80c, 0x2000) ioctl$int_out(r0, 0x5460, &(0x7f0000000840)) getegid() ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000180)) clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f00000000c0), 0xffffffffffffffff) mount$9p_rdma(&(0x7f00000003c0)='..7.0.0.1\x00', &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0xc004, &(0x7f0000000640)={'trans=rdma,', {'port', 0x3d, 0x4e21}, 0x2c, {[{@rq={'rq', 0x3d, 0x4}}, {@sq={'sq'}}, {@sq={'%q', 0x3d, 0x8}}, {@sq={'sq'}}, {@rq={'rq', 0x3d, 0x4}}, {@timeout={'timeout', 0x3d, 0x5}}], [{@fowner_gt={'fowner>'}}, {@smackfsroot={'smackfsroot', 0x3d, '/exe\x00\x00\xc1\x00\x00\x00\x00\x00\xe9\xff\a\x00\x00\x00\x00\x00\x00T\xfa\aBJ\xde\xe9\x16\xd2\xdau\xaf\xe7\v5\xa0\xfdj\x1f\x02\x00\xf5\xab&\xd7\xa0q\xfb53\x1c\xe3\x9cZehd\x10\x06\xd7\xc0 jt\xe33&S\x00'}}, {@subj_role={'subj_role'}}, {@fsmagic={'fsmagic', 0x3d, 0x9}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@fsname={'fsname', 0x3d, '\'-GPL'}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}], 0xc3ffffff}}) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000440)={&(0x7f0000000240), 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r2, 0x0, 0x70bd2d, 0x25dfdbfd, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x0, 0x0, 0x10000}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x41}, 0x4000) mount(&(0x7f0000000040)=ANY=[@ANYBLOB="3a3a010000e077833587f5b2"], &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x0, &(0x7f0000000140)='\xc6^-@\x00') fcntl$getown(r1, 0x9) ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000000000)) [ 254.988745][ T8376] netlink: 20 bytes leftover after parsing attributes in process `syz-executor0'. 13:22:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = socket$inet(0x10, 0x3, 0xc) r2 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r3 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r3, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x185387, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0x70000, &(0x7f0000ffc000/0x2000)=nil, 0x2) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="000000000000000070bce308c31da2922a9bcce5192f15ec91d374acb0a92645733561a994fe9e00d900000900ef1887b30e97addbab2a8c15df1e812de4ec2264b2da4e6ccb7d148c91033d617db13543c041ea1aaad38231f5697d1bbe5dc1d07a08a6435e4a05c4cd7e58531b625984956f0200e32e3fbdb69db6194f4ff19d0c83b1c251043b14a36a0b80f09e5937d6a876f1a80da7dc7f64f13bea152990d2401d00000000bb9f542c07eb668ba50525187a6f541f2fe2e06b53e19c174a44a772cba8a167e69c622f134539b652618630672682716fea7ec7a2a2"], 0x0, 0x0) ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, &(0x7f0000000840)) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, 0x0) syz_open_procfs$namespace(0x0, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000000907031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 13:22:57 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:22:57 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = socket$inet(0x10, 0x3, 0xc) r2 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r3 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r3, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x185387, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0x70000, &(0x7f0000ffc000/0x2000)=nil, 0x2) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="000000000000000070bce308c31da2922a9bcce5192f15ec91d374acb0a92645733561a994fe9e00d900000900ef1887b30e97addbab2a8c15df1e812de4ec2264b2da4e6ccb7d148c91033d617db13543c041ea1aaad38231f5697d1bbe5dc1d07a08a6435e4a05c4cd7e58531b625984956f0200e32e3fbdb69db6194f4ff19d0c83b1c251043b14a36a0b80f09e5937d6a876f1a80da7dc7f64f13bea152990d2401d00000000bb9f542c07eb668ba50525187a6f541f2fe2e06b53e19c174a44a772cba8a167e69c622f134539b652618630672682716fea7ec7a2a2"], 0x0, 0x0) ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, &(0x7f0000000840)) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, 0x0) syz_open_procfs$namespace(0x0, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="24000000000907031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 13:22:57 executing program 4: clone(0x0, &(0x7f0000000180), 0x0, 0x0, 0x0) r0 = getpid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000000)={0x1, r0}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000140)=0x0) wait4(r3, 0x0, 0x1040080000000, 0x0) 13:22:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x185387, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0x70000, &(0x7f0000ffc000/0x2000)=nil, 0x2) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="000000000000000070bce308c31da2922a9bcce5192f15ec91d374acb0a92645733561a994fe9e00d900000900ef1887b30e97addbab2a8c15df1e812de4ec2264b2da4e6ccb7d148c91033d617db13543c041ea1aaad38231f5697d1bbe5dc1d07a08a6435e4a05c4cd7e58531b625984956f0200e32e3fbdb69db6194f4ff19d0c83b1c251043b14a36a0b80f09e5937d6a876f1a80da7dc7f64f13bea152990d2401d00000000bb9f542c07eb668ba50525187a6f541f2fe2e06b53e19c174a44a772cba8a167e69c622f134539b652618630672682716fea7ec7a2a2"], 0x0, 0x0) ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, &(0x7f0000000840)) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, 0x0) syz_open_procfs$namespace(0x0, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:22:58 executing program 5: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000)) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x0, 0x0) getsockopt(r1, 0x1000, 0x20, &(0x7f0000000100)=""/255, &(0x7f0000000200)=0xff) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) getsockname(r1, &(0x7f0000000380)=@pppoe={0x18, 0x0, {0x0, @link_local}}, &(0x7f0000000400)=0x80) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000291000/0x400000)=nil, 0x400000}}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x3}) mq_timedsend(r1, &(0x7f0000000240)="4bd75a47feca9b6636bc72458dafaae5c8ea8465ade3fefc29cf8d7c8da15845f7ae37b8504a47b0c73b5de92c4cea8c375f8f6389811547ea8c6117b063ff6520317b1ad34a4f46ab0c64a600482adf6e12c8a903c2dfd6b212a8e4a2f53ee7dd174916d5054e9d2dd5dcd6eb4532d222eec4e38c81ba3280475be0636a32aba313421fbe0069db3dfa6bb89c3dd4c7b140ae243ab9b2616d2218d6129848c0dfdb23ba3536f9c5ac0cf12698c0b9bdfdd277fa3ce119766a91ac43be7abd6499cea1c699f4bc1bb9c8a508813ff24b6ef881766e5c61abf6af7eb48b3e33c0277ef58870fed8", 0xe7, 0x5, &(0x7f0000000340)={0x77359400}) 13:22:58 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:22:58 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:22:58 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:58 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:58 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:58 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:22:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x185387, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0x70000, &(0x7f0000ffc000/0x2000)=nil, 0x2) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="000000000000000070bce308c31da2922a9bcce5192f15ec91d374acb0a92645733561a994fe9e00d900000900ef1887b30e97addbab2a8c15df1e812de4ec2264b2da4e6ccb7d148c91033d617db13543c041ea1aaad38231f5697d1bbe5dc1d07a08a6435e4a05c4cd7e58531b625984956f0200e32e3fbdb69db6194f4ff19d0c83b1c251043b14a36a0b80f09e5937d6a876f1a80da7dc7f64f13bea152990d2401d00000000bb9f542c07eb668ba50525187a6f541f2fe2e06b53e19c174a44a772cba8a167e69c622f134539b652618630672682716fea7ec7a2a2"], 0x0, 0x0) ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, &(0x7f0000000840)) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, 0x0) syz_open_procfs$namespace(0x0, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:22:58 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:22:58 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:58 executing program 4: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhost-net\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/246, 0x0}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000640)='/dev/audio\x00', 0x0, 0x0) close(0xffffffffffffffff) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x4, 0x0) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x2, r1}) openat$tun(0xffffffffffffff9c, &(0x7f0000000780)='/dev/net/tun\x00', 0x20000, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)=ANY=[]) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000f1dff8)={0x0, r1}) ioctl$VHOST_NET_SET_BACKEND(r0, 0xaf02, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x3ff, &(0x7f0000000140)=0x0) io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x3, r1, 0x0, 0x0, 0x3ff, 0x0, 0x3, r2}]) r4 = creat(&(0x7f0000000080)='./bus\x00', 0xfffffffffffffffc) pwrite64(r4, &(0x7f0000000580)="7b5aa60acc88c08616733e70363856ede11e206a4b96d78ee276a11ae5e6f50ffcb759a388ffd05db6fd28f3ce796952fdf350273514743ff2c0ba06775532a146ebd4f4b5145717349e424c127d26a3facb75c7d0cab4585392597655f56cb9287374d2ae9d0c99d64dd24049cfd2e5329dc672bd78ba3ec3df635b6b148bb9dba456aef169352247503b247496c609af0d31a99db27980aa8de80480da12bf8720aca1e7e2ae0624a8ae60a33f7b4d7400b4ec5a17039439f0fb8f4af94a5b7dec6deb9f685384d0c81ea03f5a3b8e998671149a859b7859637504b283adc687006ef7118d619274c5dba11e81a1d2fb030533501904484e30ad1c57be7489dc4471aae0a8765e67a8b3e9bf1960f84c32c0da7437eb743a5e5f4ec7318f132e3992af170253c13e4d6fece04dd5bae1fef171796db16d566e47a4691ac13a75370ce8cc1370b7d6a4aee09d97a437fc4c7c2f341e3761d3db0ef4ec4d9c829a6e9bf2ae18e65f3163d5055f0f68f816f88ef27ccbd1c696c4d5b41528fe54bcdfeba85f7ea6d05691c6930a476ad4a9d7352ec2da80e52e716d7b3f61fc9fed452c9831b1b245ae6c6bdaa3ffaaae38950747ec6acf69175ead5c88931206ff941b9a829e6752b5ffe80cc1cf83eb33ecaee7298a45cbb1b6466f34edf1a1d7feb4d5180bf10eeafb60640b4ae8c02469ad00c69afda62824921e7095796a", 0x200, 0x0) ioctl$KDDISABIO(r1, 0x4b37) setsockopt$bt_BT_SNDMTU(r4, 0x112, 0xc, &(0x7f0000000000)=0x7, 0x2) fcntl$setstatus(r4, 0x4, 0x4401) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff) r5 = shmget$private(0x0, 0x4000, 0x54000200, &(0x7f0000ff9000/0x4000)=nil) shmctl$IPC_INFO(r5, 0x3, &(0x7f0000000100)=""/58) io_setup(0x9, &(0x7f0000000040)=0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) write$evdev(r4, &(0x7f0000000400)=[{{}, 0x16, 0xdc7, 0x7}, {{r7, r8/1000+30000}, 0x12, 0x74f8, 0x80000000}, {{r9, r10/1000+30000}, 0x1f, 0x6, 0x3}, {{r11, r12/1000+30000}, 0x1f, 0x1, 0x1f}, {{r13, r14/1000+10000}, 0x1f, 0x54, 0x3}, {{}, 0x15, 0x400, 0x8}, {{}, 0x5, 0x3, 0x7}, {{}, 0x15, 0x6, 0x4}], 0xc0) ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000180)=0x4) io_submit(r6, 0x33, &(0x7f0000000540)=[&(0x7f00000000c0)={0x2, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x377140be6b5ef4c7}]) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f00000001c0), &(0x7f0000000200)=0x4) 13:22:58 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:22:59 executing program 5: mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000)) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x0, 0x0) getsockopt(r1, 0x1000, 0x20, &(0x7f0000000100)=""/255, &(0x7f0000000200)=0xff) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) getsockname(r1, &(0x7f0000000380)=@pppoe={0x18, 0x0, {0x0, @link_local}}, &(0x7f0000000400)=0x80) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000291000/0x400000)=nil, 0x400000}}) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x3}) mq_timedsend(r1, &(0x7f0000000240)="4bd75a47feca9b6636bc72458dafaae5c8ea8465ade3fefc29cf8d7c8da15845f7ae37b8504a47b0c73b5de92c4cea8c375f8f6389811547ea8c6117b063ff6520317b1ad34a4f46ab0c64a600482adf6e12c8a903c2dfd6b212a8e4a2f53ee7dd174916d5054e9d2dd5dcd6eb4532d222eec4e38c81ba3280475be0636a32aba313421fbe0069db3dfa6bb89c3dd4c7b140ae243ab9b2616d2218d6129848c0dfdb23ba3536f9c5ac0cf12698c0b9bdfdd277fa3ce119766a91ac43be7abd6499cea1c699f4bc1bb9c8a508813ff24b6ef881766e5c61abf6af7eb48b3e33c0277ef58870fed8", 0xe7, 0x5, &(0x7f0000000340)={0x77359400}) 13:22:59 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:22:59 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:59 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:22:59 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x185387, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0x70000, &(0x7f0000ffc000/0x2000)=nil, 0x2) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="000000000000000070bce308c31da2922a9bcce5192f15ec91d374acb0a92645733561a994fe9e00d900000900ef1887b30e97addbab2a8c15df1e812de4ec2264b2da4e6ccb7d148c91033d617db13543c041ea1aaad38231f5697d1bbe5dc1d07a08a6435e4a05c4cd7e58531b625984956f0200e32e3fbdb69db6194f4ff19d0c83b1c251043b14a36a0b80f09e5937d6a876f1a80da7dc7f64f13bea152990d2401d00000000bb9f542c07eb668ba50525187a6f541f2fe2e06b53e19c174a44a772cba8a167e69c622f134539b652618630672682716fea7ec7a2a2"], 0x0, 0x0) ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, &(0x7f0000000840)) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(0xffffffffffffffff, 0xc10c5541, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:22:59 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:22:59 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:22:59 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:22:59 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x185387, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0x70000, &(0x7f0000ffc000/0x2000)=nil, 0x2) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="000000000000000070bce308c31da2922a9bcce5192f15ec91d374acb0a92645733561a994fe9e00d900000900ef1887b30e97addbab2a8c15df1e812de4ec2264b2da4e6ccb7d148c91033d617db13543c041ea1aaad38231f5697d1bbe5dc1d07a08a6435e4a05c4cd7e58531b625984956f0200e32e3fbdb69db6194f4ff19d0c83b1c251043b14a36a0b80f09e5937d6a876f1a80da7dc7f64f13bea152990d2401d00000000bb9f542c07eb668ba50525187a6f541f2fe2e06b53e19c174a44a772cba8a167e69c622f134539b652618630672682716fea7ec7a2a2"], 0x0, 0x0) ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, &(0x7f0000000840)) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 256.842933][ T8467] overlayfs: failed to resolve './file1': -2 13:22:59 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') [ 257.060162][ T8480] overlayfs: failed to resolve './file1': -2 [ 257.367586][ T8439] syz-executor4 (8439) used greatest stack depth: 17704 bytes left 13:23:00 executing program 1: mkdir(0x0, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:00 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:23:00 executing program 3: mkdir(0x0, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:00 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x102, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') r2 = getpid() perf_event_open(&(0x7f0000000380)={0x2, 0x70, 0x4, 0x5c, 0x3, 0x2, 0x0, 0x18, 0x400, 0x2, 0x7, 0x200, 0x1, 0x4, 0x1, 0x4, 0x10, 0x3, 0xfffffffffffffffc, 0x4804a9, 0x76, 0x40, 0x1, 0x9, 0xdf, 0x100, 0xfffffffffffff700, 0x3, 0x3ff, 0x400, 0xffffffff, 0x5, 0x6, 0x3, 0x0, 0x6, 0xe2, 0x1000, 0x0, 0x8001, 0x7, @perf_config_ext={0x5, 0x7}, 0x2010, 0x3ff, 0x6, 0x0, 0x9, 0x1, 0x6}, r2, 0x1, r0, 0x9) ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000000180)) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x204}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0xd4, r1, 0x4, 0x70bd2c, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0xb4, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x7fff, @local, 0x1}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @multicast2}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x9, @ipv4={[], [], @multicast1}, 0x8001}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5578fd1f}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x285}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}]}]}, @TIPC_NLA_BEARER={0xc, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xb4f}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x4000801}, 0x4000) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) fcntl$getownex(r3, 0x10, &(0x7f0000000340)) sendmsg$nl_xfrm(r3, &(0x7f0000000200)={&(0x7f0000000040), 0xc, &(0x7f00000001c0)={&(0x7f0000000640)=@polexpire={0xcc, 0x1b, 0xa01, 0x0, 0x0, {{{@in, @in6}}}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0xcc}}, 0x0) 13:23:00 executing program 4: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhost-net\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/246, 0x0}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000640)='/dev/audio\x00', 0x0, 0x0) close(0xffffffffffffffff) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x4, 0x0) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x2, r1}) openat$tun(0xffffffffffffff9c, &(0x7f0000000780)='/dev/net/tun\x00', 0x20000, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)=ANY=[]) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000f1dff8)={0x0, r1}) ioctl$VHOST_NET_SET_BACKEND(r0, 0xaf02, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x3ff, &(0x7f0000000140)=0x0) io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x3, r1, 0x0, 0x0, 0x3ff, 0x0, 0x3, r2}]) r4 = creat(&(0x7f0000000080)='./bus\x00', 0xfffffffffffffffc) pwrite64(r4, &(0x7f0000000580)="7b5aa60acc88c08616733e70363856ede11e206a4b96d78ee276a11ae5e6f50ffcb759a388ffd05db6fd28f3ce796952fdf350273514743ff2c0ba06775532a146ebd4f4b5145717349e424c127d26a3facb75c7d0cab4585392597655f56cb9287374d2ae9d0c99d64dd24049cfd2e5329dc672bd78ba3ec3df635b6b148bb9dba456aef169352247503b247496c609af0d31a99db27980aa8de80480da12bf8720aca1e7e2ae0624a8ae60a33f7b4d7400b4ec5a17039439f0fb8f4af94a5b7dec6deb9f685384d0c81ea03f5a3b8e998671149a859b7859637504b283adc687006ef7118d619274c5dba11e81a1d2fb030533501904484e30ad1c57be7489dc4471aae0a8765e67a8b3e9bf1960f84c32c0da7437eb743a5e5f4ec7318f132e3992af170253c13e4d6fece04dd5bae1fef171796db16d566e47a4691ac13a75370ce8cc1370b7d6a4aee09d97a437fc4c7c2f341e3761d3db0ef4ec4d9c829a6e9bf2ae18e65f3163d5055f0f68f816f88ef27ccbd1c696c4d5b41528fe54bcdfeba85f7ea6d05691c6930a476ad4a9d7352ec2da80e52e716d7b3f61fc9fed452c9831b1b245ae6c6bdaa3ffaaae38950747ec6acf69175ead5c88931206ff941b9a829e6752b5ffe80cc1cf83eb33ecaee7298a45cbb1b6466f34edf1a1d7feb4d5180bf10eeafb60640b4ae8c02469ad00c69afda62824921e7095796a", 0x200, 0x0) ioctl$KDDISABIO(r1, 0x4b37) setsockopt$bt_BT_SNDMTU(r4, 0x112, 0xc, &(0x7f0000000000)=0x7, 0x2) fcntl$setstatus(r4, 0x4, 0x4401) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff) r5 = shmget$private(0x0, 0x4000, 0x54000200, &(0x7f0000ff9000/0x4000)=nil) shmctl$IPC_INFO(r5, 0x3, &(0x7f0000000100)=""/58) io_setup(0x9, &(0x7f0000000040)=0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) write$evdev(r4, &(0x7f0000000400)=[{{}, 0x16, 0xdc7, 0x7}, {{r7, r8/1000+30000}, 0x12, 0x74f8, 0x80000000}, {{r9, r10/1000+30000}, 0x1f, 0x6, 0x3}, {{r11, r12/1000+30000}, 0x1f, 0x1, 0x1f}, {{r13, r14/1000+10000}, 0x1f, 0x54, 0x3}, {{}, 0x15, 0x400, 0x8}, {{}, 0x5, 0x3, 0x7}, {{}, 0x15, 0x6, 0x4}], 0xc0) ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000180)=0x4) io_submit(r6, 0x33, &(0x7f0000000540)=[&(0x7f00000000c0)={0x2, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x377140be6b5ef4c7}]) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f00000001c0), &(0x7f0000000200)=0x4) 13:23:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x185387, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0x70000, &(0x7f0000ffc000/0x2000)=nil, 0x2) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000840)=ANY=[@ANYBLOB="000000000000000070bce308c31da2922a9bcce5192f15ec91d374acb0a92645733561a994fe9e00d900000900ef1887b30e97addbab2a8c15df1e812de4ec2264b2da4e6ccb7d148c91033d617db13543c041ea1aaad38231f5697d1bbe5dc1d07a08a6435e4a05c4cd7e58531b625984956f0200e32e3fbdb69db6194f4ff19d0c83b1c251043b14a36a0b80f09e5937d6a876f1a80da7dc7f64f13bea152990d2401d00000000bb9f542c07eb668ba50525187a6f541f2fe2e06b53e19c174a44a772cba8a167e69c622f134539b652618630672682716fea7ec7a2a2"], 0x0, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 257.529462][ T8491] overlayfs: failed to resolve './file1': -2 [ 257.535714][ T8498] overlayfs: failed to resolve './file1': -2 13:23:00 executing program 5: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhost-net\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/246, 0x0}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000640)='/dev/audio\x00', 0x0, 0x0) close(0xffffffffffffffff) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x4, 0x0) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x2, r1}) openat$tun(0xffffffffffffff9c, &(0x7f0000000780)='/dev/net/tun\x00', 0x20000, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)=ANY=[]) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000f1dff8)={0x0, r1}) ioctl$VHOST_NET_SET_BACKEND(r0, 0xaf02, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x3ff, &(0x7f0000000140)=0x0) io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x3, r1, 0x0, 0x0, 0x3ff, 0x0, 0x3, r2}]) r4 = creat(&(0x7f0000000080)='./bus\x00', 0xfffffffffffffffc) pwrite64(r4, &(0x7f0000000580)="7b5aa60acc88c08616733e70363856ede11e206a4b96d78ee276a11ae5e6f50ffcb759a388ffd05db6fd28f3ce796952fdf350273514743ff2c0ba06775532a146ebd4f4b5145717349e424c127d26a3facb75c7d0cab4585392597655f56cb9287374d2ae9d0c99d64dd24049cfd2e5329dc672bd78ba3ec3df635b6b148bb9dba456aef169352247503b247496c609af0d31a99db27980aa8de80480da12bf8720aca1e7e2ae0624a8ae60a33f7b4d7400b4ec5a17039439f0fb8f4af94a5b7dec6deb9f685384d0c81ea03f5a3b8e998671149a859b7859637504b283adc687006ef7118d619274c5dba11e81a1d2fb030533501904484e30ad1c57be7489dc4471aae0a8765e67a8b3e9bf1960f84c32c0da7437eb743a5e5f4ec7318f132e3992af170253c13e4d6fece04dd5bae1fef171796db16d566e47a4691ac13a75370ce8cc1370b7d6a4aee09d97a437fc4c7c2f341e3761d3db0ef4ec4d9c829a6e9bf2ae18e65f3163d5055f0f68f816f88ef27ccbd1c696c4d5b41528fe54bcdfeba85f7ea6d05691c6930a476ad4a9d7352ec2da80e52e716d7b3f61fc9fed452c9831b1b245ae6c6bdaa3ffaaae38950747ec6acf69175ead5c88931206ff941b9a829e6752b5ffe80cc1cf83eb33ecaee7298a45cbb1b6466f34edf1a1d7feb4d5180bf10eeafb60640b4ae8c02469ad00c69afda62824921e7095796a", 0x200, 0x0) ioctl$KDDISABIO(r1, 0x4b37) setsockopt$bt_BT_SNDMTU(r4, 0x112, 0xc, &(0x7f0000000000)=0x7, 0x2) fcntl$setstatus(r4, 0x4, 0x4401) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff) r5 = shmget$private(0x0, 0x4000, 0x54000200, &(0x7f0000ff9000/0x4000)=nil) shmctl$IPC_INFO(r5, 0x3, &(0x7f0000000100)=""/58) io_setup(0x9, &(0x7f0000000040)=0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) write$evdev(r4, &(0x7f0000000400)=[{{}, 0x16, 0xdc7, 0x7}, {{r7, r8/1000+30000}, 0x12, 0x74f8, 0x80000000}, {{r9, r10/1000+30000}, 0x1f, 0x6, 0x3}, {{r11, r12/1000+30000}, 0x1f, 0x1, 0x1f}, {{r13, r14/1000+10000}, 0x1f, 0x54, 0x3}, {{}, 0x15, 0x400, 0x8}, {{}, 0x5, 0x3, 0x7}, {{}, 0x15, 0x6, 0x4}], 0xc0) ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000180)=0x4) io_submit(r6, 0x33, &(0x7f0000000540)=[&(0x7f00000000c0)={0x2, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x377140be6b5ef4c7}]) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f00000001c0), &(0x7f0000000200)=0x4) 13:23:00 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:00 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:00 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:23:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x185387, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0x70000, &(0x7f0000ffc000/0x2000)=nil, 0x2) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:00 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:00 executing program 4: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhost-net\x00', 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/246, 0x0}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000640)='/dev/audio\x00', 0x0, 0x0) close(0xffffffffffffffff) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x4, 0x0) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x2, r1}) openat$tun(0xffffffffffffff9c, &(0x7f0000000780)='/dev/net/tun\x00', 0x20000, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000007c0)=ANY=[]) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000f1dff8)={0x0, r1}) ioctl$VHOST_NET_SET_BACKEND(r0, 0xaf02, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x3ff, &(0x7f0000000140)=0x0) io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x3, r1, 0x0, 0x0, 0x3ff, 0x0, 0x3, r2}]) r4 = creat(&(0x7f0000000080)='./bus\x00', 0xfffffffffffffffc) pwrite64(r4, &(0x7f0000000580)="7b5aa60acc88c08616733e70363856ede11e206a4b96d78ee276a11ae5e6f50ffcb759a388ffd05db6fd28f3ce796952fdf350273514743ff2c0ba06775532a146ebd4f4b5145717349e424c127d26a3facb75c7d0cab4585392597655f56cb9287374d2ae9d0c99d64dd24049cfd2e5329dc672bd78ba3ec3df635b6b148bb9dba456aef169352247503b247496c609af0d31a99db27980aa8de80480da12bf8720aca1e7e2ae0624a8ae60a33f7b4d7400b4ec5a17039439f0fb8f4af94a5b7dec6deb9f685384d0c81ea03f5a3b8e998671149a859b7859637504b283adc687006ef7118d619274c5dba11e81a1d2fb030533501904484e30ad1c57be7489dc4471aae0a8765e67a8b3e9bf1960f84c32c0da7437eb743a5e5f4ec7318f132e3992af170253c13e4d6fece04dd5bae1fef171796db16d566e47a4691ac13a75370ce8cc1370b7d6a4aee09d97a437fc4c7c2f341e3761d3db0ef4ec4d9c829a6e9bf2ae18e65f3163d5055f0f68f816f88ef27ccbd1c696c4d5b41528fe54bcdfeba85f7ea6d05691c6930a476ad4a9d7352ec2da80e52e716d7b3f61fc9fed452c9831b1b245ae6c6bdaa3ffaaae38950747ec6acf69175ead5c88931206ff941b9a829e6752b5ffe80cc1cf83eb33ecaee7298a45cbb1b6466f34edf1a1d7feb4d5180bf10eeafb60640b4ae8c02469ad00c69afda62824921e7095796a", 0x200, 0x0) ioctl$KDDISABIO(r1, 0x4b37) setsockopt$bt_BT_SNDMTU(r4, 0x112, 0xc, &(0x7f0000000000)=0x7, 0x2) fcntl$setstatus(r4, 0x4, 0x4401) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff) r5 = shmget$private(0x0, 0x4000, 0x54000200, &(0x7f0000ff9000/0x4000)=nil) shmctl$IPC_INFO(r5, 0x3, &(0x7f0000000100)=""/58) io_setup(0x9, &(0x7f0000000040)=0x0) clock_gettime(0x0, &(0x7f0000000300)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) clock_gettime(0x0, &(0x7f00000003c0)={0x0, 0x0}) write$evdev(r4, &(0x7f0000000400)=[{{}, 0x16, 0xdc7, 0x7}, {{r7, r8/1000+30000}, 0x12, 0x74f8, 0x80000000}, {{r9, r10/1000+30000}, 0x1f, 0x6, 0x3}, {{r11, r12/1000+30000}, 0x1f, 0x1, 0x1f}, {{r13, r14/1000+10000}, 0x1f, 0x54, 0x3}, {{}, 0x15, 0x400, 0x8}, {{}, 0x5, 0x3, 0x7}, {{}, 0x15, 0x6, 0x4}], 0xc0) ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000180)=0x4) io_submit(r6, 0x33, &(0x7f0000000540)=[&(0x7f00000000c0)={0x2, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000000), 0x377140be6b5ef4c7}]) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f00000001c0), &(0x7f0000000200)=0x4) 13:23:00 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:00 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) mkdir(&(0x7f0000000040)='./file0\x00', 0xa) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(0xffffffffffffffff, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:23:00 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:00 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) openat$null(0xffffffffffffff9c, &(0x7f0000000300)='/dev/null\x00', 0x185387, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:01 executing program 5: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000139ff0)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10, &(0x7f0000002440)=[{&(0x7f00000024c0)="a2", 0x1}], 0x1}, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000140)={0x54}, 0x10) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x9c2a}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000100)={r1, 0x10001}, &(0x7f00000001c0)=0x8) sendmmsg$inet_sctp(r0, &(0x7f0000000080)=[{&(0x7f0000000180)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10, &(0x7f0000562000), 0x0, &(0x7f00000c3000)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x241}}], 0x20}], 0x4924924924924d0, 0x0) 13:23:01 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:01 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:23:01 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:01 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:01 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') [ 258.982422][ T8567] overlayfs: missing 'lowerdir' 13:23:01 executing program 4: r0 = syz_open_dev$binder(&(0x7f0000872936)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vfio/vfio\x00', 0x1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000080)={0x0, 0x5}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000001c0)={r2, 0xd476}, &(0x7f0000000200)=0xc) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0xc, 0x0, &(0x7f0000000040)=[@register_looper, @increfs={0x40046304, 0x2}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008fd0)={0x9, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0f630c40000000003241336f2bd95a3ad8acf1f92a592e01920ac490906147d0c9448a5112593689df8446c6bf9eafcfd60597ff24fee7a8b7619fe1dcf8fc090000f31ba80d8f201f61292fcf1dd3764547ea562259f727e4"], 0x0, 0x0, 0x0}) 13:23:01 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:01 executing program 5: r0 = syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") ioctl$SG_IO(r0, 0x5385, &(0x7f0000000240)={0x1, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f00000001c0)={0x3d, @rand_addr=0x3, 0x4e24, 0x0, 'wlc\x00', 0x25, 0x2, 0x70}, 0x2c) sendmsg$IPVS_CMD_DEL_DEST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)={0x104, r2, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_DAEMON={0x2c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x714}, @IPVS_CMD_ATTR_DAEMON={0x54, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x7fffffff}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x60, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x25}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3b}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast2}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x40}, 0x4) 13:23:01 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:23:01 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[]) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:01 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 259.334875][ T8575] overlayfs: missing 'lowerdir' [ 259.360376][ T8577] overlayfs: missing 'lowerdir' 13:23:02 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:23:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x3, 0x2) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r1, 0x28, &(0x7f0000000080)}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r2, 0x0) rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x9, 0x0}], 0x1, 0x0, 0x0, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0) 13:23:02 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[]) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:02 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB]) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') [ 259.431622][ T8585] binder: 8584:8585 ERROR: BC_REGISTER_LOOPER called without request 13:23:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000180)}, 0x10) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 259.514799][ T8593] binder: 8584:8593 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0 [ 259.522531][ T8585] binder: 8584:8585 IncRefs 0 refcount change on invalid ref 2 ret -22 [ 259.558738][ T8591] overlayfs: missing 'lowerdir' [ 259.636425][ T8600] overlayfs: missing 'lowerdir' 13:23:02 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB]) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:02 executing program 4: r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) read(r0, &(0x7f0000000240)=""/28, 0xfe30) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000400)={0xbf, @time}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0x40505330, &(0x7f0000000480)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = gettid() timer_create(0x0, &(0x7f00000000c0)={0x0, 0x8, 0x400000000800, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) tkill(r2, 0x1800000000014) 13:23:02 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:23:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x20) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 259.819023][ T8608] overlayfs: missing 'lowerdir' 13:23:02 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:02 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:02 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:23:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 260.049188][ T8624] overlayfs: unrecognized mount option "lowerdir" or missing value [ 260.082492][ T8626] overlayfs: unrecognized mount option "lowerdir" or missing value 13:23:02 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:23:02 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,wor']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:02 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,wor']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:02 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x3, 0x2) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r1, 0x28, &(0x7f0000000080)}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r2, 0x0) rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x9, 0x0}], 0x1, 0x0, 0x0, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0) 13:23:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 260.327801][ T8643] overlayfs: unrecognized mount option "wor" or missing value [ 260.343834][ T8641] overlayfs: unrecognized mount option "wor" or missing value 13:23:05 executing program 4: sched_setaffinity(0x0, 0x8, &(0x7f0000000140)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) read(r0, &(0x7f00000004c0)=""/187, 0xbb) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x201, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c) prctl$PR_MCE_KILL_GET(0x22) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000440)='vegas\x00', 0x8377c82a1d841f) sendto$inet6(r1, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/net/pfkey\x00', 0x200, 0x0) ioctl$KVM_SMI(r2, 0xaeb7) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x6}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000240)={r3, @in={{0x2, 0x4e21}}}, &(0x7f0000000300)=0x84) setsockopt$inet6_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000380), 0x4) r4 = gettid() timer_create(0x0, &(0x7f0000000000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000340), 0x0}}, &(0x7f0000044000)) syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x2, 0x2) syz_open_dev$admmidi(&(0x7f0000000180)='/dev/admmidi#\x00', 0x8, 0x1) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vga_arbiter\x00', 0x80000, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f00000003c0)) tkill(r4, 0x401104000000016) 13:23:05 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=.']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:05 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=.']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:05 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = userfaultfd(0x0) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r1) 13:23:05 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:05 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x3, 0x2) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000000c0)={r1, 0x28, &(0x7f0000000080)}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r2, 0x0) rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x9, 0x0}], 0x1, 0x0, 0x0, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0) 13:23:05 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() syz_open_dev$usb(&(0x7f0000000580)='/dev/bus/usb/00#/00#\x00', 0x0, 0x801) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 262.946776][ T8659] overlayfs: workdir and upperdir must be separate subtrees [ 262.957031][ T8660] overlayfs: workdir and upperdir must be separate subtrees 13:23:05 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(0xffffffffffffffff) 13:23:05 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./fi']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:05 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./fi']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:05 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) restart_syscall() clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:05 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(0xffffffffffffffff) 13:23:05 executing program 4: socketpair$unix(0x1, 0x80002, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x5, 0x701980) connect$vsock_dgram(r2, &(0x7f0000000100)={0x28, 0x0, 0x2711, @hyper}, 0x10) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) fchdir(r1) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x40, 0x0) setsockopt$ALG_SET_AEAD_AUTHSIZE(r3, 0x117, 0x5, 0x0, 0x3) r4 = fcntl$dupfd(r1, 0x0, r0) ioctl$TIOCOUTQ(r4, 0x5411, &(0x7f0000000040)) [ 263.211340][ T8679] overlayfs: failed to resolve './fi': -2 13:23:05 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) syz_mount_image$nfs(&(0x7f00000000c0)='nfs\x00', &(0x7f00000001c0)='./file0\x00', 0x402e, 0xa, &(0x7f0000000940)=[{&(0x7f0000000200)="51dcdbc5a8a99763d853732ed82af2bc5bb11490c20f58629e65d4aa57c5be81bb0430b8fac4ad32cef29f125863d6cab38ba68c923eb1114e304f4c452d045619ba882f6660f8215e1c7965c9edb7e9324a48c72d77c9acca7d6c3877e1678304b83a273233f31973b4e1c6de909a3f4a9c9c28ce419edd9b2970e4c28db4c9710f459ec75cc76042fedf8fff2d1396f225d3e5e8cf2f04e35a07b3", 0x9c, 0xfff}, {&(0x7f00000002c0)="b6b70ff7cd70113d33948a674a406f56b9da79802a3e24626b60a864fcb82da57bb19fd5c55ecd90712725e488aa83dd0639a5561d2593c6325727cb5555fc8b1cce9a589e3eedecdfbdbbeb28bca35617d9d448d208503e3423fc88ca81209b7f9b735b8b971d3eec4800c7477f3de42150902bc4d279772c6df568a316f8cf2728d978363a1974d63f39d60f60f43d9ed9a6c6a5d73fac59d7bb7c2ce9bbaa11c6ac63524b0b58f67a893fb86b023b5ead7985f11e15e11734c440009cc60e79577b2ae338339a899c47131d567bfa89f7e5d7c810e8", 0xd7, 0x7ff}, {&(0x7f00000003c0)="dbc96c210f3a216c6e00d3d038f5d00cad11c760f5ce7a98ef2a4d0880b7a1108522847952fd11efb93a0b1e1acdc5c1cca9db1c7ab15b153b265863accc0c4b45c5ea35375d9febbe3333dbd8193d7718861cc5c441130ca6466c4fd938bc89671cf6ed7cd088a659768fcd0d0c51d8b00b776815f28aadd3", 0x79, 0x5e6f5240}, {&(0x7f0000000440)="7b95f21a5f307a8bce18deab885a5c31178608b5035e478fc6117c782a2c586fa10d9e3c266f15c04d1f45f4a2eb87d7a3f19c87ea2b3476d3fb5e46cc2340eb03e70d8098e097bb18cf87312683f267be90fc091e92cb661b7d14abd3c186cdf81ff73fd4d38f7555915ed566dbf6e0fe8e8ff9590a574c43d55040a8", 0x7d, 0x8000}, {&(0x7f00000004c0)="f82259d242f22bed179d715c7f4f71c41a8d58675b3005ce6fe3da5a98674fd85d985048e418d932ec02e58b74f3563c3ec3594100f8b4e51d8ffe418fecaf7a70f4ffd59b4eea226114a61c202c9f87a4432076e1993f78c91aa5534041203c399122bf218bb96bff50f52f36af94a18faa8ae5e4088fbf0244d8272fbd425e16bc554c4d304cfba4ffbca0f75d7a07957643fbbe595c282f228fe5167add2843d03a4aee83b2cf83759535d3d0944e3b6b1649aa", 0xb5, 0x94}, {&(0x7f0000000580)="45a6175c337751751fa06b12f4532641a39568623d386a06cc9adf7dffdbcee8511f5a13e5586235fb64ed4b9f719723acc93c328c4d6086fd40542c1b1802663993e167ac3812ee1a4e836bafb787c223de32240c157c53b9d7506ae87db576c9fa04d2f95aa3b9de7e546102ef3caf9c13195e3416565d70555c", 0x7b, 0x3}, {&(0x7f0000000600)="4f5b19d53c89ef99bde5a0e68e7b30462eb6a4b34f76175644704ec7898e2d7257dc38f1838eab06d8bfe91feb306c6d45ba48c4cfa6ad3de4524e071fefea9fc0a9774fa6b1b16adb7df6343c6be49ac1c388619793f63730dc5d5b8bb690aee36d908073d7df78edf363a3f2bcc14a781c08f6d4559fa8bd00461edc2c47231c487868215a6d3aa459199f3fb12ab7bbf453aae9d399f41de7a7e66d85", 0x9e, 0x8}, {&(0x7f00000006c0)="f36128ccf6030891d14798af212562d18c6254d48f583eaebe92c28a8952d14103728517f71eb79fed926d0ab4630a7ede115b3a8653bc3720a2bb9a4bf39447a3d7ab3f0ffbe486d3099561204f0d06767b644b4d81f92e10832b896eef93ecbc3966355b5dc9137e09e7ea93306a16e546b57134c00932b13129698888e7a67a642ff3b6cdce16fa534800b0449322885d1beab21a81873b08c90695022ddda9d89a3fcaddc3fa762b28631aeb78475a96cefad9bf8620ebe6558fc19924af82b5574bd6f87e882b3d35f204e4711ab34fa9939247a4e412f9fadb9adc29828dc09ef8", 0xe4}, {&(0x7f00000007c0)="cda62d5c71b119707f7d80485d811041731040a1da36ce3ef4da879f43e88d079463333a75401b904b5cdc1a836ffa8a68ea6c13e5835ce5ca69c42c0e420cce2da0d2fc33053fb7ab2d88fc33e493a9ca3d2cb4809d7f7d6d2eda79fedbb50b1ed7835e9b133eb6283feac9cdd7f363a94779b24302db68afebbf191cdad9bf5e15bb501ae9fd8d925173602f4c11ea4e96cb43583033c92021ec47cc558f634e759e053a5f51b49adb338244e0f5581af90be74d0107b17ceca15631234e22273bac588b4dfe35697ae403c18a147b847def280137f4", 0xd7, 0x5}, {&(0x7f00000008c0)="32140b3375e89ac7d8fac89a9e810cb69d95112af667ffc6ba28687db132d451803eb4245fabd030caa5f147ba4f6cb8108f8045f5d40d231cf5ee75b1bcb3421cd104fc71d734d06dfe1a51351356d497", 0x51, 0xffffffff}], 0x80008, &(0x7f0000000a40)='hash\x00') r3 = socket$alg(0x26, 0x5, 0x0) write$binfmt_elf32(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="7f"], 0x1) bind$alg(r3, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-pclmul\x00'}, 0x58) r4 = accept4$alg(r3, 0x0, 0x0, 0x0) write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[], 0xfffffdea) splice(r1, 0x0, r4, 0x0, 0x20000000003, 0x0) ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000000)={0x80, "7098c571ff8efec9fd3b450b08de7648ccc3af43a8cbe47c2efcd2c45ffd2bbb", 0x1, 0x1}) [ 263.276187][ T8682] overlayfs: failed to resolve './fi': -2 13:23:05 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(0xffffffffffffffff) 13:23:05 executing program 4: io_setup(0x200, &(0x7f0000000000)=0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) io_pgetevents(r0, 0x3, 0x2, &(0x7f0000000040)=[{}, {}], &(0x7f00000000c0)={r1, r2+30000000}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000100)="0af51f023c123f3188a070") r4 = msgget(0x2, 0x0) msgctl$IPC_RMID(r4, 0x204) r5 = syz_open_dev$mouse(&(0x7f0000000300)='/dev/input/mouse#\x00', 0x40002, 0x100) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r3, 0x6612) ioctl$TIOCNXCL(r5, 0x540d) ioctl$SG_GET_VERSION_NUM(r5, 0x2282, &(0x7f0000000180)) ioctl(r3, 0xfff, &(0x7f00000001c0)="756e6745a2ba193e77beb33119b679f7597e0df2613c7d6eb31db265e96aaabdde4658ebb739043c982074c6b1cb64d3dad61f2a139e00e71f196b3e206a1839c2f70e87597f76f6cd4e0057f30fee57d16c777f7dcd5f37c6e240c12e0a23ca718c64dd01824627ef363d1928543c6a57393907ec2956daeda5db672414c530df6582dbb23e8a84823bc620690b6159c55780a670a1a282511eefd1e2f9c84707c4e2310a25037c56f5e87b6245831dac56af445df9801ffb0674121aceeb5dc6e8ecfcec9d3c8898aae2a195eab5f2b218af790666b8930abc3504894c9b4799ca4dc06d72b5c112d1a8b3bfb3626e2a5b6dc110c191483eaa0a58bf64") 13:23:05 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:06 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x0) ioctl$FIGETBSZ(r2, 0x2, &(0x7f0000000480)) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:06 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') [ 263.474317][ T8706] overlayfs: failed to resolve './file': -2 13:23:06 executing program 2: socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000080)) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:06 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) syz_open_dev$sndtimer(0x0, 0x0, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 263.564869][ T8713] overlayfs: failed to resolve './file': -2 13:23:06 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x14, 0x4, 0x8, 0xfff}, 0x2c) openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x642040, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r0, &(0x7f00000004c0), 0x0}, 0x18) fanotify_init(0x4d, 0x80000) 13:23:06 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(0x0, &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:06 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x0, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000013c0)={{{@in=@local, @in6=@mcast2}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f00000014c0)=0xe8) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000000)) ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x0) add_key(&(0x7f0000000840)='.dead\x00', &(0x7f0000000880), &(0x7f0000000980), 0x0, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000680)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x3c, 0x0, @in6={0xa, 0x4e21}}}, 0x90) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000000bc0)={@sco, {&(0x7f0000000ac0)=""/228, 0xe4}, &(0x7f00000008c0), 0x6}, 0xa0) socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x5, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4001, 0x0, @local, @dev}}}}}}, &(0x7f0000000000)) r1 = getpid() capset(&(0x7f0000000200)={0x200f1526, r1}, &(0x7f00000002c0)={0x2, 0x0, 0xc3, 0x400, 0x0, 0x7}) mknod(&(0x7f0000000a00)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000000100)='./file0\x00', &(0x7f00000006c0), &(0x7f0000000640)=[&(0x7f0000000240)=']\x00']) kexec_load(0xd4, 0x5, &(0x7f0000000740)=[{&(0x7f0000000300)="fc851099deee1ba4ab6d6aab39cb0cd59de9be99ed8f36d1867acfa581a2eb8fda1ea3b054600251e64fc9270430eff600ca4538d708ec71ac67a7e64a08f04adaa85cdc7af48d04555cb081c86d86b1a70813ae409bff34729750a61cab27432153e20f17372db940329a8d5e618f40cc02109311096bbaeb7451cf3755b6cf3c9519e78c7aaad2722624246be2a7e65c98ba502b8256c199fe67ffbe5591d5c88eb81b7f634f203b78e0f30a4433476619ac82b932d575100a356ce8772880e271e0ba849982e39445e52d19e3", 0xce, 0x8001, 0x401}, {&(0x7f0000000080), 0x0, 0x5, 0x4f}, {&(0x7f0000000140)="174ba6034e9b0fb08f4256c899e6074420d656d2d26e80c890c53331d0dabd0cf69271322c06a9d3a53aad7cef03c4c4d8a8cca3e4459795f745f36d062c9fd47a2798909142614796232d22bf3917c9908b560f53ba678c2e2339594e1461e2a5c10e9e455aa113e163c9a44a67f1fb3818a6dd33b7900c8aef617e2584b6ad5e7110280d800878d3887fb8", 0x8c, 0x10001, 0x3}, {&(0x7f0000000500)="429e360de711e15dcd317dd9d47c92445e4485fbc9cd789a373e39cd05ad4585b73cc8bede5a44e00895a90a8488e03e3222e61ce32af7ade47c56e07be130676df02be79787e1b3e92c9bda97ab3edea1ca462bcb213f503eec7d0c6fc792451fe2d86dcdafbc8464a0c46524ecedf1b8a71f5b6603f40a692c8f90cd2a67529c1c60bc78f49d3ecb3849fe581f7ab806400b8a364185fc882b99494d13ac83fafed9c2ea6b0ac0b7563255e7d47ce6fdf431abd590b861c7fc3c47c2c4b03c223fa676e7a78835f8b306b0d5f2410725eed87e3b962da20b88426d41e0b2acbf52e548", 0xe4, 0xff, 0x66c93510}, {&(0x7f0000000400)="fe8652df13fbb7e89eac2928e8810ac0ffd387269c5f4e2aa18dc9bb4a8ba8b94fb9c7a7d522c7b37dd86fbf52d28a50257efa63a5c5eb740dc0f3c5523cfd3076aaebfcb4bcec2cd76af0556a4f9f5d15c5840b460b97ad7df1c478775be6d30cd9b0ea3ee36b172dc5256b1c74189df24663bb209464680782e370a1389a07cb17bc42ba31992eb3a509711cf63f96dee3e715ae60d6f7e6d6ea0bcef2d6cc822909274261cae1caff343c", 0xac, 0x6, 0x8000}], 0xa0000) lsetxattr$security_smack_entry(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='security.SMACK64IPIN\x00', &(0x7f00000004c0)='keyring-)em0[vboxnet1security\x00', 0x1e, 0x0) 13:23:06 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(0x0, &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:06 executing program 5: recvmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{0x0, 0x0, 0x0}, 0x7}, {{&(0x7f00000023c0)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f00000025c0)=[{&(0x7f0000002440)=""/186, 0xba}, {&(0x7f0000002500)=""/21, 0x15}], 0x2}, 0x4}], 0x2, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="000200000000578999f36852fc3c0bad2c477c9b1470a3"]) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000180)={0x0, 0x36, "d915bfdd6fab3c73dfdf9168e2191f2d736a529bfd8107a2a6379353a6606e44afcaf31f1adde1ed9be140df843687abd4448db20973"}, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x50000, 0x0) ioctl$BLKROGET(r3, 0x125e, &(0x7f00000001c0)) openat(r3, &(0x7f0000000200)='./file0\x00', 0x20000, 0x60) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000240)={r2}, 0x0) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x9, 0x200000) bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00'}, 0x58) socket$caif_stream(0x25, 0x1, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r5 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003e80), 0x0, 0x0) recvmmsg(r5, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x167, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x3ed, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000000c0)={r4, @in6={{0xa, 0x4e21, 0x0, @remote, 0x2}}, 0xffffffffffff0000, 0xff}, 0x141) 13:23:06 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:06 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', 0x0) rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:06 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', 0x0) rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:06 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x0, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000013c0)={{{@in=@local, @in6=@mcast2}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f00000014c0)=0xe8) ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, &(0x7f0000000000)) ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x0) add_key(&(0x7f0000000840)='.dead\x00', &(0x7f0000000880), &(0x7f0000000980), 0x0, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000680)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x3c, 0x0, @in6={0xa, 0x4e21}}}, 0x90) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000000bc0)={@sco, {&(0x7f0000000ac0)=""/228, 0xe4}, &(0x7f00000008c0), 0x6}, 0xa0) socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x5, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4001, 0x0, @local, @dev}}}}}}, &(0x7f0000000000)) r1 = getpid() capset(&(0x7f0000000200)={0x200f1526, r1}, &(0x7f00000002c0)={0x2, 0x0, 0xc3, 0x400, 0x0, 0x7}) mknod(&(0x7f0000000a00)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000000100)='./file0\x00', &(0x7f00000006c0), &(0x7f0000000640)=[&(0x7f0000000240)=']\x00']) kexec_load(0xd4, 0x5, &(0x7f0000000740)=[{&(0x7f0000000300)="fc851099deee1ba4ab6d6aab39cb0cd59de9be99ed8f36d1867acfa581a2eb8fda1ea3b054600251e64fc9270430eff600ca4538d708ec71ac67a7e64a08f04adaa85cdc7af48d04555cb081c86d86b1a70813ae409bff34729750a61cab27432153e20f17372db940329a8d5e618f40cc02109311096bbaeb7451cf3755b6cf3c9519e78c7aaad2722624246be2a7e65c98ba502b8256c199fe67ffbe5591d5c88eb81b7f634f203b78e0f30a4433476619ac82b932d575100a356ce8772880e271e0ba849982e39445e52d19e3", 0xce, 0x8001, 0x401}, {&(0x7f0000000080), 0x0, 0x5, 0x4f}, {&(0x7f0000000140)="174ba6034e9b0fb08f4256c899e6074420d656d2d26e80c890c53331d0dabd0cf69271322c06a9d3a53aad7cef03c4c4d8a8cca3e4459795f745f36d062c9fd47a2798909142614796232d22bf3917c9908b560f53ba678c2e2339594e1461e2a5c10e9e455aa113e163c9a44a67f1fb3818a6dd33b7900c8aef617e2584b6ad5e7110280d800878d3887fb8", 0x8c, 0x10001, 0x3}, {&(0x7f0000000500)="429e360de711e15dcd317dd9d47c92445e4485fbc9cd789a373e39cd05ad4585b73cc8bede5a44e00895a90a8488e03e3222e61ce32af7ade47c56e07be130676df02be79787e1b3e92c9bda97ab3edea1ca462bcb213f503eec7d0c6fc792451fe2d86dcdafbc8464a0c46524ecedf1b8a71f5b6603f40a692c8f90cd2a67529c1c60bc78f49d3ecb3849fe581f7ab806400b8a364185fc882b99494d13ac83fafed9c2ea6b0ac0b7563255e7d47ce6fdf431abd590b861c7fc3c47c2c4b03c223fa676e7a78835f8b306b0d5f2410725eed87e3b962da20b88426d41e0b2acbf52e548", 0xe4, 0xff, 0x66c93510}, {&(0x7f0000000400)="fe8652df13fbb7e89eac2928e8810ac0ffd387269c5f4e2aa18dc9bb4a8ba8b94fb9c7a7d522c7b37dd86fbf52d28a50257efa63a5c5eb740dc0f3c5523cfd3076aaebfcb4bcec2cd76af0556a4f9f5d15c5840b460b97ad7df1c478775be6d30cd9b0ea3ee36b172dc5256b1c74189df24663bb209464680782e370a1389a07cb17bc42ba31992eb3a509711cf63f96dee3e715ae60d6f7e6d6ea0bcef2d6cc822909274261cae1caff343c", 0xac, 0x6, 0x8000}], 0xa0000) lsetxattr$security_smack_entry(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='security.SMACK64IPIN\x00', &(0x7f00000004c0)='keyring-)em0[vboxnet1security\x00', 0x1e, 0x0) 13:23:06 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:06 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(0x0, &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:06 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(0x0, &(0x7f0000000340)='./file0/file0\x00') 13:23:06 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:06 executing program 4: setxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='trusted.overlay.upper\x00', &(0x7f0000000080)='(\x00', 0x2, 0x2) socket$inet(0x28, 0x7, 0x8) 13:23:06 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:07 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:07 executing program 5: recvmmsg(0xffffffffffffffff, &(0x7f00000038c0)=[{{0x0, 0x0, 0x0}, 0x7}, {{&(0x7f00000023c0)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f00000025c0)=[{&(0x7f0000002440)=""/186, 0xba}, {&(0x7f0000002500)=""/21, 0x15}], 0x2}, 0x4}], 0x2, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="000200000000578999f36852fc3c0bad2c477c9b1470a3"]) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000180)={0x0, 0x36, "d915bfdd6fab3c73dfdf9168e2191f2d736a529bfd8107a2a6379353a6606e44afcaf31f1adde1ed9be140df843687abd4448db20973"}, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x50000, 0x0) ioctl$BLKROGET(r3, 0x125e, &(0x7f00000001c0)) openat(r3, &(0x7f0000000200)='./file0\x00', 0x20000, 0x60) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000240)={r2}, 0x0) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x9, 0x200000) bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00'}, 0x58) socket$caif_stream(0x25, 0x1, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r5 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000003e80), 0x0, 0x0) recvmmsg(r5, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x167, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x3ed, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000000c0)={r4, @in6={{0xa, 0x4e21, 0x0, @remote, 0x2}}, 0xffffffffffff0000, 0xff}, 0x141) 13:23:07 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:07 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', 0x0) rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:07 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:07 executing program 4: r0 = syz_open_dev$radio(&(0x7f0000000640)='/dev/radio#\x00', 0xffffffffffffffff, 0x2) r1 = syz_open_dev$video(0x0, 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x400000, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, [], &(0x7f0000000000)={0xf0f041, 0x0, [], @p_u16=0x0}}) ioctl$VIDIOC_G_SELECTION(r0, 0xc040565e, 0x0) 13:23:07 executing program 3: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', 0x0) 13:23:07 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 264.946881][ T8795] vivid-000: disconnect [ 264.999608][ T8793] vivid-000: reconnect 13:23:07 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:07 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(0x0, &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:07 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:07 executing program 4 (fault-call:4 fault-nth:0): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:07 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 265.403163][ T8815] FAULT_INJECTION: forcing a failure. [ 265.403163][ T8815] name failslab, interval 1, probability 0, space 0, times 1 [ 265.424088][ T8815] CPU: 0 PID: 8815 Comm: syz-executor4 Not tainted 5.0.0-rc2-next-20190116 #13 [ 265.433045][ T8815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.443116][ T8815] Call Trace: [ 265.446494][ T8815] dump_stack+0x1db/0x2d0 [ 265.450847][ T8815] ? dump_stack_print_info.cold+0x20/0x20 [ 265.456652][ T8815] ? get_pid_task+0xd4/0x190 [ 265.461353][ T8815] should_fail.cold+0xa/0x14 [ 265.465956][ T8815] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 265.471845][ T8815] ? ___might_sleep+0x1e7/0x310 [ 265.476703][ T8815] ? arch_local_save_flags+0x50/0x50 [ 265.482020][ T8815] ? __f_unlock_pos+0x19/0x20 [ 265.486767][ T8815] __should_failslab+0x121/0x190 [ 265.491769][ T8815] should_failslab+0x9/0x14 [ 265.496314][ T8815] kmem_cache_alloc+0x2be/0x710 [ 265.501207][ T8815] ? vfs_write+0x2f0/0x580 [ 265.505673][ T8815] getname_flags+0xd6/0x5b0 [ 265.510181][ T8815] ? kasan_check_write+0x14/0x20 [ 265.515125][ T8815] do_renameat2+0x2af/0x1120 [ 265.519731][ T8815] ? wait_for_completion+0x810/0x810 [ 265.525070][ T8815] ? check_preemption_disabled+0x48/0x290 [ 265.530808][ T8815] ? user_path_create+0x50/0x50 [ 265.535696][ T8815] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 265.541943][ T8815] ? fput+0x128/0x1a0 [ 265.545945][ T8815] ? do_syscall_64+0x8c/0x800 [ 265.550625][ T8815] ? do_syscall_64+0x8c/0x800 [ 265.555346][ T8815] ? lockdep_hardirqs_on+0x415/0x5d0 [ 265.560668][ T8815] ? trace_hardirqs_on+0xbd/0x310 [ 265.565713][ T8815] ? __ia32_sys_read+0xb0/0xb0 [ 265.570493][ T8815] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 265.576571][ T8815] ? trace_hardirqs_off_caller+0x300/0x300 [ 265.582384][ T8815] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 265.587854][ T8815] __x64_sys_rename+0x61/0x80 [ 265.592545][ T8815] do_syscall_64+0x1a3/0x800 [ 265.597144][ T8815] ? syscall_return_slowpath+0x5f0/0x5f0 [ 265.602783][ T8815] ? prepare_exit_to_usermode+0x232/0x3b0 [ 265.608562][ T8815] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 265.614134][ T8815] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 265.620026][ T8815] RIP: 0033:0x457ec9 [ 265.623920][ T8815] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 265.643561][ T8815] RSP: 002b:00007f82c2747c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 265.643577][ T8815] RAX: ffffffffffffffda RBX: 00007f82c2747c90 RCX: 0000000000457ec9 [ 265.643587][ T8815] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000020000080 [ 265.643597][ T8815] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 265.643606][ T8815] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f82c27486d4 [ 265.643615][ T8815] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 13:23:08 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000001000)=ANY=[@ANYBLOB="cf"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$snapshot(0xffffffffffffff9c, 0x0, 0x109000, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000440)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000300)={[0x0, 0x100000], 0x0, 0x4}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="d79016ce9815c4b33491c743f781ca71fe0eb4e7050d48ec668874a4f2fe327a9b9c941a1b63fef7ccb09569b57c60fe9e4656be18f05de1a4db82fe396edd1a86d4b7513c54a9ca0a70ce0ab4c598", 0x4f, 0xfffffffffffffffa) keyctl$read(0xb, r3, &(0x7f0000000100)=""/61, 0x3d) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) 13:23:08 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:08 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:08 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', 0x0) 13:23:08 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:08 executing program 4 (fault-call:4 fault-nth:1): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:08 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:08 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 265.868935][ T8837] FAULT_INJECTION: forcing a failure. [ 265.868935][ T8837] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 265.882160][ T8837] CPU: 1 PID: 8837 Comm: syz-executor4 Not tainted 5.0.0-rc2-next-20190116 #13 [ 265.891087][ T8837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.901137][ T8837] Call Trace: [ 265.904440][ T8837] dump_stack+0x1db/0x2d0 [ 265.908837][ T8837] ? dump_stack_print_info.cold+0x20/0x20 [ 265.914628][ T8837] should_fail.cold+0xa/0x14 13:23:08 executing program 1 (fault-call:5 fault-nth:0): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') [ 265.919239][ T8837] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 265.925079][ T8837] ? _kstrtoull+0x17d/0x250 [ 265.929593][ T8837] ? lock_downgrade+0xbe0/0xbe0 [ 265.934452][ T8837] ? add_lock_to_list.isra.0+0x450/0x450 [ 265.940102][ T8837] ? __check_object_size+0xa3/0x790 [ 265.945314][ T8837] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 265.951564][ T8837] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 265.957844][ T8837] ? check_preemption_disabled+0x48/0x290 [ 265.963626][ T8837] should_fail_alloc_page+0x50/0x60 13:23:08 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 265.968880][ T8837] __alloc_pages_nodemask+0x323/0xdc0 [ 265.974296][ T8837] ? get_pid_task+0xd4/0x190 [ 265.978894][ T8837] ? __alloc_pages_slowpath+0x2c60/0x2c60 [ 265.984617][ T8837] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 265.990887][ T8837] ? ___might_sleep+0x1e7/0x310 [ 265.995761][ T8837] ? trace_hardirqs_off+0xb8/0x310 [ 266.000884][ T8837] cache_grow_begin+0x9c/0x8c0 [ 266.005657][ T8837] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 266.011905][ T8837] ? check_preemption_disabled+0x48/0x290 13:23:08 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) r1 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 266.017637][ T8837] kmem_cache_alloc+0x645/0x710 [ 266.022496][ T8837] getname_flags+0xd6/0x5b0 [ 266.026996][ T8837] ? kasan_check_write+0x14/0x20 [ 266.027015][ T8837] do_renameat2+0x2af/0x1120 [ 266.027033][ T8837] ? wait_for_completion+0x810/0x810 [ 266.027062][ T8837] ? check_preemption_disabled+0x48/0x290 [ 266.027096][ T8837] ? user_path_create+0x50/0x50 [ 266.027109][ T8837] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 266.027123][ T8837] ? fput+0x128/0x1a0 [ 266.062841][ T8837] ? do_syscall_64+0x8c/0x800 13:23:08 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 266.067537][ T8837] ? do_syscall_64+0x8c/0x800 [ 266.072234][ T8837] ? lockdep_hardirqs_on+0x415/0x5d0 [ 266.077537][ T8837] ? trace_hardirqs_on+0xbd/0x310 [ 266.082595][ T8837] ? __ia32_sys_read+0xb0/0xb0 [ 266.087404][ T8837] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 266.093505][ T8837] ? trace_hardirqs_off_caller+0x300/0x300 [ 266.099330][ T8837] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 266.104800][ T8837] __x64_sys_rename+0x61/0x80 [ 266.109489][ T8837] do_syscall_64+0x1a3/0x800 [ 266.114081][ T8837] ? syscall_return_slowpath+0x5f0/0x5f0 [ 266.119718][ T8837] ? prepare_exit_to_usermode+0x232/0x3b0 [ 266.125496][ T8837] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 266.131059][ T8837] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 266.136952][ T8837] RIP: 0033:0x457ec9 [ 266.140849][ T8837] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 266.160464][ T8837] RSP: 002b:00007f82c2747c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 266.168880][ T8837] RAX: ffffffffffffffda RBX: 00007f82c2747c90 RCX: 0000000000457ec9 [ 266.176852][ T8837] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000020000080 [ 266.184862][ T8837] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 266.184872][ T8837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f82c27486d4 [ 266.184895][ T8837] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 [ 266.355054][ T8862] FAULT_INJECTION: forcing a failure. [ 266.355054][ T8862] name failslab, interval 1, probability 0, space 0, times 0 [ 266.373487][ T8862] CPU: 0 PID: 8862 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 266.382440][ T8862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.392506][ T8862] Call Trace: [ 266.395813][ T8862] dump_stack+0x1db/0x2d0 [ 266.400169][ T8862] ? dump_stack_print_info.cold+0x20/0x20 [ 266.405907][ T8862] ? get_pid_task+0xd4/0x190 [ 266.410507][ T8862] should_fail.cold+0xa/0x14 [ 266.415114][ T8862] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 266.420930][ T8862] ? ___might_sleep+0x1e7/0x310 [ 266.425782][ T8862] ? arch_local_save_flags+0x50/0x50 [ 266.431082][ T8862] ? __f_unlock_pos+0x19/0x20 [ 266.435754][ T8862] __should_failslab+0x121/0x190 [ 266.440702][ T8862] should_failslab+0x9/0x14 [ 266.445216][ T8862] kmem_cache_alloc+0x2be/0x710 [ 266.450044][ T8862] ? vfs_write+0x2f0/0x580 [ 266.454455][ T8862] getname_flags+0xd6/0x5b0 [ 266.458948][ T8862] ? kasan_check_write+0x14/0x20 [ 266.463894][ T8862] do_renameat2+0x2af/0x1120 [ 266.468458][ T8862] ? wait_for_completion+0x810/0x810 [ 266.473725][ T8862] ? check_preemption_disabled+0x48/0x290 [ 266.479421][ T8862] ? user_path_create+0x50/0x50 [ 266.484250][ T8862] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 266.490470][ T8862] ? fput+0x128/0x1a0 [ 266.494431][ T8862] ? do_syscall_64+0x8c/0x800 [ 266.499091][ T8862] ? do_syscall_64+0x8c/0x800 [ 266.503757][ T8862] ? lockdep_hardirqs_on+0x415/0x5d0 [ 266.509048][ T8862] ? trace_hardirqs_on+0xbd/0x310 [ 266.514049][ T8862] ? __ia32_sys_read+0xb0/0xb0 [ 266.518805][ T8862] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 266.524846][ T8862] ? trace_hardirqs_off_caller+0x300/0x300 [ 266.530645][ T8862] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 266.536084][ T8862] __x64_sys_rename+0x61/0x80 [ 266.540740][ T8862] do_syscall_64+0x1a3/0x800 [ 266.545324][ T8862] ? syscall_return_slowpath+0x5f0/0x5f0 [ 266.550953][ T8862] ? prepare_exit_to_usermode+0x232/0x3b0 [ 266.556670][ T8862] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 266.562195][ T8862] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 266.568064][ T8862] RIP: 0033:0x457ec9 [ 266.571964][ T8862] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 266.591658][ T8862] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 266.600050][ T8862] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 266.607994][ T8862] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 266.615973][ T8862] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 266.623919][ T8862] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 266.631866][ T8862] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 13:23:09 executing program 5: r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)="2e0000002e008183ad5de0713c444d000b0000001000034001000000053582c137153e370000000000000000d1bd", 0x2e}], 0x1}, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x3, 0x44040) ioctl$TIOCMBIS(r1, 0x5416, &(0x7f00000001c0)=0x20002) 13:23:09 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:09 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:09 executing program 4 (fault-call:4 fault-nth:2): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:09 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:09 executing program 1 (fault-call:5 fault-nth:1): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:09 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:09 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") socket$inet(0x10, 0x3, 0xc) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:09 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 266.818882][ T8885] FAULT_INJECTION: forcing a failure. [ 266.818882][ T8885] name failslab, interval 1, probability 0, space 0, times 0 [ 266.851415][ T8868] FAULT_INJECTION: forcing a failure. [ 266.851415][ T8868] name fail_page_alloc, interval 1, probability 0, space 0, times 0 13:23:09 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 266.864660][ T8868] CPU: 1 PID: 8868 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 266.873599][ T8868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.883654][ T8868] Call Trace: [ 266.886944][ T8868] dump_stack+0x1db/0x2d0 [ 266.891290][ T8868] ? dump_stack_print_info.cold+0x20/0x20 [ 266.897033][ T8868] should_fail.cold+0xa/0x14 [ 266.901636][ T8868] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 266.907448][ T8868] ? _kstrtoull+0x17d/0x250 [ 266.911961][ T8868] ? lock_downgrade+0xbe0/0xbe0 13:23:09 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 266.916820][ T8868] ? add_lock_to_list.isra.0+0x450/0x450 [ 266.922458][ T8868] ? __check_object_size+0xa3/0x790 [ 266.927659][ T8868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 266.933913][ T8868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 266.940162][ T8868] ? check_preemption_disabled+0x48/0x290 [ 266.945895][ T8868] should_fail_alloc_page+0x50/0x60 [ 266.951101][ T8868] __alloc_pages_nodemask+0x323/0xdc0 [ 266.956476][ T8868] ? get_pid_task+0xd4/0x190 [ 266.961086][ T8868] ? __alloc_pages_slowpath+0x2c60/0x2c60 [ 266.966811][ T8868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 266.973075][ T8868] ? ___might_sleep+0x1e7/0x310 [ 266.977950][ T8868] ? trace_hardirqs_off+0xb8/0x310 [ 266.983079][ T8868] cache_grow_begin+0x9c/0x8c0 [ 266.987870][ T8868] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 266.994123][ T8868] ? check_preemption_disabled+0x48/0x290 [ 266.999856][ T8868] kmem_cache_alloc+0x645/0x710 [ 267.004731][ T8868] getname_flags+0xd6/0x5b0 [ 267.009235][ T8868] ? kasan_check_write+0x14/0x20 [ 267.014187][ T8868] do_renameat2+0x2af/0x1120 13:23:09 executing program 5: r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ftruncate(r0, 0x401) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)) fallocate(r0, 0x3, 0x0, 0x8020006) 13:23:09 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 267.018781][ T8868] ? wait_for_completion+0x810/0x810 [ 267.024084][ T8868] ? check_preemption_disabled+0x48/0x290 [ 267.029816][ T8868] ? user_path_create+0x50/0x50 [ 267.034675][ T8868] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 267.040920][ T8868] ? fput+0x128/0x1a0 [ 267.044914][ T8868] ? do_syscall_64+0x8c/0x800 [ 267.049597][ T8868] ? do_syscall_64+0x8c/0x800 [ 267.054295][ T8868] ? lockdep_hardirqs_on+0x415/0x5d0 [ 267.059591][ T8868] ? trace_hardirqs_on+0xbd/0x310 [ 267.064623][ T8868] ? __ia32_sys_read+0xb0/0xb0 [ 267.069399][ T8868] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.075470][ T8868] ? trace_hardirqs_off_caller+0x300/0x300 [ 267.081295][ T8868] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 267.086769][ T8868] __x64_sys_rename+0x61/0x80 [ 267.091458][ T8868] do_syscall_64+0x1a3/0x800 [ 267.096064][ T8868] ? syscall_return_slowpath+0x5f0/0x5f0 [ 267.101702][ T8868] ? prepare_exit_to_usermode+0x232/0x3b0 [ 267.107429][ T8868] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 267.112994][ T8868] entry_SYSCALL_64_after_hwframe+0x49/0xbe 13:23:09 executing program 5: syz_emit_ethernet(0x1e, &(0x7f0000000100)={@local, @broadcast, [], {@can={0xc, {{0x4, 0xa131, 0x20, 0x7}, 0x3, 0x2, 0x0, 0x0, "e16b8459cb6621e7"}}}}, 0x0) 13:23:09 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 267.118892][ T8868] RIP: 0033:0x457ec9 [ 267.122790][ T8868] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 267.142392][ T8868] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 267.150812][ T8868] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 267.158785][ T8868] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 267.166763][ T8868] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 267.174734][ T8868] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 267.182720][ T8868] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 [ 267.190730][ T8885] CPU: 0 PID: 8885 Comm: syz-executor4 Not tainted 5.0.0-rc2-next-20190116 #13 [ 267.199685][ T8885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.199695][ T8885] Call Trace: [ 267.199723][ T8885] dump_stack+0x1db/0x2d0 [ 267.199746][ T8885] ? dump_stack_print_info.cold+0x20/0x20 [ 267.223130][ T8885] should_fail.cold+0xa/0x14 [ 267.227778][ T8885] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 267.227803][ T8885] ? ___might_sleep+0x1e7/0x310 [ 267.238432][ T8885] ? arch_local_save_flags+0x50/0x50 [ 267.238460][ T8885] __should_failslab+0x121/0x190 [ 267.238483][ T8885] should_failslab+0x9/0x14 [ 267.248708][ T8885] kmem_cache_alloc+0x2be/0x710 [ 267.258036][ T8885] getname_flags+0xd6/0x5b0 [ 267.258056][ T8885] do_renameat2+0x31a/0x1120 [ 267.258079][ T8885] ? wait_for_completion+0x810/0x810 [ 267.267166][ T8885] ? check_preemption_disabled+0x48/0x290 [ 267.278136][ T8885] ? user_path_create+0x50/0x50 [ 267.278155][ T8885] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 267.278171][ T8885] ? fput+0x128/0x1a0 [ 267.278207][ T8885] ? do_syscall_64+0x8c/0x800 [ 267.289320][ T8885] ? lockdep_hardirqs_on+0x415/0x5d0 [ 267.289344][ T8885] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.289361][ T8885] ? trace_hardirqs_off_caller+0x300/0x300 [ 267.289382][ T8885] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 267.298008][ T8885] __x64_sys_rename+0x61/0x80 [ 267.298026][ T8885] do_syscall_64+0x1a3/0x800 [ 267.298053][ T8885] ? syscall_return_slowpath+0x5f0/0x5f0 [ 267.309372][ T8885] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 267.309388][ T8885] ? __switch_to_asm+0x34/0x70 [ 267.309409][ T8885] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 267.309433][ T8885] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.320666][ T8885] RIP: 0033:0x457ec9 [ 267.320681][ T8885] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 267.320688][ T8885] RSP: 002b:00007f82c2726c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 267.329946][ T8885] RAX: ffffffffffffffda RBX: 00007f82c2726c90 RCX: 0000000000457ec9 [ 267.329955][ T8885] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000020000080 [ 267.329963][ T8885] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 267.329972][ T8885] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f82c27276d4 [ 267.329987][ T8885] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 13:23:10 executing program 4 (fault-call:4 fault-nth:3): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:10 executing program 5: syz_mount_image$xfs(&(0x7f0000000080)='xfs\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={[{@mtpt='mtpt'}]}) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x10000, 0x0) ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f0000000040)={0xefd, 0x9, 0x9c}) 13:23:10 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:10 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:10 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:10 executing program 1 (fault-call:5 fault-nth:2): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:10 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:10 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 267.656477][ T8931] XFS (loop5): mtpt option not allowed on this system 13:23:10 executing program 3: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 267.720582][ T8930] FAULT_INJECTION: forcing a failure. [ 267.720582][ T8930] name failslab, interval 1, probability 0, space 0, times 0 [ 267.765632][ T8931] XFS (loop5): mtpt option not allowed on this system [ 267.783218][ T8930] CPU: 0 PID: 8930 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 267.792174][ T8930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.794084][ T8942] FAULT_INJECTION: forcing a failure. [ 267.794084][ T8942] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 267.802289][ T8930] Call Trace: [ 267.818750][ T8930] dump_stack+0x1db/0x2d0 [ 267.823082][ T8930] ? dump_stack_print_info.cold+0x20/0x20 [ 267.828808][ T8930] should_fail.cold+0xa/0x14 [ 267.833397][ T8930] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 267.839209][ T8930] ? ___might_sleep+0x1e7/0x310 [ 267.844066][ T8930] ? arch_local_save_flags+0x50/0x50 [ 267.849489][ T8930] __should_failslab+0x121/0x190 [ 267.854430][ T8930] should_failslab+0x9/0x14 [ 267.858931][ T8930] kmem_cache_alloc+0x2be/0x710 [ 267.863799][ T8930] getname_flags+0xd6/0x5b0 [ 267.868306][ T8930] do_renameat2+0x31a/0x1120 [ 267.872927][ T8930] ? wait_for_completion+0x810/0x810 [ 267.878213][ T8930] ? check_preemption_disabled+0x48/0x290 [ 267.883934][ T8930] ? user_path_create+0x50/0x50 [ 267.888812][ T8930] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 267.895083][ T8930] ? fput+0x128/0x1a0 [ 267.899061][ T8930] ? do_syscall_64+0x8c/0x800 [ 267.903741][ T8930] ? lockdep_hardirqs_on+0x415/0x5d0 [ 267.909028][ T8930] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.915121][ T8930] ? trace_hardirqs_off_caller+0x300/0x300 [ 267.920946][ T8930] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 267.926402][ T8930] __x64_sys_rename+0x61/0x80 [ 267.931075][ T8930] do_syscall_64+0x1a3/0x800 [ 267.935668][ T8930] ? syscall_return_slowpath+0x5f0/0x5f0 [ 267.941311][ T8930] ? prepare_exit_to_usermode+0x232/0x3b0 [ 267.947033][ T8930] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 267.952615][ T8930] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.958499][ T8930] RIP: 0033:0x457ec9 [ 267.962410][ T8930] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 267.982009][ T8930] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 267.990413][ T8930] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 267.998374][ T8930] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 268.006334][ T8930] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 13:23:10 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 268.014301][ T8930] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 268.022271][ T8930] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 [ 268.030266][ T8942] CPU: 1 PID: 8942 Comm: syz-executor4 Not tainted 5.0.0-rc2-next-20190116 #13 [ 268.039254][ T8942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.049326][ T8942] Call Trace: [ 268.053258][ T8942] dump_stack+0x1db/0x2d0 13:23:10 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:10 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 268.053289][ T8942] ? dump_stack_print_info.cold+0x20/0x20 [ 268.053307][ T8942] ? add_lock_to_list.isra.0+0x450/0x450 [ 268.053389][ T8942] ? lockref_get_not_dead+0x70/0x90 [ 268.053410][ T8942] should_fail.cold+0xa/0x14 [ 268.053430][ T8942] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 268.053442][ T8942] ? find_held_lock+0x35/0x120 13:23:10 executing program 4 (fault-call:4 fault-nth:4): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') [ 268.053463][ T8942] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 268.053482][ T8942] ? lock_downgrade+0xbe0/0xbe0 [ 268.053497][ T8942] ? kasan_check_read+0x11/0x20 [ 268.053557][ T8942] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 268.053578][ T8942] should_fail_alloc_page+0x50/0x60 [ 268.053593][ T8942] __alloc_pages_nodemask+0x323/0xdc0 [ 268.053615][ T8942] ? __alloc_pages_slowpath+0x2c60/0x2c60 [ 268.053629][ T8942] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 268.053657][ T8942] ? ___might_sleep+0x1e7/0x310 [ 268.053675][ T8942] ? trace_hardirqs_off+0xb8/0x310 [ 268.053693][ T8942] cache_grow_begin+0x9c/0x8c0 [ 268.053707][ T8942] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 268.053724][ T8942] ? check_preemption_disabled+0x48/0x290 [ 268.053744][ T8942] kmem_cache_alloc+0x645/0x710 [ 268.053766][ T8942] getname_flags+0xd6/0x5b0 [ 268.053784][ T8942] do_renameat2+0x31a/0x1120 [ 268.053799][ T8942] ? wait_for_completion+0x810/0x810 [ 268.053818][ T8942] ? check_preemption_disabled+0x48/0x290 [ 268.053839][ T8942] ? user_path_create+0x50/0x50 [ 268.053855][ T8942] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 268.053885][ T8942] ? fput+0x128/0x1a0 [ 268.053916][ T8942] ? do_syscall_64+0x8c/0x800 [ 268.053933][ T8942] ? lockdep_hardirqs_on+0x415/0x5d0 13:23:10 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) bpf$BPF_PROG_QUERY(0x9, &(0x7f0000000100)={r0, 0x0, 0x0, 0x0, 0x0}, 0x20) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x1f, 0xff, 0x5669, 0x3ff, 0x9}, &(0x7f0000000040)=0x14) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="26c8001a86bbe932e4ef5373"], &(0x7f0000000140)=0x10) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000200)={r1, 0x4, 0x7, 0x7, 0x9, 0xde, 0x40, 0x81, {r2, @in6={{0xa, 0x4e23, 0x5, @loopback, 0x8}}, 0x9, 0x8, 0x1, 0x0, 0x7}}, &(0x7f0000000180)=0xb0) 13:23:10 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:10 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:10 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:10 executing program 1 (fault-call:5 fault-nth:3): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:11 executing program 3: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 268.053955][ T8942] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 268.053971][ T8942] ? trace_hardirqs_off_caller+0x300/0x300 [ 268.053987][ T8942] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 268.054007][ T8942] __x64_sys_rename+0x61/0x80 [ 268.054024][ T8942] do_syscall_64+0x1a3/0x800 [ 268.054050][ T8942] ? syscall_return_slowpath+0x5f0/0x5f0 [ 268.054083][ T8942] ? prepare_exit_to_usermode+0x232/0x3b0 [ 268.054105][ T8942] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 268.054128][ T8942] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 268.054140][ T8942] RIP: 0033:0x457ec9 [ 268.054154][ T8942] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 268.054162][ T8942] RSP: 002b:00007f82c2747c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 268.054177][ T8942] RAX: ffffffffffffffda RBX: 00007f82c2747c90 RCX: 0000000000457ec9 [ 268.054186][ T8942] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000020000080 13:23:11 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 268.054195][ T8942] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 268.054204][ T8942] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f82c27486d4 [ 268.054213][ T8942] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 [ 268.498336][ T8980] overlayfs: failed to resolve './file1': -2 [ 268.545127][ T8982] FAULT_INJECTION: forcing a failure. 13:23:11 executing program 5: socketpair$unix(0x1, 0x2000000000005, 0x0, &(0x7f0000616ff8)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="b171ec4df7f2bdc8f49af3a135f3765f172bf9a102ed36ee463c5bef69e9281d682beeb147a4bc5ed44aba76f027d7f78d187535feaf537137241aaac2af6180659824df5ab7450b1a20446885467826689e6dfc0cc730849f629bd37f4a0e5c764c40e4ac959059901825a13c"], 0x18}, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bind$unix(r2, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e23}, 0x6e) dup3(r2, r0, 0x0) connect$unix(r1, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e22}, 0x6e) [ 268.545127][ T8982] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 268.558351][ T8982] CPU: 0 PID: 8982 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 268.567288][ T8982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.577338][ T8982] Call Trace: [ 268.580641][ T8982] dump_stack+0x1db/0x2d0 [ 268.584987][ T8982] ? dump_stack_print_info.cold+0x20/0x20 [ 268.590712][ T8982] ? add_lock_to_list.isra.0+0x450/0x450 [ 268.596355][ T8982] ? lockref_get_not_dead+0x70/0x90 [ 268.601569][ T8982] should_fail.cold+0xa/0x14 [ 268.606171][ T8982] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 268.611978][ T8982] ? find_held_lock+0x35/0x120 [ 268.616765][ T8982] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 268.623027][ T8982] ? lock_downgrade+0xbe0/0xbe0 [ 268.623042][ T8982] ? kasan_check_read+0x11/0x20 [ 268.623060][ T8982] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 268.623080][ T8982] should_fail_alloc_page+0x50/0x60 [ 268.623097][ T8982] __alloc_pages_nodemask+0x323/0xdc0 [ 268.623120][ T8982] ? __alloc_pages_slowpath+0x2c60/0x2c60 13:23:11 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') [ 268.623135][ T8982] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 268.623163][ T8982] ? ___might_sleep+0x1e7/0x310 [ 268.649331][ T8982] ? trace_hardirqs_off+0xb8/0x310 [ 268.649352][ T8982] cache_grow_begin+0x9c/0x8c0 [ 268.649368][ T8982] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 268.649385][ T8982] ? check_preemption_disabled+0x48/0x290 [ 268.649405][ T8982] kmem_cache_alloc+0x645/0x710 [ 268.649427][ T8982] getname_flags+0xd6/0x5b0 [ 268.666202][ T8982] do_renameat2+0x31a/0x1120 [ 268.666221][ T8982] ? wait_for_completion+0x810/0x810 [ 268.666258][ T8982] ? check_preemption_disabled+0x48/0x290 [ 268.666310][ T8982] ? user_path_create+0x50/0x50 [ 268.676182][ T8982] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 268.676199][ T8982] ? fput+0x128/0x1a0 [ 268.676216][ T8982] ? do_syscall_64+0x8c/0x800 [ 268.676234][ T8982] ? lockdep_hardirqs_on+0x415/0x5d0 [ 268.676256][ T8982] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 268.676273][ T8982] ? trace_hardirqs_off_caller+0x300/0x300 [ 268.676309][ T8982] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 268.688285][ T8982] __x64_sys_rename+0x61/0x80 [ 268.688305][ T8982] do_syscall_64+0x1a3/0x800 [ 268.688324][ T8982] ? syscall_return_slowpath+0x5f0/0x5f0 [ 268.688347][ T8982] ? prepare_exit_to_usermode+0x232/0x3b0 [ 268.697673][ T8982] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 268.697700][ T8982] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 268.697713][ T8982] RIP: 0033:0x457ec9 13:23:11 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:11 executing program 1 (fault-call:5 fault-nth:4): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') [ 268.697728][ T8982] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 268.697745][ T8982] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 268.707594][ T8982] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 268.707605][ T8982] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 268.707614][ T8982] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 268.707623][ T8982] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 13:23:11 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:11 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 268.707633][ T8982] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 13:23:11 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:11 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x0, 0x8040) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0x0, 0x2) rename(&(0x7f0000000380)='./file0/file1/file0\x00', &(0x7f0000000240)='./file0/file0\x00') syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x4, &(0x7f00000001c0)=[{&(0x7f00000003c0)="d82b5738da6a8d8bc8646b8edbb8274d43db37b6895dae351236c31df9761fa8a1ff82cb8f0f5ecc659f9478c960b4309cea207f8e9536e605f97c5b4184694a834efa1a23b2566c1130965b1801bec5f00ef3a650811b6a9396d6c9df94ab568a4746e1f5f4c14516ebad87025dc49880eb33fe2c541679655aa66aafccc64d9589ca905b53a8e140aa27b66702c86c570ffdc28f63aabf8712e4e7c50cf7bef59fdb93d435373fff0319b35c5d1a731f8e1eac920fd7f2cf7a52f3a91dcb270f2feb9424c03a31b32ef6dcaadba1ced3dcf21804ff7d445ecd53b29a846d081d7eed583e92b17c107c042eca35c01931", 0xf1, 0x9}, {&(0x7f0000000500)="f02268e061a7d2a1528c5c36918d9e37a9d40dd8f18d8cff46427bf796f02f12970f70033c58aaebc6ba371d8995375f2051192f34263b4514bd749b698156c1888534f8e1d1e297a03e22ba8759adf328c02b1689f42a72bc9f4539b001963e82c0906d52ffd8a9d1be01ca73d3ab2591d6f7a0aba994e0922a0b3400721b745b824545a9ecdaccdf92ac19798ef570325a773de608986d2854467af2bdfbace90bf6ff0dda56bb0042e78a40bb2b084c529959176390fef94c5e8ecf1cc2f7533db863cb70e308cd5bd006b84cbddb65e5434a3d10b55fc0f4b5af84a53ae81c23d334f5da1071251f84ad3b8e8edc2195be6c6751531e0b32178d62db872c53569781979195fc52951276f7b3c1fbb131fae45de33e82f596051eea7062ba33ce9649cd9639806f55867ba153276106fa7f53e27abbdd4e763f7a153effdd418869d117de985eaf05d5b1817f0ed3647d72cd0a8f5d1cb7d99f3aaed306cc441485e13898e6029d13d81fa33e8d5fa2ed4f6b25794d1b8408748a282109be5b55f3f017ca5235df15f69a445e3e8014f0fa0fa55d1c77b6ff123aafb075fb69aeb5b8c24f531cbc226e692c492a0ddc7f660f01cc9f46c9f4e9380c5c25bf9e221c78edc3ba1a46402d54829161d8e200c4bac08f0964f3015afd5acfc622350b50f217045d4be88b8510032c867b9344da3b36be47688023e11410e54e15ef067c84785f0f48bee6c5ebc2991a862f6d0af3dfb204b48b7041a585cfa691760424a402280a4eb2e12b29de24a116e929ab40256f650c5d616d8a7a1e97862f5aac19d85082d85b3cce7e0dc6bb0f5a46b73407d7f8cad4eb813e15e690fef5cc5ed475dc30afa9140f31c74d0bafa152ec776fc5982c44180b6f0fd351246e13f18bc4d06514d6bc26fe205f802a0f75842817521066f353b05f1c9a20c70548e9dce088f5bdb6d9ba9a945da39dbb95c43eadecc10fbc015c1f6bc287accd6decb80ed9767005cabe5c0cb882b79696c3c72281a34d4552752dc69d05bd5b28456ea79b5be8f79f1bd38b5040f87cad4937fbaf71869f2e0578cdffd86f868944e7158c7947aa68ae22cf3bed9a68895f94e8095e09941c74950885906dc4e8d0d564c3bad1105b77faf142aa0b77b94f61b4b787cb426890afce180dbd39bc5ea01b35e08b2ce10fa81908fbb91cedc7146a2b6e8e0b73c9315994f30e66f1c84ec59cd44a5fe66279f1d7e1412ff0b1bbb7b45f2646ae32faa12a073e7e379cba0da8460881ca94acc23734581fed66d4067faeb38a15363b3c1f3cc2b278469b06b0b0bf6cc90532df2a6d84447716f36b3ea4ad975613696d9a2ae7b24176fdd793ee5f239521005ef8212a991dd912325bf5fb797a55e67d1676de0d8987da9274b783633cedb98c051d1aad5638ebccc41212e80adacb83014ca9a632650b874ecc2ea80d9831c1f70cb5efec9845b4b5d3433b94a1ba7ff5fb8cbd84024d57a223a54ac271f6266a5e736d89a391646e27add36a58d2c9b765e017c8ac666512027056c77893dc5593a00213f7945f639d61ae0df61f8e671eeabf987140747a742d74d15e8cca731b237b70e5a701ca505fbba08ce748976857455494b3e3c202120771d7111f4240f0672978c12973b5a369ef540eca5abe63b2cc063e24895809ef59944402f82f970869ad4d73fe7a84abed071b196f296351a34c8bd09cee4dc1a787dbb6794acb399fb8e6c26fc032782e0431d3af1d8f3d8ba89de3976fccb79f787645fe40865391b29f2ca2dbabd6149b0954accc226297321873c182c9eba2a46e28269f083f6b7113f7495e882f042d03f448a4d922dca4a61f2a26d80ef9f0ad7201ac9123804b24cffaef69f7bff037942c28b99bb3f74b2cc0561e4dee3ee42309afe28d60ffa716d798a19f5c3f4692b4c51a2946fb0d21d8aa48c95c2fc55b7c0286731f2c5949d2840949e96667115be1df0b4c464a6bbb9c61bb339a7d2af3a3e01195b5496a6b8e447a9720a62a2c0079adc6ca93f60afee18579986e17c614da5179e1706a9317647db88aedd8f5069589d1b872e94849da6b0d66f9f2fab15953025e043f30c234fcf4a12805beb7c802d559c68f087742fc0cdbc66808073c7da45fae1d914afae2eddbb59682c0f3ff992db84fdd614774dc467a34c231119a788a9e57186e191fff0c1209520e5149b56848a7e5a8811d51048bfc15733df6fbefd6021525a05264e06ec4e9dfba1bab5bdd99867d52a5e5797c3db146d60fd39ec3103fd23f2827b9c1e66fb35614f36c86f6e20541af378e013e9f6ab406c18cafc3f51ce6dd6a17aeba5609c00b756c83fc6c78cecbbbe08cd270cf4f68afddaab892696fcb140664348fd4baa8bdfb1a5c6cdbe50cf32bfcfcbecc028da55b29f7946badef7b9826d636b0d373c2b955eadfc08c35dc455560f41882066f79b93c3aa8057af7f5af915a52f7ade8b542c74242c9a5d305c06b45af1ff17b96833945abe132511ba621276cba0883e38338769a3a537632deadc619c95cace7a1b6ca610d357cf75fea5d2682b4e7045b3a456530c0a6dac38b531d47f0029c2bb7681821b02182d83b19a5b0c99f99d26e72e1dc3fcbdb256d046f334ccd4a87807432546741eecd2909d4a96d42ec12859208bde2cd96e1e88577f2c1850764cf556b3546dd3b8249e2798c91ab68abd9eacd2ae0ce188ab067e72c40569a3b7eecd6708dbcf374b9fa2a6a0260fb096a0fb1b75d0af9296ee471611ba76511f2f50e7a414b39beb1c1d8f64988b37c02a1dd350a1e40f4a2d8bc24f29f1c03286ee80a759b4357b042d424cf4cbae474d89b633815751fa2343a648c623220ad5586bd61c67a30ec6bbf5de5bc0f8d8e3826305acabf336c3501bd34eaf44d174fda18f3dd630bd4b45ba39b141fd1e900a4cd1a9c75e95a9bb7798513eb448cfc79612462cfdf81421c201d4ac82b342faa152d8be8ebe143552254284eb763b86cc4ca1b8171a72df76fcc79859a65e2bca731adbb23905a1a6f22f8e0442af4ac28bceedf9f33f6d6c1a82acdaf4978d788864b683798bd20708780826ac1ff8a208ec03cdc748f2102d89c3433c1fc3f7b5506383026ffd03a3ea1240b483c4fdade16ccdf98223a8655882e5cf4f736beb2cf4c785d1b76deb7d63776721f88ba9f22cdfb4aab98c79a5e23196fa13db4c5552815c77f913dd4acf67377de4867783e7aaaaf76efe221877d8e8d893b93b08dc276eeb96e4c0340e60622fae616acf3f195691d097580ee40df2dd8dc0ff43832c4ffec37621214cd5c0c91051fc50f4b0644ad9264623b55b286cfc61f352a223b2531610e9bb4ce0270e010dc6649320a124dfd5ea638ac862dfef3bf3afcf92e38c1f7541bb41b3c64c6eff123280da680b6ddcf5626541a8990246dcf97b16af3513ec7c344558517629987aa0923a4503d6de90f2152f0dda2dbc9eb6ae6a9e1e3c26dd02224b4a8f450a6bc43d4613afaa83e7c2bb3a99e51fa32a775f8b4641015fc0b5decfdb15f2d7c9bed52965bd7a80789208111603f4a6889b7ac7d6332d8d91e349aa1054511ca70b8cae110f2ea949dcfb661822995a5727268e98e21d80b8a869970839c047cdfea4b7438c6afb8d5b6bde9a7ff2ff035ede7936e2641fc149cf1694e15e251ab378fe306d31106aeccf94234a8f53e353a2fed3b7f111ec7945b03080d8c27e5b05a0fa6e58e47caaa425c3b97116aa7267d9e40140a32489b86c3d60816e69d9e07cde3946492683a86043c0894098d99126741383062e2426be01703f248cf9e7733ac0f715c128c7089b4c277c71393f405e7a660c2125ed8b5a84966a6e46ddb8ed7d8538fe755bc8997649b8153786665bc556aca365c6fde9d4a79b72086152cab3bd1bd26d90c367688e8b4c70425ea547c472f870b8a4210ea60d829c694200d8535b07553685b9d44c166d1a9e9f0e1e12c2935c2daff9ed20374bc3e51010bc9a72d93b8e38d68b95ab64c2c63a990aea5678e0d2d2f0830bace1202e8313f07eedc5b38b6610a8bcaa8a7d44d57639810e5b3a53f70207d0f6d7dafe4df642b6233a64523e98d43a03cb4a82648c915329187b0b0645721adbd5d98bce6bb49898a21897ab39bb3180a1ed06207ba1bf677a63696929642285919d9a05615d49d929d38f5f1afdd222873f1d99d640e1e0d11e08ee169c49fde11459d0752e50407fabee506b39b09a1a3dd9c144fcf2d6e44039221508655beaa611ee71b9a24c1f18a77f96ec2b7484ed2f1087dea0295027b5e2398101092bdeba87527c1665751dafb67e5ecb44c430f707504d0f305d39908104feeeb7daaa60b23eb8a1fa954e96b79509904abe9b4f3b61120c5b38b7fb694ed9536f5a49ec3be8038b52e87101e8e6f52984386bf804c6417e00d11f5dabba71b563a6171b55e4a4d2caeb56906c299b62282e0e59873003c36ecba3fb5a68591c07f27001d5e0f79ce0748449a58648612e2aa452c2b0dfd469e2712f2c8c97e05c442aeb369dbcb22a443a078cb3a8b805d9348c6dbd627f26427f93cfefe3c0508d8cd018082f355e8b7533dca787b2f46058ee4dd1c5d174da28082bc0eca82a73fabab7fa8b46195a9ca08cf2ae48fe358bcc960204bfc07035c6b8efc600a87e7c6059e18ef471421730512e510d72426b2f08f1b888478b5298fa4b14c9399b91f9d474e5760db5b90239f74eb703ff6110bc77855555506c4c809c4ca502532ffe09ff1e3deeb8c97b62d1dd549fef9c988173bc7683d3a12532f79cf2bc10a1bdf8ed199c8566079517800688228e44a62973f767762709068a5949d2bdfc031e6a43ca86acaa59dcd1d60df480cab8aa9ad0db4e05c157574a2881f5424e592776b32fbd9a1d6dd74fd549326ac988f061702ebb1d549831099494af9fe0d78282a07385a99aa4ae2ca419f79b9b0fe16ca96b485dd9967b794eb26388ddec2759f27a5e738d61c341d6f27d4a077a2b2659b9e2b08cc405d9e11523da9bcf813de34bdde9a40f94e1a6c1f887e79c1636aac36fc58f5b0546fd784eee869c3ba4375208f7f379a2f4340baed36775533ec167bc6a5deedb17325caa91aa014f926629c1746e07dbd36cb7c139ff723075e8af479e167ebbb4e3d2d6807eaa23fb0d8a11eb917367a391c2d1b6ed07a90e45fc59f9bf0698aa166ebe62cceef6d4d215e20cb4cdc09b93f99481494b4e8f8c4025bf5495c32bbb397d5edab6f492ae6c3e3686c3304e3f52163dbe366dfdb831309ea97b0991b18aace871e4eee50642e9a673f5045aa506bccd9e3a5eb28673d2514d860f0675c021fa0bacd5d254364bcce2233c01b1afd09e2d20bed829c6d440f4bc9e5fd9c74eb164f2b0c8d31bd426fa8450c972a92afd0f283d4e905272105937cf74c577127614c7a42e55e021fb3ab337accea07cbf3774ea1d6a08d6d32ffb9573e0dc2612de122d4dba17811706fe6bcdb57b5ae02d6697519725fa31ba34b0cb997d603fa65fdc2204dd1099a546dfea05f14528ebadb325a395d1ad4e3a7da2c85afc6d48d6dc1df3cbfa0fb2c1308fe8cd62adc3dd9b7e5a376b4269014e5cd8390be7b137453dadca3ede88c00894f90fd95cfb7348684f24f001d7bc0637db220e26df6c3f5b0754c6a6a64e8299a849ad3b2d280e52dc7dc900bf7a8f6da477b4b8d0bca4a28d1d107cab2a67e5147a40fcb2a637b6ada24c1d14396d6483a6f22ef754977207e760f1b", 0x1000, 0x3f}, {&(0x7f0000001500)="55420e79e3938cf2b9de55e22490bc491aaedb2160c0cc4f764639ecd02bd85f6245d89ae4e0b91b63c866f22294aab5ecedc97c88c6444f33d7c665e263d9d094876f79cd80ddb0cd84ce2e945e6bfae948a9d650f9e414f16678d820547cbcc9686e574929fe4ba8dcd6254dfdbb52741ea77bc9dc516f12eb1be773e63d29c05ad85a02647ee8dd862ec936f1cbf136001982babc95a34d4bb14a972fb69e1bd3ddce5584", 0xa6, 0x1}, {&(0x7f00000015c0)="048071f6e55f2511081853f6f980aacd8fb3e787a8547515e85bd3ee898f866bc7a1a13fce068ce7a8dde7016135749090df41f4c30f2a2dc65126e46131e81c92ba3a748e612ebd8c2e054779cc699e4b06555425fa348761a6cb86dbdfe55f4a40d294a5a73c144ad2dc38632fc1affe7462344215194675992c40dda23b0b70e5a6bd88893d56b202eddb7ee263fc0567b5a36f8a36c097110e3530733b50f8b304dc21b82dbc3c2922bc64af61de6550eeced24ed1f8568d600c3ebde90081a0f7feaec67176fcd432c574c7ddf0417509f44abf34e8fbdb0ac650f8dd49a1c760fe9cfc506b72d465a5b9dee37738c8356650727826d5", 0xf9, 0x2}], 0x10488, &(0x7f00000016c0)={[{@numtail='nonumtail=0'}, {@fat=@flush='flush'}, {@fat=@check_normal='check=normal'}, {@shortname_win95='shortname=win95'}, {@utf8no='utf8=0'}, {@numtail='nonumtail=0'}, {@utf8no='utf8=0'}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@measure='measure'}]}) 13:23:11 executing program 5: r0 = creat(&(0x7f0000000a80)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x0, 0x5, 0x1000f4) stat(0x0, &(0x7f0000000680)) add_key$keyring(0x0, &(0x7f0000000a00)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000140)='overlay\x00', 0x0, 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r3 = open(&(0x7f00000008c0)='./bus\x00', 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000500)=0xffffffffffffffd4) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000400)) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'team_slave_0\x00'}) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8000fffffffe) getpeername$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000200)=0x1c) syz_mount_image$xfs(0x0, &(0x7f0000000440)='./bus\x00', 0x0, 0x0, 0x0, 0x80, &(0x7f0000000840)={[{@attr2='attr2'}, {@noattr2='noattr2'}, {@nolargeio='nolargeio'}, {@uqnoenforce='uqnoenforce'}, {@nouuid='nouuid'}], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@dont_appraise='dont_appraise'}, {@euid_gt={'euid>', r4}}]}) stat(&(0x7f00000001c0)='./bus/file0\x00', &(0x7f00000007c0)) connect$bt_rfcomm(r2, &(0x7f0000000240)={0x1f, {0x1000, 0xca, 0x0, 0x7fff, 0x9, 0x9}, 0x2}, 0xa) 13:23:11 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:11 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(0x0, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(0xffffffffffffffff, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 269.027385][ T9006] FAULT_INJECTION: forcing a failure. [ 269.027385][ T9006] name failslab, interval 1, probability 0, space 0, times 0 [ 269.054503][ T9006] CPU: 0 PID: 9006 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 269.063479][ T9006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.067193][ T9008] overlayfs: missing 'lowerdir' [ 269.073532][ T9006] Call Trace: [ 269.073572][ T9006] dump_stack+0x1db/0x2d0 [ 269.073597][ T9006] ? dump_stack_print_info.cold+0x20/0x20 [ 269.073629][ T9006] should_fail.cold+0xa/0x14 [ 269.089889][ T27] audit: type=1804 audit(1547644991.636:35): pid=9013 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir481896800/syzkaller.6leBnW/31/bus" dev="sda1" ino=16526 res=1 [ 269.091801][ T9006] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 269.091827][ T9006] ? ___might_sleep+0x1e7/0x310 [ 269.091848][ T9006] ? arch_local_save_flags+0x50/0x50 [ 269.108177][ T9014] overlayfs: failed to resolve './file1': -2 [ 269.120594][ T9006] __should_failslab+0x121/0x190 [ 269.120645][ T9006] should_failslab+0x9/0x14 [ 269.120666][ T9006] kmem_cache_alloc+0x2be/0x710 [ 269.148418][ T27] audit: type=1804 audit(1547644991.636:36): pid=9008 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir481896800/syzkaller.6leBnW/31/bus" dev="sda1" ino=16526 res=1 [ 269.152012][ T9006] __d_alloc+0xae/0xbe0 [ 269.152032][ T9006] ? d_lookup+0x163/0x360 [ 269.152049][ T9006] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 269.152071][ T9006] ? d_alloc_parallel+0x1f10/0x1f10 [ 269.200412][ T9006] ? trace_hardirqs_on+0xbd/0x310 [ 269.205440][ T9006] ? lookup_dcache+0x23/0x140 [ 269.210124][ T9006] ? trace_hardirqs_off_caller+0x300/0x300 [ 269.215980][ T9006] ? ___might_sleep+0x1e7/0x310 [ 269.220848][ T9006] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 269.226602][ T9006] d_alloc+0x99/0x420 [ 269.230653][ T9006] ? __d_lookup+0x960/0x960 [ 269.235184][ T9006] ? __d_alloc+0xbe0/0xbe0 [ 269.239596][ T9006] ? lock_rename+0x1ef/0x290 [ 269.244237][ T9006] __lookup_hash+0xcd/0x190 [ 269.248784][ T9006] do_renameat2+0x6b2/0x1120 [ 269.253426][ T9006] ? user_path_create+0x50/0x50 [ 269.258324][ T9006] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 269.264583][ T9006] ? fput+0x128/0x1a0 [ 269.268588][ T9006] ? do_syscall_64+0x8c/0x800 13:23:11 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, 0x0) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:11 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, 0x0) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 269.273299][ T9006] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 269.279373][ T9006] ? trace_hardirqs_off_caller+0x300/0x300 [ 269.285227][ T9006] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 269.290697][ T9006] __x64_sys_rename+0x61/0x80 [ 269.295424][ T9006] do_syscall_64+0x1a3/0x800 [ 269.300025][ T9006] ? syscall_return_slowpath+0x5f0/0x5f0 [ 269.305661][ T9006] ? prepare_exit_to_usermode+0x232/0x3b0 [ 269.311401][ T9006] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 269.316962][ T9006] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 269.316976][ T9006] RIP: 0033:0x457ec9 [ 269.316992][ T9006] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 269.317000][ T9006] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 269.317021][ T9006] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 269.317029][ T9006] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 269.317036][ T9006] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 13:23:12 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 269.317044][ T9006] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 269.317051][ T9006] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 [ 269.397916][ T9014] FAT-fs (loop4): Unrecognized mount option "defcontext=root" or missing value 13:23:12 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, 0x0) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:12 executing program 1 (fault-call:5 fault-nth:5): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:12 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:12 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 269.582253][ T9014] FAT-fs (loop4): Unrecognized mount option "defcontext=root" or missing value 13:23:12 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:12 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e3a66296c65302c776f726b6469723d2e2f66696c653166e4141510146fdced1666b148057b5824717c400d38f2cdcfe5c5320ba45495ce9fb217155351af33f22e7eeb49efc0f880b1ee69f92ced4c0b41c94b059a479ef2c68ef5215fbf49111cc1b7c16c83cd1f427ad212aaaa0c3c0a3eac5d14e620112740aa9225474ad69b49212863adfe28f698c324b95269eb7ab02cc3ee0146db85d1d56fc1365cd49f0847ea9b9cc0482fe2011147d3f19aae6a9da9f4"]) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') r0 = syz_open_dev$usbmon(&(0x7f0000003840)='/dev/usbmon#\x00', 0x0, 0x4000) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000003880), &(0x7f00000038c0)=0x4) r1 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0xdc, 0x0) getpeername$unix(r1, &(0x7f0000000380), &(0x7f0000000240)=0x6e) [ 269.807200][ T27] audit: type=1804 audit(1547644992.386:37): pid=9013 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor5" name="/root/syzkaller-testdir481896800/syzkaller.6leBnW/31/bus" dev="sda1" ino=16526 res=1 [ 269.891833][ T9053] FAULT_INJECTION: forcing a failure. [ 269.891833][ T9053] name failslab, interval 1, probability 0, space 0, times 0 [ 269.899945][ T27] audit: type=1804 audit(1547644992.476:38): pid=9061 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor5" name="/root/syzkaller-testdir481896800/syzkaller.6leBnW/31/bus" dev="sda1" ino=16526 res=1 [ 269.906450][ T9013] overlayfs: missing 'lowerdir' [ 269.934550][ T9053] CPU: 1 PID: 9053 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 269.934711][ T27] audit: type=1804 audit(1547644992.486:39): pid=9015 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir481896800/syzkaller.6leBnW/31/bus" dev="sda1" ino=16526 res=1 [ 269.943487][ T9053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.943501][ T9053] Call Trace: [ 269.943525][ T9053] dump_stack+0x1db/0x2d0 [ 269.943566][ T9053] ? dump_stack_print_info.cold+0x20/0x20 [ 269.978517][ T27] audit: type=1804 audit(1547644992.556:40): pid=9061 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir481896800/syzkaller.6leBnW/31/bus" dev="sda1" ino=16526 res=1 [ 269.981015][ T9053] should_fail.cold+0xa/0x14 [ 269.981045][ T9053] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 269.981069][ T9053] ? ___might_sleep+0x1e7/0x310 [ 270.030397][ T9053] ? arch_local_save_flags+0x50/0x50 [ 270.035689][ T9053] ? print_usage_bug+0xd0/0xd0 [ 270.040484][ T9053] __should_failslab+0x121/0x190 [ 270.045426][ T9053] should_failslab+0x9/0x14 [ 270.049925][ T9053] kmem_cache_alloc+0x2be/0x710 [ 270.054801][ T9053] __d_alloc+0xae/0xbe0 [ 270.058960][ T9053] ? __lock_acquire+0x572/0x4a10 [ 270.063902][ T9053] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 270.069625][ T9053] ? __lock_acquire+0x572/0x4a10 [ 270.074564][ T9053] ? print_usage_bug+0xd0/0xd0 [ 270.079341][ T9053] ? print_usage_bug+0xd0/0xd0 [ 270.084118][ T9053] d_alloc+0x99/0x420 [ 270.088104][ T9053] ? __d_alloc+0xbe0/0xbe0 13:23:12 executing program 5: r0 = creat(&(0x7f0000000a80)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x0, 0x5, 0x1000f4) stat(0x0, &(0x7f0000000680)) add_key$keyring(0x0, &(0x7f0000000a00)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000140)='overlay\x00', 0x0, 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r3 = open(&(0x7f00000008c0)='./bus\x00', 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000500)=0xffffffffffffffd4) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000400)) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'team_slave_0\x00'}) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8000fffffffe) getpeername$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000200)=0x1c) syz_mount_image$xfs(0x0, &(0x7f0000000440)='./bus\x00', 0x0, 0x0, 0x0, 0x80, &(0x7f0000000840)={[{@attr2='attr2'}, {@noattr2='noattr2'}, {@nolargeio='nolargeio'}, {@uqnoenforce='uqnoenforce'}, {@nouuid='nouuid'}], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@dont_appraise='dont_appraise'}, {@euid_gt={'euid>', r4}}]}) stat(&(0x7f00000001c0)='./bus/file0\x00', &(0x7f00000007c0)) connect$bt_rfcomm(r2, &(0x7f0000000240)={0x1f, {0x1000, 0xca, 0x0, 0x7fff, 0x9, 0x9}, 0x2}, 0xa) 13:23:12 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x0, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:12 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:12 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 270.092518][ T9053] ? __lock_acquire+0x572/0x4a10 [ 270.097494][ T9053] d_alloc_parallel+0x11b/0x1f10 [ 270.102423][ T9053] ? mark_held_locks+0x100/0x100 [ 270.107366][ T9053] ? __d_lookup+0x560/0x960 [ 270.111877][ T9053] ? find_held_lock+0x35/0x120 [ 270.116683][ T9053] ? __d_lookup_rcu+0x990/0x990 [ 270.121584][ T9053] ? lock_downgrade+0xbe0/0xbe0 [ 270.126541][ T9053] ? add_lock_to_list.isra.0+0x450/0x450 [ 270.132186][ T9053] ? lockdep_init_map+0x10c/0x5b0 [ 270.137218][ T9053] ? lockdep_init_map+0x10c/0x5b0 [ 270.142340][ T9053] ? __init_waitqueue_head+0x92/0x150 [ 270.147714][ T9053] ? init_wait_entry+0x1c0/0x1c0 [ 270.152663][ T9053] ? __d_lookup+0x587/0x960 [ 270.157178][ T9053] __lookup_slow+0x1fa/0x560 [ 270.161758][ T9053] ? vfs_unlink+0x500/0x500 [ 270.166256][ T9053] ? lock_release+0xc40/0xc40 [ 270.171015][ T9053] ? __down_interruptible+0x740/0x740 [ 270.176406][ T9053] ? inode_permission+0xb4/0x570 [ 270.181351][ T9053] lookup_slow+0x58/0x80 [ 270.185588][ T9053] lookup_one_len_unlocked+0xf6/0x100 [ 270.190967][ T9053] ? lookup_slow+0x80/0x80 [ 270.195432][ T9053] ovl_lookup_single+0x63/0x880 [ 270.200307][ T9053] ovl_lookup_layer+0x40d/0x4c0 [ 270.205176][ T9053] ? override_creds+0x1cd/0x240 [ 270.210025][ T9053] ? ovl_dentry_upper+0x65/0x120 [ 270.214986][ T9053] ? ovl_lookup_single+0x880/0x880 [ 270.220122][ T9053] ? ovl_path_real+0x410/0x410 [ 270.224895][ T9053] ovl_lookup+0x606/0x29b0 [ 270.229342][ T9053] ? ovl_path_next+0x2e0/0x2e0 [ 270.234110][ T9053] ? kasan_check_read+0x11/0x20 13:23:12 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x0, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 270.239009][ T9053] ? _raw_spin_unlock+0x2d/0x50 [ 270.243921][ T9053] ? d_alloc+0x2a3/0x420 [ 270.248205][ T9053] ? __d_alloc+0xbe0/0xbe0 [ 270.252623][ T9053] ? lock_rename+0x1ef/0x290 [ 270.257244][ T9053] __lookup_hash+0x122/0x190 [ 270.261872][ T9053] do_renameat2+0x6b2/0x1120 [ 270.266499][ T9053] ? user_path_create+0x50/0x50 [ 270.271343][ T9053] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 270.277582][ T9053] ? fput+0x128/0x1a0 [ 270.281567][ T9053] ? do_syscall_64+0x8c/0x800 [ 270.286258][ T9053] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 270.292340][ T9053] ? trace_hardirqs_off_caller+0x300/0x300 [ 270.298150][ T9053] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 270.303631][ T9053] __x64_sys_rename+0x61/0x80 [ 270.308325][ T9053] do_syscall_64+0x1a3/0x800 [ 270.312910][ T9053] ? syscall_return_slowpath+0x5f0/0x5f0 [ 270.318551][ T9053] ? prepare_exit_to_usermode+0x232/0x3b0 [ 270.324307][ T9053] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 270.329910][ T9053] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 270.335789][ T9053] RIP: 0033:0x457ec9 13:23:12 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 270.339693][ T9053] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 270.359371][ T9053] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 270.367787][ T9053] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 270.375774][ T9053] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 270.383755][ T9053] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 13:23:13 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:13 executing program 1 (fault-call:5 fault-nth:6): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') [ 270.391736][ T9053] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 270.399730][ T9053] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 13:23:13 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:13 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 270.537773][ T9087] overlayfs: unrecognized mount option "L AKGƎ!_IlBz < [ 270.537773][ T9087] >] '@%GJ֛I!(c($Riz" or missing value [ 270.540056][ T9082] overlayfs: missing 'lowerdir' 13:23:13 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x0, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 270.635305][ T9094] overlayfs: unrecognized mount option "L AKGƎ!_IlBz < [ 270.635305][ T9094] >] '@%GJ֛I!(c($Riz" or missing value [ 270.652373][ T9092] FAULT_INJECTION: forcing a failure. [ 270.652373][ T9092] name failslab, interval 1, probability 0, space 0, times 0 [ 270.680479][ T27] audit: type=1804 audit(1547644993.256:41): pid=9098 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir481896800/syzkaller.6leBnW/32/bus" dev="sda1" ino=16580 res=1 [ 270.696073][ T9092] CPU: 1 PID: 9092 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 270.713530][ T9092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.723578][ T9092] Call Trace: [ 270.726871][ T9092] dump_stack+0x1db/0x2d0 [ 270.731211][ T9092] ? dump_stack_print_info.cold+0x20/0x20 [ 270.736937][ T9092] ? do_raw_spin_trylock+0x270/0x270 [ 270.742236][ T9092] should_fail.cold+0xa/0x14 [ 270.746843][ T9092] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 270.752678][ T9092] ? ___might_sleep+0x1e7/0x310 [ 270.757548][ T9092] ? arch_local_save_flags+0x50/0x50 [ 270.757803][ T27] audit: type=1804 audit(1547644993.326:42): pid=9082 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir481896800/syzkaller.6leBnW/32/bus" dev="sda1" ino=16580 res=1 [ 270.762831][ T9092] ? ovl_lookup_single+0xed/0x880 [ 270.762855][ T9092] __should_failslab+0x121/0x190 [ 270.762880][ T9092] should_failslab+0x9/0x14 [ 270.801402][ T9092] __kmalloc+0x2dc/0x740 [ 270.805646][ T9092] ? ovl_lookup_single+0x880/0x880 [ 270.810759][ T9092] ? ovl_path_real+0x410/0x410 [ 270.815527][ T9092] ? ovl_lookup+0x12da/0x29b0 [ 270.820208][ T9092] ovl_lookup+0x12da/0x29b0 [ 270.824732][ T9092] ? ovl_path_next+0x2e0/0x2e0 [ 270.829499][ T9092] ? kasan_check_read+0x11/0x20 [ 270.834372][ T9092] ? _raw_spin_unlock+0x2d/0x50 [ 270.839228][ T9092] ? d_alloc+0x2a3/0x420 [ 270.843506][ T9092] ? __d_alloc+0xbe0/0xbe0 [ 270.848456][ T9092] ? lock_rename+0x1ef/0x290 [ 270.853091][ T9092] __lookup_hash+0x122/0x190 [ 270.857692][ T9092] do_renameat2+0x6b2/0x1120 [ 270.862306][ T9092] ? user_path_create+0x50/0x50 [ 270.867172][ T9092] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 270.873428][ T9092] ? fput+0x128/0x1a0 [ 270.877422][ T9092] ? do_syscall_64+0x8c/0x800 [ 270.882122][ T9092] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 270.888195][ T9092] ? trace_hardirqs_off_caller+0x300/0x300 [ 270.894016][ T9092] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 270.899486][ T9092] __x64_sys_rename+0x61/0x80 [ 270.904173][ T9092] do_syscall_64+0x1a3/0x800 [ 270.908790][ T9092] ? syscall_return_slowpath+0x5f0/0x5f0 [ 270.914436][ T9092] ? prepare_exit_to_usermode+0x232/0x3b0 [ 270.920180][ T9092] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 270.925740][ T9092] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 270.925753][ T9092] RIP: 0033:0x457ec9 13:23:13 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040)='/dev/udmabuf\x00', 0x2) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="75707065726469723d2e2f6669ff07302c6c6f7765726469726469723db323672b6c6531"]) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') [ 270.925768][ T9092] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 270.925783][ T9092] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 270.935564][ T9092] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 270.935574][ T9092] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 270.935583][ T9092] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 270.935592][ T9092] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 270.935601][ T9092] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 [ 271.038884][ T9115] overlayfs: unrecognized mount option "lowerdirdir=#g+le1" or missing value [ 271.052115][ T9115] overlayfs: unrecognized mount option "lowerdirdir=#g+le1" or missing value 13:23:13 executing program 5: r0 = creat(&(0x7f0000000a80)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x0, 0x5, 0x1000f4) stat(0x0, &(0x7f0000000680)) add_key$keyring(0x0, &(0x7f0000000a00)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000140)='overlay\x00', 0x0, 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r3 = open(&(0x7f00000008c0)='./bus\x00', 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000500)=0xffffffffffffffd4) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000400)) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'team_slave_0\x00'}) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8000fffffffe) getpeername$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000200)=0x1c) syz_mount_image$xfs(0x0, &(0x7f0000000440)='./bus\x00', 0x0, 0x0, 0x0, 0x80, &(0x7f0000000840)={[{@attr2='attr2'}, {@noattr2='noattr2'}, {@nolargeio='nolargeio'}, {@uqnoenforce='uqnoenforce'}, {@nouuid='nouuid'}], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@dont_appraise='dont_appraise'}, {@euid_gt={'euid>', r4}}]}) stat(&(0x7f00000001c0)='./bus/file0\x00', &(0x7f00000007c0)) connect$bt_rfcomm(r2, &(0x7f0000000240)={0x1f, {0x1000, 0xca, 0x0, 0x7fff, 0x9, 0x9}, 0x2}, 0xa) 13:23:13 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:13 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x0) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:13 executing program 1 (fault-call:5 fault-nth:7): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:13 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:13 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x800) epoll_pwait(r0, &(0x7f00000001c0)=[{}], 0x1, 0x5, &(0x7f0000000200)={0x1d}, 0x8) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = syz_open_dev$media(&(0x7f0000000140)='/dev/media#\x00', 0x0, 0x80400) r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0) sendmsg(r1, &(0x7f0000000800)={&(0x7f0000000440)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e22, @remote}, 0x3, 0x4, 0x4, 0x3}}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000500)="3c4d95d07d3980b5e4739b1b4ea3275293de0fca7a77d22c5a4df99fabd4ee2f8520b1a08beeeacc019ab6618c2007660e8a9c0bfc472276e50f2fbc834e508074f2590191f4db5d78a5065d206719e29c99209b2f56b390c04369a2a22feb581246d40c81013b8e61639dd412c1cdb945de3f14cda16e9f5700c3e73f940af82d24f4d108583485fb431b97033f7dda63df558cd4706e9668297b9c2d0c2f0c329e5d5ef51b71f5cf290df77aefdadf33dba4aa40c199e34c4b6b9b790792ca0c9a42a1c7ef7411c853ece018702f154f6a8a7d5ebf833a6364dd11ef028b24db73fd6e38193c5c1a34dd6df24d6dc76087fd6eab787a73e3c004123bba92", 0xff}, {&(0x7f0000000600)="81ff22568c93397ee5042d5d50f89a34af8c8e44807be32f837da8047f6974053af7398f41a4757defe41392473112b8d12eb0b2b15dd6ebecfe8a6c24e3315ce9b7db8fb1fa4d2190cd659249290b5025d34c5edd73eecda4b1a62a59309168779c1df03e2c", 0x66}, {&(0x7f0000000680)="5fad5a7c43d44c82507e282d756413e9da532c3dc2a2f09e67876b96a50c419b645df0813ef68b64c9f026eaeecc294102807339fa", 0x35}], 0x3, &(0x7f0000000700)=ANY=[@ANYBLOB="f8000000000000001f01000008000000faed1c436f9da0d66ce9ff012a15cab2daa666c703465684560d77f3496ccf1daa1a251e0faf3ef691ff71a6c8cda1903960a45635e6270a708ac543220dc082a6ab5c60c923ef409c229dc5443e2d5e6baa216eb39e9ed5a7e65dbbf0912038050dc636f7e9e756729ce1bdc13fd1eacf800f82cb5f871fafc4d2700b535d9b52b898d562479fe15df57de85820c4e3b956fa92d1cb5d41e17c039b4da961f3a8f7991c9917a857228633eb918676a120a20dcd13c1e78ae9f255ce7ced0ea133f114ef1d987a1f58e0339b89016386ed0e3e69f42e0b1b7475aea9e1000000"], 0xf8}, 0x24000000) chdir(&(0x7f0000000040)='./file1\x00') rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') open(&(0x7f0000000240)='./file0/file1/file0\x00', 0x50041, 0x0) rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:13 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:13 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8), 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(0xffffffffffffffff, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 271.278064][ T9133] overlayfs: missing 'lowerdir' [ 271.284207][ T9129] FAULT_INJECTION: forcing a failure. [ 271.284207][ T9129] name failslab, interval 1, probability 0, space 0, times 0 [ 271.334295][ T27] audit: type=1804 audit(1547644993.906:43): pid=9133 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir481896800/syzkaller.6leBnW/33/bus" dev="sda1" ino=16733 res=1 [ 271.366000][ T9129] CPU: 0 PID: 9129 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 271.374969][ T9129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 271.385023][ T9129] Call Trace: [ 271.388326][ T9129] dump_stack+0x1db/0x2d0 [ 271.392663][ T9129] ? dump_stack_print_info.cold+0x20/0x20 [ 271.398413][ T9129] ? ___might_sleep+0x1e7/0x310 [ 271.403273][ T9129] ? __lock_acquire+0x572/0x4a10 [ 271.408236][ T9129] should_fail.cold+0xa/0x14 [ 271.412846][ T9129] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 271.418676][ T9129] ? ___might_sleep+0x1e7/0x310 [ 271.423704][ T9129] ? __ext4_get_inode_loc+0x463/0x1340 [ 271.429177][ T9129] ? arch_local_save_flags+0x50/0x50 [ 271.434473][ T9129] __should_failslab+0x121/0x190 [ 271.439474][ T9129] should_failslab+0x9/0x14 [ 271.443999][ T9129] kmem_cache_alloc+0x2be/0x710 [ 271.448933][ T9129] ? block_commit_write+0x30/0x30 [ 271.453963][ T9129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 271.460285][ T9129] ? xattr_find_entry+0x270/0x320 [ 271.465429][ T9129] mb_cache_entry_create+0x136/0xb30 [ 271.470752][ T9129] ? ext4_xattr_ibody_get+0x108/0x640 [ 271.476144][ T9129] ? mb_cache_scan+0x50/0x50 [ 271.480734][ T9129] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 271.486973][ T9129] ? ext4_sb_bread+0x138/0x310 [ 271.491741][ T9129] ? ext4_group_desc_csum+0xe60/0xe60 [ 271.497129][ T9129] ? __down_interruptible+0x740/0x740 [ 271.502572][ T9129] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 271.508571][ T9129] ext4_xattr_get+0x5ad/0xaa0 [ 271.513266][ T9129] ? ext4_xattr_ibody_get+0x640/0x640 [ 271.518688][ T9129] ? apparmor_cred_transfer+0x670/0x670 [ 271.524240][ T9129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 271.530491][ T9129] ? __sanitizer_cov_trace_cmp1+0x17/0x20 [ 271.536213][ T9129] ? ext4_xattr_trusted_set+0x40/0x40 [ 271.541584][ T9129] ext4_xattr_trusted_get+0x32/0x40 [ 271.546807][ T9129] __vfs_getxattr+0xf0/0x150 [ 271.551397][ T9129] ? __vfs_setxattr+0x190/0x190 [ 271.556273][ T9129] ? capable+0x1f/0x30 [ 271.560354][ T9129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 271.566593][ T9129] vfs_getxattr+0x275/0x390 [ 271.571097][ T9129] ? xattr_permission+0x300/0x300 [ 271.576144][ T9129] ovl_check_dir_xattr+0x10d/0x180 [ 271.581257][ T9129] ? ovl_check_origin_xattr+0x40/0x40 [ 271.586650][ T9129] ? lookup_slow+0x80/0x80 [ 271.591067][ T9129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 271.597330][ T9129] ovl_lookup_single+0x4fc/0x880 [ 271.601821][ T27] audit: type=1804 audit(1547644993.946:44): pid=9138 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor5" name="/root/syzkaller-testdir481896800/syzkaller.6leBnW/33/bus" dev="sda1" ino=16733 res=1 [ 271.602274][ T9129] ovl_lookup_layer+0x40d/0x4c0 13:23:14 executing program 4: mkdir(&(0x7f0000000280)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e3a66696c65302c776f726b6469723d2e2f66696c6531725aa30af3598d943fee802bacf71c0ed013ed9d0fa2a79d96f55055ab1ee09cc7ce55994cfc37161278a4781ad108ab6cbb52ffe90a7020edef86fd2b63d9cdfc3b48c03cd4378a0c10d211a95b672d5692bd2ec464098bd2d4317d7c7d4e4f43eab0b9a7c15265cf7505b58c61541d3796c20610e2f2cb4e26b0d3968d5b50e484e32bbb252eaee78e48f738842d8cc3cae73f0b970ec85d0c059916597ddb405001363a8b70a31bcd37e4ea18fdace88f5d6092714d12df7a739be37ec98623c1e302f58dded85d487034345c0e0878e85b8055c0485df1b17ecbee36c8726d65b73aa60bfddf376cf66fb9e537173d8d6f2af5786e736f02"]) r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x404040, 0x0) getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000200)=0x6, &(0x7f0000000240)=0x4) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000380)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') [ 271.631230][ T9129] ? rcu_read_lock_sched_held+0x110/0x130 [ 271.636969][ T9129] ? ovl_lookup_single+0x880/0x880 [ 271.642093][ T9129] ? ovl_path_real+0x410/0x410 [ 271.646862][ T9129] ? ovl_lookup+0x12da/0x29b0 [ 271.651574][ T9129] ovl_lookup+0x140b/0x29b0 [ 271.656117][ T9129] ? ovl_path_next+0x2e0/0x2e0 [ 271.660890][ T9129] ? kasan_check_read+0x11/0x20 [ 271.665762][ T9129] ? _raw_spin_unlock+0x2d/0x50 [ 271.670614][ T9129] ? d_alloc+0x2a3/0x420 [ 271.674853][ T9129] ? __d_alloc+0xbe0/0xbe0 [ 271.679286][ T9129] ? lock_rename+0x1ef/0x290 13:23:14 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, 0x0, 0x0, 0x0) close(r0) [ 271.683921][ T9129] __lookup_hash+0x122/0x190 [ 271.688562][ T9129] do_renameat2+0x6b2/0x1120 [ 271.693151][ T9129] ? user_path_create+0x50/0x50 [ 271.697988][ T9129] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 271.704228][ T9129] ? fput+0x128/0x1a0 [ 271.708189][ T9129] ? do_syscall_64+0x8c/0x800 [ 271.712859][ T9129] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 271.718905][ T9129] ? trace_hardirqs_off_caller+0x300/0x300 [ 271.724702][ T9129] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 271.730146][ T9129] __x64_sys_rename+0x61/0x80 [ 271.734806][ T9129] do_syscall_64+0x1a3/0x800 [ 271.739378][ T9129] ? syscall_return_slowpath+0x5f0/0x5f0 [ 271.744988][ T9129] ? prepare_exit_to_usermode+0x232/0x3b0 [ 271.750686][ T9129] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 271.756231][ T9129] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 271.762101][ T9129] RIP: 0033:0x457ec9 [ 271.765986][ T9129] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 13:23:14 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c12") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:14 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 271.785577][ T9129] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 271.793979][ T9129] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 271.801943][ T9129] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 271.809894][ T9129] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 271.817841][ T9129] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 271.825787][ T9129] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 13:23:14 executing program 5: r0 = creat(&(0x7f0000000a80)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) r1 = creat(&(0x7f0000000700)='./bus\x00', 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x0, 0x5, 0x1000f4) stat(0x0, &(0x7f0000000680)) add_key$keyring(0x0, &(0x7f0000000a00)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffff9) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000140)='overlay\x00', 0x0, 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r3 = open(&(0x7f00000008c0)='./bus\x00', 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000540)={0x0, 0x0}, &(0x7f0000000500)=0xffffffffffffffd4) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000400)) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'team_slave_0\x00'}) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8000fffffffe) getpeername$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000200)=0x1c) syz_mount_image$xfs(0x0, &(0x7f0000000440)='./bus\x00', 0x0, 0x0, 0x0, 0x80, &(0x7f0000000840)={[{@attr2='attr2'}, {@noattr2='noattr2'}, {@nolargeio='nolargeio'}, {@uqnoenforce='uqnoenforce'}, {@nouuid='nouuid'}], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@dont_appraise='dont_appraise'}, {@euid_gt={'euid>', r4}}]}) stat(&(0x7f00000001c0)='./bus/file0\x00', &(0x7f00000007c0)) connect$bt_rfcomm(r2, &(0x7f0000000240)={0x1f, {0x1000, 0xca, 0x0, 0x7fff, 0x9, 0x9}, 0x2}, 0xa) 13:23:14 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c12") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:14 executing program 1 (fault-call:5 fault-nth:8): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:14 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 271.997882][ T9158] overlayfs: failed to resolve './file1rZ [ 271.997882][ T9158] Y?+PUUL7xxlR [ 271.997882][ T9158] p +c;H<7 [g-V.d 1}|}NOC갹ReuaT7N&Ӗ[P+%.H8-? ] Y}@P6:p7]`qMzs~Ɇ#]Hp44x[UH]~6rme: 7lo7=o*xnso': -2 13:23:14 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:14 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c12") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:14 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, 0x0, 0x0, 0x0) close(r0) [ 272.049445][ T9163] overlayfs: failed to resolve './file1rZ [ 272.049445][ T9163] Y?+PUUL7xxlR [ 272.049445][ T9163] p +c;H<7 [g-V.d 1}|}NOC갹ReuaT7N&Ӗ[P+%.H8-? ] Y}@P6:p7]`qMzs~Ɇ#]Hp44x[UH]~6rme: 7lo7=o*xnso': -2 [ 272.175866][ T9170] FAULT_INJECTION: forcing a failure. [ 272.175866][ T9170] name failslab, interval 1, probability 0, space 0, times 0 [ 272.205790][ T9171] overlayfs: missing 'lowerdir' [ 272.221979][ T9170] CPU: 1 PID: 9170 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 272.230938][ T9170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 272.241027][ T9170] Call Trace: [ 272.244367][ T9170] dump_stack+0x1db/0x2d0 [ 272.248708][ T9170] ? dump_stack_print_info.cold+0x20/0x20 [ 272.254435][ T9170] ? ___might_sleep+0x1e7/0x310 [ 272.259298][ T9170] ? __lock_acquire+0x572/0x4a10 [ 272.264251][ T9170] should_fail.cold+0xa/0x14 [ 272.268858][ T9170] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 272.274689][ T9170] ? ___might_sleep+0x1e7/0x310 [ 272.279541][ T9170] ? __ext4_get_inode_loc+0x463/0x1340 [ 272.285005][ T9170] ? arch_local_save_flags+0x50/0x50 [ 272.290319][ T9170] __should_failslab+0x121/0x190 [ 272.295268][ T9170] should_failslab+0x9/0x14 [ 272.295294][ T9170] kmem_cache_alloc+0x2be/0x710 [ 272.295307][ T9170] ? block_commit_write+0x30/0x30 [ 272.295322][ T9170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.295340][ T9170] ? xattr_find_entry+0x270/0x320 [ 272.295364][ T9170] mb_cache_entry_create+0x136/0xb30 [ 272.295377][ T9170] ? ext4_xattr_ibody_get+0x108/0x640 [ 272.295398][ T9170] ? mb_cache_scan+0x50/0x50 [ 272.295412][ T9170] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 272.295427][ T9170] ? ext4_sb_bread+0x138/0x310 [ 272.295445][ T9170] ? ext4_group_desc_csum+0xe60/0xe60 [ 272.295462][ T9170] ? __down_interruptible+0x740/0x740 [ 272.295482][ T9170] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 272.295501][ T9170] ext4_xattr_get+0x5ad/0xaa0 [ 272.304848][ T9170] ? ext4_xattr_ibody_get+0x640/0x640 [ 272.304865][ T9170] ? apparmor_cred_transfer+0x670/0x670 [ 272.304883][ T9170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.304896][ T9170] ? __sanitizer_cov_trace_cmp1+0x17/0x20 [ 272.304913][ T9170] ? ext4_xattr_trusted_set+0x40/0x40 [ 272.304927][ T9170] ext4_xattr_trusted_get+0x32/0x40 [ 272.304945][ T9170] __vfs_getxattr+0xf0/0x150 [ 272.304965][ T9170] ? __vfs_setxattr+0x190/0x190 [ 272.411569][ T9170] ? capable+0x1f/0x30 [ 272.415637][ T9170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.415671][ T9170] vfs_getxattr+0x275/0x390 [ 272.415687][ T9170] ? xattr_permission+0x300/0x300 [ 272.415725][ T9170] ovl_check_dir_xattr+0x10d/0x180 [ 272.426432][ T9170] ? ovl_check_origin_xattr+0x40/0x40 [ 272.426447][ T9170] ? lookup_slow+0x80/0x80 [ 272.426461][ T9170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 272.426484][ T9170] ovl_lookup_single+0x4fc/0x880 [ 272.426505][ T9170] ovl_lookup_layer+0x40d/0x4c0 [ 272.426526][ T9170] ? rcu_read_lock_sched_held+0x110/0x130 [ 272.426544][ T9170] ? ovl_lookup_single+0x880/0x880 [ 272.473175][ T9170] ? ovl_path_real+0x410/0x410 [ 272.477939][ T9170] ? ovl_lookup+0x12da/0x29b0 [ 272.482648][ T9170] ovl_lookup+0x140b/0x29b0 [ 272.487246][ T9170] ? ovl_path_next+0x2e0/0x2e0 [ 272.492014][ T9170] ? kasan_check_read+0x11/0x20 [ 272.496897][ T9170] ? _raw_spin_unlock+0x2d/0x50 [ 272.501748][ T9170] ? d_alloc+0x2a3/0x420 [ 272.506008][ T9170] ? __d_alloc+0xbe0/0xbe0 [ 272.510431][ T9170] ? lock_rename+0x1ef/0x290 [ 272.515053][ T9170] __lookup_hash+0x122/0x190 [ 272.519656][ T9170] do_renameat2+0x6b2/0x1120 [ 272.524306][ T9170] ? user_path_create+0x50/0x50 [ 272.529161][ T9170] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 272.535432][ T9170] ? fput+0x128/0x1a0 [ 272.539426][ T9170] ? do_syscall_64+0x8c/0x800 [ 272.544112][ T9170] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 272.550180][ T9170] ? trace_hardirqs_off_caller+0x300/0x300 [ 272.555997][ T9170] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 272.561471][ T9170] __x64_sys_rename+0x61/0x80 [ 272.566169][ T9170] do_syscall_64+0x1a3/0x800 [ 272.570763][ T9170] ? syscall_return_slowpath+0x5f0/0x5f0 13:23:15 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000180)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66686c65302c6c6f7765726469723d2e3a66696c65306469723d2e2f66696c65310080000000"]) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x0, 0x2) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000140)={0x9, &(0x7f0000000100)=[{0x2, 0xd0}, {0x101, 0x5}, {0x8, 0x603}, {0xffffffff}, {0x1, 0x1}, {0x2, 0xfff}, {0x100, 0x6}, {0x2, 0x80}, {0x9, 0x100}]}) rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:15 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, 0x0, 0x0, 0x0) close(r0) [ 272.576404][ T9170] ? prepare_exit_to_usermode+0x232/0x3b0 [ 272.582164][ T9170] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 272.587722][ T9170] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 272.593609][ T9170] RIP: 0033:0x457ec9 [ 272.593639][ T9170] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 272.593663][ T9170] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 13:23:15 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:15 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:15 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 272.593693][ T9170] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 272.593703][ T9170] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 272.593712][ T9170] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 272.593721][ T9170] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 272.593729][ T9170] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 [ 272.647437][ T9193] overlayfs: missing 'workdir' [ 272.758463][ T9193] overlayfs: missing 'workdir' 13:23:15 executing program 5: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x0, 0x8040) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0x0, 0x2) rename(&(0x7f0000000380)='./file0/file1/file0\x00', &(0x7f0000000240)='./file0/file0\x00') syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x4, &(0x7f00000001c0)=[{&(0x7f00000003c0)="d82b5738da6a8d8bc8646b8edbb8274d43db37b6895dae351236c31df9761fa8a1ff82cb8f0f5ecc659f9478c960b4309cea207f8e9536e605f97c5b4184694a834efa1a23b2566c1130965b1801bec5f00ef3a650811b6a9396d6c9df94ab568a4746e1f5f4c14516ebad87025dc49880eb33fe2c541679655aa66aafccc64d9589ca905b53a8e140aa27b66702c86c570ffdc28f63aabf8712e4e7c50cf7bef59fdb93d435373fff0319b35c5d1a731f8e1eac920fd7f2cf7a52f3a91dcb270f2feb9424c03a31b32ef6dcaadba1ced3dcf21804ff7d445ecd53b29a846d081d7eed583e92b17c107c042eca35c01931", 0xf1, 0x9}, {&(0x7f0000000500)="f02268e061a7d2a1528c5c36918d9e37a9d40dd8f18d8cff46427bf796f02f12970f70033c58aaebc6ba371d8995375f2051192f34263b4514bd749b698156c1888534f8e1d1e297a03e22ba8759adf328c02b1689f42a72bc9f4539b001963e82c0906d52ffd8a9d1be01ca73d3ab2591d6f7a0aba994e0922a0b3400721b745b824545a9ecdaccdf92ac19798ef570325a773de608986d2854467af2bdfbace90bf6ff0dda56bb0042e78a40bb2b084c529959176390fef94c5e8ecf1cc2f7533db863cb70e308cd5bd006b84cbddb65e5434a3d10b55fc0f4b5af84a53ae81c23d334f5da1071251f84ad3b8e8edc2195be6c6751531e0b32178d62db872c53569781979195fc52951276f7b3c1fbb131fae45de33e82f596051eea7062ba33ce9649cd9639806f55867ba153276106fa7f53e27abbdd4e763f7a153effdd418869d117de985eaf05d5b1817f0ed3647d72cd0a8f5d1cb7d99f3aaed306cc441485e13898e6029d13d81fa33e8d5fa2ed4f6b25794d1b8408748a282109be5b55f3f017ca5235df15f69a445e3e8014f0fa0fa55d1c77b6ff123aafb075fb69aeb5b8c24f531cbc226e692c492a0ddc7f660f01cc9f46c9f4e9380c5c25bf9e221c78edc3ba1a46402d54829161d8e200c4bac08f0964f3015afd5acfc622350b50f217045d4be88b8510032c867b9344da3b36be47688023e11410e54e15ef067c84785f0f48bee6c5ebc2991a862f6d0af3dfb204b48b7041a585cfa691760424a402280a4eb2e12b29de24a116e929ab40256f650c5d616d8a7a1e97862f5aac19d85082d85b3cce7e0dc6bb0f5a46b73407d7f8cad4eb813e15e690fef5cc5ed475dc30afa9140f31c74d0bafa152ec776fc5982c44180b6f0fd351246e13f18bc4d06514d6bc26fe205f802a0f75842817521066f353b05f1c9a20c70548e9dce088f5bdb6d9ba9a945da39dbb95c43eadecc10fbc015c1f6bc287accd6decb80ed9767005cabe5c0cb882b79696c3c72281a34d4552752dc69d05bd5b28456ea79b5be8f79f1bd38b5040f87cad4937fbaf71869f2e0578cdffd86f868944e7158c7947aa68ae22cf3bed9a68895f94e8095e09941c74950885906dc4e8d0d564c3bad1105b77faf142aa0b77b94f61b4b787cb426890afce180dbd39bc5ea01b35e08b2ce10fa81908fbb91cedc7146a2b6e8e0b73c9315994f30e66f1c84ec59cd44a5fe66279f1d7e1412ff0b1bbb7b45f2646ae32faa12a073e7e379cba0da8460881ca94acc23734581fed66d4067faeb38a15363b3c1f3cc2b278469b06b0b0bf6cc90532df2a6d84447716f36b3ea4ad975613696d9a2ae7b24176fdd793ee5f239521005ef8212a991dd912325bf5fb797a55e67d1676de0d8987da9274b783633cedb98c051d1aad5638ebccc41212e80adacb83014ca9a632650b874ecc2ea80d9831c1f70cb5efec9845b4b5d3433b94a1ba7ff5fb8cbd84024d57a223a54ac271f6266a5e736d89a391646e27add36a58d2c9b765e017c8ac666512027056c77893dc5593a00213f7945f639d61ae0df61f8e671eeabf987140747a742d74d15e8cca731b237b70e5a701ca505fbba08ce748976857455494b3e3c202120771d7111f4240f0672978c12973b5a369ef540eca5abe63b2cc063e24895809ef59944402f82f970869ad4d73fe7a84abed071b196f296351a34c8bd09cee4dc1a787dbb6794acb399fb8e6c26fc032782e0431d3af1d8f3d8ba89de3976fccb79f787645fe40865391b29f2ca2dbabd6149b0954accc226297321873c182c9eba2a46e28269f083f6b7113f7495e882f042d03f448a4d922dca4a61f2a26d80ef9f0ad7201ac9123804b24cffaef69f7bff037942c28b99bb3f74b2cc0561e4dee3ee42309afe28d60ffa716d798a19f5c3f4692b4c51a2946fb0d21d8aa48c95c2fc55b7c0286731f2c5949d2840949e96667115be1df0b4c464a6bbb9c61bb339a7d2af3a3e01195b5496a6b8e447a9720a62a2c0079adc6ca93f60afee18579986e17c614da5179e1706a9317647db88aedd8f5069589d1b872e94849da6b0d66f9f2fab15953025e043f30c234fcf4a12805beb7c802d559c68f087742fc0cdbc66808073c7da45fae1d914afae2eddbb59682c0f3ff992db84fdd614774dc467a34c231119a788a9e57186e191fff0c1209520e5149b56848a7e5a8811d51048bfc15733df6fbefd6021525a05264e06ec4e9dfba1bab5bdd99867d52a5e5797c3db146d60fd39ec3103fd23f2827b9c1e66fb35614f36c86f6e20541af378e013e9f6ab406c18cafc3f51ce6dd6a17aeba5609c00b756c83fc6c78cecbbbe08cd270cf4f68afddaab892696fcb140664348fd4baa8bdfb1a5c6cdbe50cf32bfcfcbecc028da55b29f7946badef7b9826d636b0d373c2b955eadfc08c35dc455560f41882066f79b93c3aa8057af7f5af915a52f7ade8b542c74242c9a5d305c06b45af1ff17b96833945abe132511ba621276cba0883e38338769a3a537632deadc619c95cace7a1b6ca610d357cf75fea5d2682b4e7045b3a456530c0a6dac38b531d47f0029c2bb7681821b02182d83b19a5b0c99f99d26e72e1dc3fcbdb256d046f334ccd4a87807432546741eecd2909d4a96d42ec12859208bde2cd96e1e88577f2c1850764cf556b3546dd3b8249e2798c91ab68abd9eacd2ae0ce188ab067e72c40569a3b7eecd6708dbcf374b9fa2a6a0260fb096a0fb1b75d0af9296ee471611ba76511f2f50e7a414b39beb1c1d8f64988b37c02a1dd350a1e40f4a2d8bc24f29f1c03286ee80a759b4357b042d424cf4cbae474d89b633815751fa2343a648c623220ad5586bd61c67a30ec6bbf5de5bc0f8d8e3826305acabf336c3501bd34eaf44d174fda18f3dd630bd4b45ba39b141fd1e900a4cd1a9c75e95a9bb7798513eb448cfc79612462cfdf81421c201d4ac82b342faa152d8be8ebe143552254284eb763b86cc4ca1b8171a72df76fcc79859a65e2bca731adbb23905a1a6f22f8e0442af4ac28bceedf9f33f6d6c1a82acdaf4978d788864b683798bd20708780826ac1ff8a208ec03cdc748f2102d89c3433c1fc3f7b5506383026ffd03a3ea1240b483c4fdade16ccdf98223a8655882e5cf4f736beb2cf4c785d1b76deb7d63776721f88ba9f22cdfb4aab98c79a5e23196fa13db4c5552815c77f913dd4acf67377de4867783e7aaaaf76efe221877d8e8d893b93b08dc276eeb96e4c0340e60622fae616acf3f195691d097580ee40df2dd8dc0ff43832c4ffec37621214cd5c0c91051fc50f4b0644ad9264623b55b286cfc61f352a223b2531610e9bb4ce0270e010dc6649320a124dfd5ea638ac862dfef3bf3afcf92e38c1f7541bb41b3c64c6eff123280da680b6ddcf5626541a8990246dcf97b16af3513ec7c344558517629987aa0923a4503d6de90f2152f0dda2dbc9eb6ae6a9e1e3c26dd02224b4a8f450a6bc43d4613afaa83e7c2bb3a99e51fa32a775f8b4641015fc0b5decfdb15f2d7c9bed52965bd7a80789208111603f4a6889b7ac7d6332d8d91e349aa1054511ca70b8cae110f2ea949dcfb661822995a5727268e98e21d80b8a869970839c047cdfea4b7438c6afb8d5b6bde9a7ff2ff035ede7936e2641fc149cf1694e15e251ab378fe306d31106aeccf94234a8f53e353a2fed3b7f111ec7945b03080d8c27e5b05a0fa6e58e47caaa425c3b97116aa7267d9e40140a32489b86c3d60816e69d9e07cde3946492683a86043c0894098d99126741383062e2426be01703f248cf9e7733ac0f715c128c7089b4c277c71393f405e7a660c2125ed8b5a84966a6e46ddb8ed7d8538fe755bc8997649b8153786665bc556aca365c6fde9d4a79b72086152cab3bd1bd26d90c367688e8b4c70425ea547c472f870b8a4210ea60d829c694200d8535b07553685b9d44c166d1a9e9f0e1e12c2935c2daff9ed20374bc3e51010bc9a72d93b8e38d68b95ab64c2c63a990aea5678e0d2d2f0830bace1202e8313f07eedc5b38b6610a8bcaa8a7d44d57639810e5b3a53f70207d0f6d7dafe4df642b6233a64523e98d43a03cb4a82648c915329187b0b0645721adbd5d98bce6bb49898a21897ab39bb3180a1ed06207ba1bf677a63696929642285919d9a05615d49d929d38f5f1afdd222873f1d99d640e1e0d11e08ee169c49fde11459d0752e50407fabee506b39b09a1a3dd9c144fcf2d6e44039221508655beaa611ee71b9a24c1f18a77f96ec2b7484ed2f1087dea0295027b5e2398101092bdeba87527c1665751dafb67e5ecb44c430f707504d0f305d39908104feeeb7daaa60b23eb8a1fa954e96b79509904abe9b4f3b61120c5b38b7fb694ed9536f5a49ec3be8038b52e87101e8e6f52984386bf804c6417e00d11f5dabba71b563a6171b55e4a4d2caeb56906c299b62282e0e59873003c36ecba3fb5a68591c07f27001d5e0f79ce0748449a58648612e2aa452c2b0dfd469e2712f2c8c97e05c442aeb369dbcb22a443a078cb3a8b805d9348c6dbd627f26427f93cfefe3c0508d8cd018082f355e8b7533dca787b2f46058ee4dd1c5d174da28082bc0eca82a73fabab7fa8b46195a9ca08cf2ae48fe358bcc960204bfc07035c6b8efc600a87e7c6059e18ef471421730512e510d72426b2f08f1b888478b5298fa4b14c9399b91f9d474e5760db5b90239f74eb703ff6110bc77855555506c4c809c4ca502532ffe09ff1e3deeb8c97b62d1dd549fef9c988173bc7683d3a12532f79cf2bc10a1bdf8ed199c8566079517800688228e44a62973f767762709068a5949d2bdfc031e6a43ca86acaa59dcd1d60df480cab8aa9ad0db4e05c157574a2881f5424e592776b32fbd9a1d6dd74fd549326ac988f061702ebb1d549831099494af9fe0d78282a07385a99aa4ae2ca419f79b9b0fe16ca96b485dd9967b794eb26388ddec2759f27a5e738d61c341d6f27d4a077a2b2659b9e2b08cc405d9e11523da9bcf813de34bdde9a40f94e1a6c1f887e79c1636aac36fc58f5b0546fd784eee869c3ba4375208f7f379a2f4340baed36775533ec167bc6a5deedb17325caa91aa014f926629c1746e07dbd36cb7c139ff723075e8af479e167ebbb4e3d2d6807eaa23fb0d8a11eb917367a391c2d1b6ed07a90e45fc59f9bf0698aa166ebe62cceef6d4d215e20cb4cdc09b93f99481494b4e8f8c4025bf5495c32bbb397d5edab6f492ae6c3e3686c3304e3f52163dbe366dfdb831309ea97b0991b18aace871e4eee50642e9a673f5045aa506bccd9e3a5eb28673d2514d860f0675c021fa0bacd5d254364bcce2233c01b1afd09e2d20bed829c6d440f4bc9e5fd9c74eb164f2b0c8d31bd426fa8450c972a92afd0f283d4e905272105937cf74c577127614c7a42e55e021fb3ab337accea07cbf3774ea1d6a08d6d32ffb9573e0dc2612de122d4dba17811706fe6bcdb57b5ae02d6697519725fa31ba34b0cb997d603fa65fdc2204dd1099a546dfea05f14528ebadb325a395d1ad4e3a7da2c85afc6d48d6dc1df3cbfa0fb2c1308fe8cd62adc3dd9b7e5a376b4269014e5cd8390be7b137453dadca3ede88c00894f90fd95cfb7348684f24f001d7bc0637db220e26df6c3f5b0754c6a6a64e8299a849ad3b2d280e52dc7dc900bf7a8f6da477b4b8d0bca4a28d1d107cab2a67e5147a40fcb2a637b6ada24c1d14396d6483a6f22ef754977207e760f1b", 0x1000, 0x3f}, {&(0x7f0000001500)="55420e79e3938cf2b9de55e22490bc491aaedb2160c0cc4f764639ecd02bd85f6245d89ae4e0b91b63c866f22294aab5ecedc97c88c6444f33d7c665e263d9d094876f79cd80ddb0cd84ce2e945e6bfae948a9d650f9e414f16678d820547cbcc9686e574929fe4ba8dcd6254dfdbb52741ea77bc9dc516f12eb1be773e63d29c05ad85a02647ee8dd862ec936f1cbf136001982babc95a34d4bb14a972fb69e1bd3ddce5584", 0xa6, 0x1}, {&(0x7f00000015c0)="048071f6e55f2511081853f6f980aacd8fb3e787a8547515e85bd3ee898f866bc7a1a13fce068ce7a8dde7016135749090df41f4c30f2a2dc65126e46131e81c92ba3a748e612ebd8c2e054779cc699e4b06555425fa348761a6cb86dbdfe55f4a40d294a5a73c144ad2dc38632fc1affe7462344215194675992c40dda23b0b70e5a6bd88893d56b202eddb7ee263fc0567b5a36f8a36c097110e3530733b50f8b304dc21b82dbc3c2922bc64af61de6550eeced24ed1f8568d600c3ebde90081a0f7feaec67176fcd432c574c7ddf0417509f44abf34e8fbdb0ac650f8dd49a1c760fe9cfc506b72d465a5b9dee37738c8356650727826d5", 0xf9, 0x2}], 0x10488, &(0x7f00000016c0)={[{@numtail='nonumtail=0'}, {@fat=@flush='flush'}, {@fat=@check_normal='check=normal'}, {@shortname_win95='shortname=win95'}, {@utf8no='utf8=0'}, {@numtail='nonumtail=0'}, {@utf8no='utf8=0'}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@measure='measure'}]}) 13:23:15 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000), 0x0, 0x0) close(r0) 13:23:15 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:15 executing program 4: mkdir(&(0x7f0000000380)='./file0/file0\x00', 0x3) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/udp\x00') ioctl$SIOCX25GCALLUSERDATA(r0, 0x89e4, &(0x7f00000003c0)={0x0, "fad59f571df22d22fa55b2086d3319399004d2ad8179f09cc143dbca49c2efd6ba6a00aeed1a0987f0598f17dde044621397b2008a6cbef18c1f72138887e1d285eb333e1774490ace344135451cf52fb263b90044ae1fbed92f2582feaefb5335a05f25534619e3edf34a054c6b6293364de0b76d107eb8e5cfeee2b234473e"}) setxattr$trusted_overlay_origin(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='trusted.overlay.origin\x00', &(0x7f0000000140)='y\x00', 0x2, 0x2) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f00000001c0)='./file0/file1/file0\x00', &(0x7f0000000180)='./file1\x00') 13:23:15 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:15 executing program 1 (fault-call:5 fault-nth:9): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') [ 273.038168][ T9215] overlayfs: failed to resolve './file1': -2 13:23:15 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)) unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 273.091433][ T9224] overlayfs: failed to resolve './file1': -2 13:23:15 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000), 0x0, 0x0) close(r0) 13:23:15 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e3a66696c65302c776f726b6469723d2e2f66696c6531a3980ddae110b0c1336e3e734b14fbbfef5f4d9205ab23ad33faa42222e07f0192780cef295d6908e6ffd9ea3cc20ab9a16464d7585842339602dc1291334b809b22fafe941e3150aed82b96e19c"]) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') mkdir(&(0x7f0000000140)='./file2\x00', 0x20) rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x5, 0x400) ioctl$RTC_VL_CLR(r0, 0x7014) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200)='/dev/zero\x00', 0x400000, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x7c, r2, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3f}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x5, 0x1}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x4, 0x9}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1f35}]}, 0x7c}, 0x1, 0x0, 0x0, 0x50}, 0x40000) 13:23:15 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 273.142697][ T9218] FAULT_INJECTION: forcing a failure. [ 273.142697][ T9218] name failslab, interval 1, probability 0, space 0, times 0 [ 273.226537][ T9222] FAT-fs (loop5): Unrecognized mount option "defcontext=root" or missing value [ 273.272112][ T9218] CPU: 0 PID: 9218 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 273.281074][ T9218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.282344][ T9236] overlayfs: failed to resolve './file1 3n>sK_M#3""x )]i< [ 273.282344][ T9236] ddXXB33K"1P+': -2 [ 273.291125][ T9218] Call Trace: [ 273.291167][ T9218] dump_stack+0x1db/0x2d0 [ 273.291191][ T9218] ? dump_stack_print_info.cold+0x20/0x20 [ 273.291208][ T9218] ? ext4_xattr_get+0x19c/0xaa0 [ 273.291237][ T9218] should_fail.cold+0xa/0x14 [ 273.291261][ T9218] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 273.334671][ T9218] ? ___might_sleep+0x1e7/0x310 [ 273.339525][ T9218] ? arch_local_save_flags+0x50/0x50 [ 273.344822][ T9218] ? __vfs_setxattr+0x190/0x190 [ 273.349683][ T9218] __should_failslab+0x121/0x190 [ 273.354626][ T9218] should_failslab+0x9/0x14 [ 273.359138][ T9218] __kmalloc+0x2dc/0x740 13:23:15 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a0") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:15 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000), 0x0, 0x0) close(r0) [ 273.360760][ T9240] overlayfs: failed to resolve './file1 3n>sK_M#3""x )]i< [ 273.360760][ T9240] ddXXB33K"1P+': -2 [ 273.363386][ T9218] ? xattr_permission+0x300/0x300 [ 273.363405][ T9218] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 273.363421][ T9218] ? ovl_check_dir_xattr+0xba/0x180 [ 273.363437][ T9218] ? ovl_check_origin_xattr+0x40/0x40 [ 273.363452][ T9218] ? ovl_get_redirect_xattr+0xe5/0x256 [ 273.363475][ T9218] ovl_get_redirect_xattr+0xe5/0x256 [ 273.410784][ T9218] ovl_lookup_single+0x52b/0x880 [ 273.415735][ T9218] ovl_lookup_layer+0x40d/0x4c0 [ 273.420570][ T9218] ? rcu_read_lock_sched_held+0x110/0x130 [ 273.426269][ T9218] ? ovl_lookup_single+0x880/0x880 [ 273.431367][ T9218] ? ovl_path_real+0x410/0x410 [ 273.436122][ T9218] ? ovl_lookup+0x12da/0x29b0 [ 273.440792][ T9218] ovl_lookup+0x140b/0x29b0 [ 273.445295][ T9218] ? ovl_path_next+0x2e0/0x2e0 [ 273.450049][ T9218] ? kasan_check_read+0x11/0x20 [ 273.454889][ T9218] ? _raw_spin_unlock+0x2d/0x50 [ 273.459720][ T9218] ? d_alloc+0x2a3/0x420 [ 273.463964][ T9218] ? __d_alloc+0xbe0/0xbe0 [ 273.468384][ T9218] ? lock_rename+0x1ef/0x290 [ 273.473002][ T9218] __lookup_hash+0x122/0x190 [ 273.477580][ T9218] do_renameat2+0x6b2/0x1120 [ 273.482159][ T9218] ? user_path_create+0x50/0x50 [ 273.486992][ T9218] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 273.493213][ T9218] ? fput+0x128/0x1a0 [ 273.497228][ T9218] ? do_syscall_64+0x8c/0x800 [ 273.501921][ T9218] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.507983][ T9218] ? trace_hardirqs_off_caller+0x300/0x300 [ 273.513772][ T9218] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 273.519226][ T9218] __x64_sys_rename+0x61/0x80 [ 273.523903][ T9218] do_syscall_64+0x1a3/0x800 [ 273.528475][ T9218] ? syscall_return_slowpath+0x5f0/0x5f0 [ 273.534106][ T9218] ? prepare_exit_to_usermode+0x232/0x3b0 [ 273.539851][ T9218] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 273.545377][ T9218] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.551263][ T9218] RIP: 0033:0x457ec9 [ 273.555146][ T9218] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 273.574726][ T9218] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 273.583126][ T9218] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 273.591090][ T9218] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 273.599043][ T9218] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 273.607002][ T9218] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 273.614961][ T9218] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 13:23:16 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c12") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:16 executing program 5: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x0, 0x8040) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0x0, 0x2) rename(&(0x7f0000000380)='./file0/file1/file0\x00', &(0x7f0000000240)='./file0/file0\x00') syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x4, &(0x7f00000001c0)=[{&(0x7f00000003c0)="d82b5738da6a8d8bc8646b8edbb8274d43db37b6895dae351236c31df9761fa8a1ff82cb8f0f5ecc659f9478c960b4309cea207f8e9536e605f97c5b4184694a834efa1a23b2566c1130965b1801bec5f00ef3a650811b6a9396d6c9df94ab568a4746e1f5f4c14516ebad87025dc49880eb33fe2c541679655aa66aafccc64d9589ca905b53a8e140aa27b66702c86c570ffdc28f63aabf8712e4e7c50cf7bef59fdb93d435373fff0319b35c5d1a731f8e1eac920fd7f2cf7a52f3a91dcb270f2feb9424c03a31b32ef6dcaadba1ced3dcf21804ff7d445ecd53b29a846d081d7eed583e92b17c107c042eca35c01931", 0xf1, 0x9}, {&(0x7f0000000500)="f02268e061a7d2a1528c5c36918d9e37a9d40dd8f18d8cff46427bf796f02f12970f70033c58aaebc6ba371d8995375f2051192f34263b4514bd749b698156c1888534f8e1d1e297a03e22ba8759adf328c02b1689f42a72bc9f4539b001963e82c0906d52ffd8a9d1be01ca73d3ab2591d6f7a0aba994e0922a0b3400721b745b824545a9ecdaccdf92ac19798ef570325a773de608986d2854467af2bdfbace90bf6ff0dda56bb0042e78a40bb2b084c529959176390fef94c5e8ecf1cc2f7533db863cb70e308cd5bd006b84cbddb65e5434a3d10b55fc0f4b5af84a53ae81c23d334f5da1071251f84ad3b8e8edc2195be6c6751531e0b32178d62db872c53569781979195fc52951276f7b3c1fbb131fae45de33e82f596051eea7062ba33ce9649cd9639806f55867ba153276106fa7f53e27abbdd4e763f7a153effdd418869d117de985eaf05d5b1817f0ed3647d72cd0a8f5d1cb7d99f3aaed306cc441485e13898e6029d13d81fa33e8d5fa2ed4f6b25794d1b8408748a282109be5b55f3f017ca5235df15f69a445e3e8014f0fa0fa55d1c77b6ff123aafb075fb69aeb5b8c24f531cbc226e692c492a0ddc7f660f01cc9f46c9f4e9380c5c25bf9e221c78edc3ba1a46402d54829161d8e200c4bac08f0964f3015afd5acfc622350b50f217045d4be88b8510032c867b9344da3b36be47688023e11410e54e15ef067c84785f0f48bee6c5ebc2991a862f6d0af3dfb204b48b7041a585cfa691760424a402280a4eb2e12b29de24a116e929ab40256f650c5d616d8a7a1e97862f5aac19d85082d85b3cce7e0dc6bb0f5a46b73407d7f8cad4eb813e15e690fef5cc5ed475dc30afa9140f31c74d0bafa152ec776fc5982c44180b6f0fd351246e13f18bc4d06514d6bc26fe205f802a0f75842817521066f353b05f1c9a20c70548e9dce088f5bdb6d9ba9a945da39dbb95c43eadecc10fbc015c1f6bc287accd6decb80ed9767005cabe5c0cb882b79696c3c72281a34d4552752dc69d05bd5b28456ea79b5be8f79f1bd38b5040f87cad4937fbaf71869f2e0578cdffd86f868944e7158c7947aa68ae22cf3bed9a68895f94e8095e09941c74950885906dc4e8d0d564c3bad1105b77faf142aa0b77b94f61b4b787cb426890afce180dbd39bc5ea01b35e08b2ce10fa81908fbb91cedc7146a2b6e8e0b73c9315994f30e66f1c84ec59cd44a5fe66279f1d7e1412ff0b1bbb7b45f2646ae32faa12a073e7e379cba0da8460881ca94acc23734581fed66d4067faeb38a15363b3c1f3cc2b278469b06b0b0bf6cc90532df2a6d84447716f36b3ea4ad975613696d9a2ae7b24176fdd793ee5f239521005ef8212a991dd912325bf5fb797a55e67d1676de0d8987da9274b783633cedb98c051d1aad5638ebccc41212e80adacb83014ca9a632650b874ecc2ea80d9831c1f70cb5efec9845b4b5d3433b94a1ba7ff5fb8cbd84024d57a223a54ac271f6266a5e736d89a391646e27add36a58d2c9b765e017c8ac666512027056c77893dc5593a00213f7945f639d61ae0df61f8e671eeabf987140747a742d74d15e8cca731b237b70e5a701ca505fbba08ce748976857455494b3e3c202120771d7111f4240f0672978c12973b5a369ef540eca5abe63b2cc063e24895809ef59944402f82f970869ad4d73fe7a84abed071b196f296351a34c8bd09cee4dc1a787dbb6794acb399fb8e6c26fc032782e0431d3af1d8f3d8ba89de3976fccb79f787645fe40865391b29f2ca2dbabd6149b0954accc226297321873c182c9eba2a46e28269f083f6b7113f7495e882f042d03f448a4d922dca4a61f2a26d80ef9f0ad7201ac9123804b24cffaef69f7bff037942c28b99bb3f74b2cc0561e4dee3ee42309afe28d60ffa716d798a19f5c3f4692b4c51a2946fb0d21d8aa48c95c2fc55b7c0286731f2c5949d2840949e96667115be1df0b4c464a6bbb9c61bb339a7d2af3a3e01195b5496a6b8e447a9720a62a2c0079adc6ca93f60afee18579986e17c614da5179e1706a9317647db88aedd8f5069589d1b872e94849da6b0d66f9f2fab15953025e043f30c234fcf4a12805beb7c802d559c68f087742fc0cdbc66808073c7da45fae1d914afae2eddbb59682c0f3ff992db84fdd614774dc467a34c231119a788a9e57186e191fff0c1209520e5149b56848a7e5a8811d51048bfc15733df6fbefd6021525a05264e06ec4e9dfba1bab5bdd99867d52a5e5797c3db146d60fd39ec3103fd23f2827b9c1e66fb35614f36c86f6e20541af378e013e9f6ab406c18cafc3f51ce6dd6a17aeba5609c00b756c83fc6c78cecbbbe08cd270cf4f68afddaab892696fcb140664348fd4baa8bdfb1a5c6cdbe50cf32bfcfcbecc028da55b29f7946badef7b9826d636b0d373c2b955eadfc08c35dc455560f41882066f79b93c3aa8057af7f5af915a52f7ade8b542c74242c9a5d305c06b45af1ff17b96833945abe132511ba621276cba0883e38338769a3a537632deadc619c95cace7a1b6ca610d357cf75fea5d2682b4e7045b3a456530c0a6dac38b531d47f0029c2bb7681821b02182d83b19a5b0c99f99d26e72e1dc3fcbdb256d046f334ccd4a87807432546741eecd2909d4a96d42ec12859208bde2cd96e1e88577f2c1850764cf556b3546dd3b8249e2798c91ab68abd9eacd2ae0ce188ab067e72c40569a3b7eecd6708dbcf374b9fa2a6a0260fb096a0fb1b75d0af9296ee471611ba76511f2f50e7a414b39beb1c1d8f64988b37c02a1dd350a1e40f4a2d8bc24f29f1c03286ee80a759b4357b042d424cf4cbae474d89b633815751fa2343a648c623220ad5586bd61c67a30ec6bbf5de5bc0f8d8e3826305acabf336c3501bd34eaf44d174fda18f3dd630bd4b45ba39b141fd1e900a4cd1a9c75e95a9bb7798513eb448cfc79612462cfdf81421c201d4ac82b342faa152d8be8ebe143552254284eb763b86cc4ca1b8171a72df76fcc79859a65e2bca731adbb23905a1a6f22f8e0442af4ac28bceedf9f33f6d6c1a82acdaf4978d788864b683798bd20708780826ac1ff8a208ec03cdc748f2102d89c3433c1fc3f7b5506383026ffd03a3ea1240b483c4fdade16ccdf98223a8655882e5cf4f736beb2cf4c785d1b76deb7d63776721f88ba9f22cdfb4aab98c79a5e23196fa13db4c5552815c77f913dd4acf67377de4867783e7aaaaf76efe221877d8e8d893b93b08dc276eeb96e4c0340e60622fae616acf3f195691d097580ee40df2dd8dc0ff43832c4ffec37621214cd5c0c91051fc50f4b0644ad9264623b55b286cfc61f352a223b2531610e9bb4ce0270e010dc6649320a124dfd5ea638ac862dfef3bf3afcf92e38c1f7541bb41b3c64c6eff123280da680b6ddcf5626541a8990246dcf97b16af3513ec7c344558517629987aa0923a4503d6de90f2152f0dda2dbc9eb6ae6a9e1e3c26dd02224b4a8f450a6bc43d4613afaa83e7c2bb3a99e51fa32a775f8b4641015fc0b5decfdb15f2d7c9bed52965bd7a80789208111603f4a6889b7ac7d6332d8d91e349aa1054511ca70b8cae110f2ea949dcfb661822995a5727268e98e21d80b8a869970839c047cdfea4b7438c6afb8d5b6bde9a7ff2ff035ede7936e2641fc149cf1694e15e251ab378fe306d31106aeccf94234a8f53e353a2fed3b7f111ec7945b03080d8c27e5b05a0fa6e58e47caaa425c3b97116aa7267d9e40140a32489b86c3d60816e69d9e07cde3946492683a86043c0894098d99126741383062e2426be01703f248cf9e7733ac0f715c128c7089b4c277c71393f405e7a660c2125ed8b5a84966a6e46ddb8ed7d8538fe755bc8997649b8153786665bc556aca365c6fde9d4a79b72086152cab3bd1bd26d90c367688e8b4c70425ea547c472f870b8a4210ea60d829c694200d8535b07553685b9d44c166d1a9e9f0e1e12c2935c2daff9ed20374bc3e51010bc9a72d93b8e38d68b95ab64c2c63a990aea5678e0d2d2f0830bace1202e8313f07eedc5b38b6610a8bcaa8a7d44d57639810e5b3a53f70207d0f6d7dafe4df642b6233a64523e98d43a03cb4a82648c915329187b0b0645721adbd5d98bce6bb49898a21897ab39bb3180a1ed06207ba1bf677a63696929642285919d9a05615d49d929d38f5f1afdd222873f1d99d640e1e0d11e08ee169c49fde11459d0752e50407fabee506b39b09a1a3dd9c144fcf2d6e44039221508655beaa611ee71b9a24c1f18a77f96ec2b7484ed2f1087dea0295027b5e2398101092bdeba87527c1665751dafb67e5ecb44c430f707504d0f305d39908104feeeb7daaa60b23eb8a1fa954e96b79509904abe9b4f3b61120c5b38b7fb694ed9536f5a49ec3be8038b52e87101e8e6f52984386bf804c6417e00d11f5dabba71b563a6171b55e4a4d2caeb56906c299b62282e0e59873003c36ecba3fb5a68591c07f27001d5e0f79ce0748449a58648612e2aa452c2b0dfd469e2712f2c8c97e05c442aeb369dbcb22a443a078cb3a8b805d9348c6dbd627f26427f93cfefe3c0508d8cd018082f355e8b7533dca787b2f46058ee4dd1c5d174da28082bc0eca82a73fabab7fa8b46195a9ca08cf2ae48fe358bcc960204bfc07035c6b8efc600a87e7c6059e18ef471421730512e510d72426b2f08f1b888478b5298fa4b14c9399b91f9d474e5760db5b90239f74eb703ff6110bc77855555506c4c809c4ca502532ffe09ff1e3deeb8c97b62d1dd549fef9c988173bc7683d3a12532f79cf2bc10a1bdf8ed199c8566079517800688228e44a62973f767762709068a5949d2bdfc031e6a43ca86acaa59dcd1d60df480cab8aa9ad0db4e05c157574a2881f5424e592776b32fbd9a1d6dd74fd549326ac988f061702ebb1d549831099494af9fe0d78282a07385a99aa4ae2ca419f79b9b0fe16ca96b485dd9967b794eb26388ddec2759f27a5e738d61c341d6f27d4a077a2b2659b9e2b08cc405d9e11523da9bcf813de34bdde9a40f94e1a6c1f887e79c1636aac36fc58f5b0546fd784eee869c3ba4375208f7f379a2f4340baed36775533ec167bc6a5deedb17325caa91aa014f926629c1746e07dbd36cb7c139ff723075e8af479e167ebbb4e3d2d6807eaa23fb0d8a11eb917367a391c2d1b6ed07a90e45fc59f9bf0698aa166ebe62cceef6d4d215e20cb4cdc09b93f99481494b4e8f8c4025bf5495c32bbb397d5edab6f492ae6c3e3686c3304e3f52163dbe366dfdb831309ea97b0991b18aace871e4eee50642e9a673f5045aa506bccd9e3a5eb28673d2514d860f0675c021fa0bacd5d254364bcce2233c01b1afd09e2d20bed829c6d440f4bc9e5fd9c74eb164f2b0c8d31bd426fa8450c972a92afd0f283d4e905272105937cf74c577127614c7a42e55e021fb3ab337accea07cbf3774ea1d6a08d6d32ffb9573e0dc2612de122d4dba17811706fe6bcdb57b5ae02d6697519725fa31ba34b0cb997d603fa65fdc2204dd1099a546dfea05f14528ebadb325a395d1ad4e3a7da2c85afc6d48d6dc1df3cbfa0fb2c1308fe8cd62adc3dd9b7e5a376b4269014e5cd8390be7b137453dadca3ede88c00894f90fd95cfb7348684f24f001d7bc0637db220e26df6c3f5b0754c6a6a64e8299a849ad3b2d280e52dc7dc900bf7a8f6da477b4b8d0bca4a28d1d107cab2a67e5147a40fcb2a637b6ada24c1d14396d6483a6f22ef754977207e760f1b", 0x1000, 0x3f}, {&(0x7f0000001500)="55420e79e3938cf2b9de55e22490bc491aaedb2160c0cc4f764639ecd02bd85f6245d89ae4e0b91b63c866f22294aab5ecedc97c88c6444f33d7c665e263d9d094876f79cd80ddb0cd84ce2e945e6bfae948a9d650f9e414f16678d820547cbcc9686e574929fe4ba8dcd6254dfdbb52741ea77bc9dc516f12eb1be773e63d29c05ad85a02647ee8dd862ec936f1cbf136001982babc95a34d4bb14a972fb69e1bd3ddce5584", 0xa6, 0x1}, {&(0x7f00000015c0)="048071f6e55f2511081853f6f980aacd8fb3e787a8547515e85bd3ee898f866bc7a1a13fce068ce7a8dde7016135749090df41f4c30f2a2dc65126e46131e81c92ba3a748e612ebd8c2e054779cc699e4b06555425fa348761a6cb86dbdfe55f4a40d294a5a73c144ad2dc38632fc1affe7462344215194675992c40dda23b0b70e5a6bd88893d56b202eddb7ee263fc0567b5a36f8a36c097110e3530733b50f8b304dc21b82dbc3c2922bc64af61de6550eeced24ed1f8568d600c3ebde90081a0f7feaec67176fcd432c574c7ddf0417509f44abf34e8fbdb0ac650f8dd49a1c760fe9cfc506b72d465a5b9dee37738c8356650727826d5", 0xf9, 0x2}], 0x10488, &(0x7f00000016c0)={[{@numtail='nonumtail=0'}, {@fat=@flush='flush'}, {@fat=@check_normal='check=normal'}, {@shortname_win95='shortname=win95'}, {@utf8no='utf8=0'}, {@numtail='nonumtail=0'}, {@utf8no='utf8=0'}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@measure='measure'}]}) 13:23:16 executing program 1 (fault-call:5 fault-nth:10): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c12") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 273.845170][ T9261] overlayfs: filesystem on './file0' not supported as upperdir [ 273.850605][ T9252] FAULT_INJECTION: forcing a failure. [ 273.850605][ T9252] name failslab, interval 1, probability 0, space 0, times 0 [ 273.874130][ T9252] CPU: 0 PID: 9252 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 273.883217][ T9252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.883225][ T9252] Call Trace: [ 273.883257][ T9252] dump_stack+0x1db/0x2d0 [ 273.883319][ T9252] ? dump_stack_print_info.cold+0x20/0x20 [ 273.906659][ T9252] ? ___might_sleep+0x1e7/0x310 [ 273.906672][ T9252] ? vfs_getxattr+0x275/0x390 [ 273.906710][ T9252] should_fail.cold+0xa/0x14 [ 273.906728][ T9252] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 273.906748][ T9252] ? ___might_sleep+0x1e7/0x310 [ 273.931455][ T9252] ? __ext4_get_inode_loc+0x463/0x1340 [ 273.936922][ T9252] ? arch_local_save_flags+0x50/0x50 [ 273.942222][ T9252] ? rcu_read_unlock_special+0x380/0x380 [ 273.947939][ T9252] __should_failslab+0x121/0x190 [ 273.952897][ T9252] should_failslab+0x9/0x14 [ 273.957414][ T9252] kmem_cache_alloc+0x2be/0x710 [ 273.962330][ T9252] ? block_commit_write+0x30/0x30 [ 273.967377][ T9252] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 273.973647][ T9252] ? xattr_find_entry+0x270/0x320 [ 273.978708][ T9252] mb_cache_entry_create+0x136/0xb30 [ 273.984026][ T9252] ? ext4_xattr_ibody_get+0x108/0x640 [ 273.989407][ T9252] ? mb_cache_scan+0x50/0x50 13:23:16 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(0xffffffffffffffff) 13:23:16 executing program 4: mkdir(&(0x7f0000000080)='./file0/file1/file0\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000040)='./file0/file0\x00') 13:23:16 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a0") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:16 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a0") clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 273.994020][ T9252] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 274.000266][ T9252] ? ext4_sb_bread+0x138/0x310 [ 274.005078][ T9252] ? ext4_group_desc_csum+0xe60/0xe60 [ 274.010458][ T9252] ? __down_interruptible+0x740/0x740 [ 274.015837][ T9252] ? ovl_lookup_single+0x52b/0x880 [ 274.020945][ T9252] ? ovl_lookup_layer+0x40d/0x4c0 [ 274.025981][ T9252] ? ovl_lookup+0x140b/0x29b0 [ 274.030692][ T9252] ? __lookup_hash+0x122/0x190 [ 274.035463][ T9252] ext4_xattr_get+0x5ad/0xaa0 [ 274.040156][ T9252] ? ext4_xattr_ibody_get+0x640/0x640 [ 274.045543][ T9252] ? apparmor_cred_transfer+0x670/0x670 [ 274.051092][ T9252] ? __lock_is_held+0xb6/0x140 [ 274.055860][ T9252] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 274.062103][ T9252] ? __sanitizer_cov_trace_cmp1+0x17/0x20 [ 274.067801][ T9252] ? ext4_xattr_trusted_set+0x40/0x40 [ 274.073178][ T9252] ext4_xattr_trusted_get+0x32/0x40 [ 274.078386][ T9252] __vfs_getxattr+0xf0/0x150 [ 274.082953][ T9252] ? __vfs_setxattr+0x190/0x190 [ 274.087784][ T9252] ? capable+0x1f/0x30 [ 274.091846][ T9252] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 274.098071][ T9252] vfs_getxattr+0x275/0x390 [ 274.102586][ T9252] ? xattr_permission+0x300/0x300 [ 274.107617][ T9252] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 274.113837][ T9252] ? ovl_check_dir_xattr+0xba/0x180 [ 274.119019][ T9252] ? ovl_get_redirect_xattr+0xe5/0x256 [ 274.124470][ T9252] ovl_get_redirect_xattr+0x150/0x256 [ 274.129818][ T9252] ovl_lookup_single+0x52b/0x880 [ 274.134782][ T9252] ovl_lookup_layer+0x40d/0x4c0 [ 274.139643][ T9252] ? rcu_read_lock_sched_held+0x110/0x130 [ 274.145357][ T9252] ? ovl_lookup_single+0x880/0x880 [ 274.150456][ T9252] ? ovl_path_real+0x410/0x410 [ 274.155226][ T9252] ? ovl_lookup+0x12da/0x29b0 [ 274.159897][ T9252] ovl_lookup+0x140b/0x29b0 [ 274.164409][ T9252] ? ovl_path_next+0x2e0/0x2e0 [ 274.169159][ T9252] ? kasan_check_read+0x11/0x20 [ 274.174002][ T9252] ? _raw_spin_unlock+0x2d/0x50 [ 274.178864][ T9252] ? d_alloc+0x2a3/0x420 [ 274.183087][ T9252] ? __d_alloc+0xbe0/0xbe0 [ 274.187506][ T9252] ? lock_rename+0x1ef/0x290 [ 274.192095][ T9252] __lookup_hash+0x122/0x190 [ 274.196681][ T9252] do_renameat2+0x6b2/0x1120 [ 274.201326][ T9252] ? user_path_create+0x50/0x50 [ 274.206163][ T9252] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 274.212399][ T9252] ? fput+0x128/0x1a0 [ 274.216397][ T9252] ? do_syscall_64+0x8c/0x800 [ 274.221090][ T9252] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 274.227170][ T9252] ? trace_hardirqs_off_caller+0x300/0x300 [ 274.232987][ T9252] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 274.238447][ T9252] __x64_sys_rename+0x61/0x80 [ 274.243121][ T9252] do_syscall_64+0x1a3/0x800 [ 274.247710][ T9252] ? syscall_return_slowpath+0x5f0/0x5f0 [ 274.253361][ T9252] ? prepare_exit_to_usermode+0x232/0x3b0 [ 274.259061][ T9252] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 274.264593][ T9252] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 274.270464][ T9252] RIP: 0033:0x457ec9 [ 274.274348][ T9252] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 274.293959][ T9252] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 274.302353][ T9252] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 274.310308][ T9252] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 274.318261][ T9252] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 274.326216][ T9252] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 274.334176][ T9252] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 13:23:16 executing program 1 (fault-call:5 fault-nth:11): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:16 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c12") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 274.351382][ T9264] FAT-fs (loop5): Unrecognized mount option "defcontext=root" or missing value 13:23:17 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x0, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:17 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:17 executing program 5: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x0, 0x8040) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0x0, 0x2) rename(&(0x7f0000000380)='./file0/file1/file0\x00', &(0x7f0000000240)='./file0/file0\x00') syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x4, &(0x7f00000001c0)=[{&(0x7f00000003c0)="d82b5738da6a8d8bc8646b8edbb8274d43db37b6895dae351236c31df9761fa8a1ff82cb8f0f5ecc659f9478c960b4309cea207f8e9536e605f97c5b4184694a834efa1a23b2566c1130965b1801bec5f00ef3a650811b6a9396d6c9df94ab568a4746e1f5f4c14516ebad87025dc49880eb33fe2c541679655aa66aafccc64d9589ca905b53a8e140aa27b66702c86c570ffdc28f63aabf8712e4e7c50cf7bef59fdb93d435373fff0319b35c5d1a731f8e1eac920fd7f2cf7a52f3a91dcb270f2feb9424c03a31b32ef6dcaadba1ced3dcf21804ff7d445ecd53b29a846d081d7eed583e92b17c107c042eca35c01931", 0xf1, 0x9}, {&(0x7f0000000500)="f02268e061a7d2a1528c5c36918d9e37a9d40dd8f18d8cff46427bf796f02f12970f70033c58aaebc6ba371d8995375f2051192f34263b4514bd749b698156c1888534f8e1d1e297a03e22ba8759adf328c02b1689f42a72bc9f4539b001963e82c0906d52ffd8a9d1be01ca73d3ab2591d6f7a0aba994e0922a0b3400721b745b824545a9ecdaccdf92ac19798ef570325a773de608986d2854467af2bdfbace90bf6ff0dda56bb0042e78a40bb2b084c529959176390fef94c5e8ecf1cc2f7533db863cb70e308cd5bd006b84cbddb65e5434a3d10b55fc0f4b5af84a53ae81c23d334f5da1071251f84ad3b8e8edc2195be6c6751531e0b32178d62db872c53569781979195fc52951276f7b3c1fbb131fae45de33e82f596051eea7062ba33ce9649cd9639806f55867ba153276106fa7f53e27abbdd4e763f7a153effdd418869d117de985eaf05d5b1817f0ed3647d72cd0a8f5d1cb7d99f3aaed306cc441485e13898e6029d13d81fa33e8d5fa2ed4f6b25794d1b8408748a282109be5b55f3f017ca5235df15f69a445e3e8014f0fa0fa55d1c77b6ff123aafb075fb69aeb5b8c24f531cbc226e692c492a0ddc7f660f01cc9f46c9f4e9380c5c25bf9e221c78edc3ba1a46402d54829161d8e200c4bac08f0964f3015afd5acfc622350b50f217045d4be88b8510032c867b9344da3b36be47688023e11410e54e15ef067c84785f0f48bee6c5ebc2991a862f6d0af3dfb204b48b7041a585cfa691760424a402280a4eb2e12b29de24a116e929ab40256f650c5d616d8a7a1e97862f5aac19d85082d85b3cce7e0dc6bb0f5a46b73407d7f8cad4eb813e15e690fef5cc5ed475dc30afa9140f31c74d0bafa152ec776fc5982c44180b6f0fd351246e13f18bc4d06514d6bc26fe205f802a0f75842817521066f353b05f1c9a20c70548e9dce088f5bdb6d9ba9a945da39dbb95c43eadecc10fbc015c1f6bc287accd6decb80ed9767005cabe5c0cb882b79696c3c72281a34d4552752dc69d05bd5b28456ea79b5be8f79f1bd38b5040f87cad4937fbaf71869f2e0578cdffd86f868944e7158c7947aa68ae22cf3bed9a68895f94e8095e09941c74950885906dc4e8d0d564c3bad1105b77faf142aa0b77b94f61b4b787cb426890afce180dbd39bc5ea01b35e08b2ce10fa81908fbb91cedc7146a2b6e8e0b73c9315994f30e66f1c84ec59cd44a5fe66279f1d7e1412ff0b1bbb7b45f2646ae32faa12a073e7e379cba0da8460881ca94acc23734581fed66d4067faeb38a15363b3c1f3cc2b278469b06b0b0bf6cc90532df2a6d84447716f36b3ea4ad975613696d9a2ae7b24176fdd793ee5f239521005ef8212a991dd912325bf5fb797a55e67d1676de0d8987da9274b783633cedb98c051d1aad5638ebccc41212e80adacb83014ca9a632650b874ecc2ea80d9831c1f70cb5efec9845b4b5d3433b94a1ba7ff5fb8cbd84024d57a223a54ac271f6266a5e736d89a391646e27add36a58d2c9b765e017c8ac666512027056c77893dc5593a00213f7945f639d61ae0df61f8e671eeabf987140747a742d74d15e8cca731b237b70e5a701ca505fbba08ce748976857455494b3e3c202120771d7111f4240f0672978c12973b5a369ef540eca5abe63b2cc063e24895809ef59944402f82f970869ad4d73fe7a84abed071b196f296351a34c8bd09cee4dc1a787dbb6794acb399fb8e6c26fc032782e0431d3af1d8f3d8ba89de3976fccb79f787645fe40865391b29f2ca2dbabd6149b0954accc226297321873c182c9eba2a46e28269f083f6b7113f7495e882f042d03f448a4d922dca4a61f2a26d80ef9f0ad7201ac9123804b24cffaef69f7bff037942c28b99bb3f74b2cc0561e4dee3ee42309afe28d60ffa716d798a19f5c3f4692b4c51a2946fb0d21d8aa48c95c2fc55b7c0286731f2c5949d2840949e96667115be1df0b4c464a6bbb9c61bb339a7d2af3a3e01195b5496a6b8e447a9720a62a2c0079adc6ca93f60afee18579986e17c614da5179e1706a9317647db88aedd8f5069589d1b872e94849da6b0d66f9f2fab15953025e043f30c234fcf4a12805beb7c802d559c68f087742fc0cdbc66808073c7da45fae1d914afae2eddbb59682c0f3ff992db84fdd614774dc467a34c231119a788a9e57186e191fff0c1209520e5149b56848a7e5a8811d51048bfc15733df6fbefd6021525a05264e06ec4e9dfba1bab5bdd99867d52a5e5797c3db146d60fd39ec3103fd23f2827b9c1e66fb35614f36c86f6e20541af378e013e9f6ab406c18cafc3f51ce6dd6a17aeba5609c00b756c83fc6c78cecbbbe08cd270cf4f68afddaab892696fcb140664348fd4baa8bdfb1a5c6cdbe50cf32bfcfcbecc028da55b29f7946badef7b9826d636b0d373c2b955eadfc08c35dc455560f41882066f79b93c3aa8057af7f5af915a52f7ade8b542c74242c9a5d305c06b45af1ff17b96833945abe132511ba621276cba0883e38338769a3a537632deadc619c95cace7a1b6ca610d357cf75fea5d2682b4e7045b3a456530c0a6dac38b531d47f0029c2bb7681821b02182d83b19a5b0c99f99d26e72e1dc3fcbdb256d046f334ccd4a87807432546741eecd2909d4a96d42ec12859208bde2cd96e1e88577f2c1850764cf556b3546dd3b8249e2798c91ab68abd9eacd2ae0ce188ab067e72c40569a3b7eecd6708dbcf374b9fa2a6a0260fb096a0fb1b75d0af9296ee471611ba76511f2f50e7a414b39beb1c1d8f64988b37c02a1dd350a1e40f4a2d8bc24f29f1c03286ee80a759b4357b042d424cf4cbae474d89b633815751fa2343a648c623220ad5586bd61c67a30ec6bbf5de5bc0f8d8e3826305acabf336c3501bd34eaf44d174fda18f3dd630bd4b45ba39b141fd1e900a4cd1a9c75e95a9bb7798513eb448cfc79612462cfdf81421c201d4ac82b342faa152d8be8ebe143552254284eb763b86cc4ca1b8171a72df76fcc79859a65e2bca731adbb23905a1a6f22f8e0442af4ac28bceedf9f33f6d6c1a82acdaf4978d788864b683798bd20708780826ac1ff8a208ec03cdc748f2102d89c3433c1fc3f7b5506383026ffd03a3ea1240b483c4fdade16ccdf98223a8655882e5cf4f736beb2cf4c785d1b76deb7d63776721f88ba9f22cdfb4aab98c79a5e23196fa13db4c5552815c77f913dd4acf67377de4867783e7aaaaf76efe221877d8e8d893b93b08dc276eeb96e4c0340e60622fae616acf3f195691d097580ee40df2dd8dc0ff43832c4ffec37621214cd5c0c91051fc50f4b0644ad9264623b55b286cfc61f352a223b2531610e9bb4ce0270e010dc6649320a124dfd5ea638ac862dfef3bf3afcf92e38c1f7541bb41b3c64c6eff123280da680b6ddcf5626541a8990246dcf97b16af3513ec7c344558517629987aa0923a4503d6de90f2152f0dda2dbc9eb6ae6a9e1e3c26dd02224b4a8f450a6bc43d4613afaa83e7c2bb3a99e51fa32a775f8b4641015fc0b5decfdb15f2d7c9bed52965bd7a80789208111603f4a6889b7ac7d6332d8d91e349aa1054511ca70b8cae110f2ea949dcfb661822995a5727268e98e21d80b8a869970839c047cdfea4b7438c6afb8d5b6bde9a7ff2ff035ede7936e2641fc149cf1694e15e251ab378fe306d31106aeccf94234a8f53e353a2fed3b7f111ec7945b03080d8c27e5b05a0fa6e58e47caaa425c3b97116aa7267d9e40140a32489b86c3d60816e69d9e07cde3946492683a86043c0894098d99126741383062e2426be01703f248cf9e7733ac0f715c128c7089b4c277c71393f405e7a660c2125ed8b5a84966a6e46ddb8ed7d8538fe755bc8997649b8153786665bc556aca365c6fde9d4a79b72086152cab3bd1bd26d90c367688e8b4c70425ea547c472f870b8a4210ea60d829c694200d8535b07553685b9d44c166d1a9e9f0e1e12c2935c2daff9ed20374bc3e51010bc9a72d93b8e38d68b95ab64c2c63a990aea5678e0d2d2f0830bace1202e8313f07eedc5b38b6610a8bcaa8a7d44d57639810e5b3a53f70207d0f6d7dafe4df642b6233a64523e98d43a03cb4a82648c915329187b0b0645721adbd5d98bce6bb49898a21897ab39bb3180a1ed06207ba1bf677a63696929642285919d9a05615d49d929d38f5f1afdd222873f1d99d640e1e0d11e08ee169c49fde11459d0752e50407fabee506b39b09a1a3dd9c144fcf2d6e44039221508655beaa611ee71b9a24c1f18a77f96ec2b7484ed2f1087dea0295027b5e2398101092bdeba87527c1665751dafb67e5ecb44c430f707504d0f305d39908104feeeb7daaa60b23eb8a1fa954e96b79509904abe9b4f3b61120c5b38b7fb694ed9536f5a49ec3be8038b52e87101e8e6f52984386bf804c6417e00d11f5dabba71b563a6171b55e4a4d2caeb56906c299b62282e0e59873003c36ecba3fb5a68591c07f27001d5e0f79ce0748449a58648612e2aa452c2b0dfd469e2712f2c8c97e05c442aeb369dbcb22a443a078cb3a8b805d9348c6dbd627f26427f93cfefe3c0508d8cd018082f355e8b7533dca787b2f46058ee4dd1c5d174da28082bc0eca82a73fabab7fa8b46195a9ca08cf2ae48fe358bcc960204bfc07035c6b8efc600a87e7c6059e18ef471421730512e510d72426b2f08f1b888478b5298fa4b14c9399b91f9d474e5760db5b90239f74eb703ff6110bc77855555506c4c809c4ca502532ffe09ff1e3deeb8c97b62d1dd549fef9c988173bc7683d3a12532f79cf2bc10a1bdf8ed199c8566079517800688228e44a62973f767762709068a5949d2bdfc031e6a43ca86acaa59dcd1d60df480cab8aa9ad0db4e05c157574a2881f5424e592776b32fbd9a1d6dd74fd549326ac988f061702ebb1d549831099494af9fe0d78282a07385a99aa4ae2ca419f79b9b0fe16ca96b485dd9967b794eb26388ddec2759f27a5e738d61c341d6f27d4a077a2b2659b9e2b08cc405d9e11523da9bcf813de34bdde9a40f94e1a6c1f887e79c1636aac36fc58f5b0546fd784eee869c3ba4375208f7f379a2f4340baed36775533ec167bc6a5deedb17325caa91aa014f926629c1746e07dbd36cb7c139ff723075e8af479e167ebbb4e3d2d6807eaa23fb0d8a11eb917367a391c2d1b6ed07a90e45fc59f9bf0698aa166ebe62cceef6d4d215e20cb4cdc09b93f99481494b4e8f8c4025bf5495c32bbb397d5edab6f492ae6c3e3686c3304e3f52163dbe366dfdb831309ea97b0991b18aace871e4eee50642e9a673f5045aa506bccd9e3a5eb28673d2514d860f0675c021fa0bacd5d254364bcce2233c01b1afd09e2d20bed829c6d440f4bc9e5fd9c74eb164f2b0c8d31bd426fa8450c972a92afd0f283d4e905272105937cf74c577127614c7a42e55e021fb3ab337accea07cbf3774ea1d6a08d6d32ffb9573e0dc2612de122d4dba17811706fe6bcdb57b5ae02d6697519725fa31ba34b0cb997d603fa65fdc2204dd1099a546dfea05f14528ebadb325a395d1ad4e3a7da2c85afc6d48d6dc1df3cbfa0fb2c1308fe8cd62adc3dd9b7e5a376b4269014e5cd8390be7b137453dadca3ede88c00894f90fd95cfb7348684f24f001d7bc0637db220e26df6c3f5b0754c6a6a64e8299a849ad3b2d280e52dc7dc900bf7a8f6da477b4b8d0bca4a28d1d107cab2a67e5147a40fcb2a637b6ada24c1d14396d6483a6f22ef754977207e760f1b", 0x1000, 0x3f}, {&(0x7f0000001500)="55420e79e3938cf2b9de55e22490bc491aaedb2160c0cc4f764639ecd02bd85f6245d89ae4e0b91b63c866f22294aab5ecedc97c88c6444f33d7c665e263d9d094876f79cd80ddb0cd84ce2e945e6bfae948a9d650f9e414f16678d820547cbcc9686e574929fe4ba8dcd6254dfdbb52741ea77bc9dc516f12eb1be773e63d29c05ad85a02647ee8dd862ec936f1cbf136001982babc95a34d4bb14a972fb69e1bd3ddce5584", 0xa6, 0x1}, {&(0x7f00000015c0)="048071f6e55f2511081853f6f980aacd8fb3e787a8547515e85bd3ee898f866bc7a1a13fce068ce7a8dde7016135749090df41f4c30f2a2dc65126e46131e81c92ba3a748e612ebd8c2e054779cc699e4b06555425fa348761a6cb86dbdfe55f4a40d294a5a73c144ad2dc38632fc1affe7462344215194675992c40dda23b0b70e5a6bd88893d56b202eddb7ee263fc0567b5a36f8a36c097110e3530733b50f8b304dc21b82dbc3c2922bc64af61de6550eeced24ed1f8568d600c3ebde90081a0f7feaec67176fcd432c574c7ddf0417509f44abf34e8fbdb0ac650f8dd49a1c760fe9cfc506b72d465a5b9dee37738c8356650727826d5", 0xf9, 0x2}], 0x10488, &(0x7f00000016c0)={[{@numtail='nonumtail=0'}, {@fat=@flush='flush'}, {@fat=@check_normal='check=normal'}, {@shortname_win95='shortname=win95'}, {@utf8no='utf8=0'}, {@numtail='nonumtail=0'}, {@utf8no='utf8=0'}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@measure='measure'}]}) [ 274.535058][ T9288] overlayfs: failed to resolve './file1': -2 13:23:17 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 274.585011][ T9298] overlayfs: failed to resolve './file1': -2 [ 274.592872][ T9290] FAULT_INJECTION: forcing a failure. [ 274.592872][ T9290] name failslab, interval 1, probability 0, space 0, times 0 13:23:17 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x3) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000140)=""/113) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000380)={[{0x20, 0x8, 0x2, 0x9, 0xcc, 0x800, 0x800, 0xffffffffffffff00, 0x0, 0x8, 0xc61, 0x4, 0x3d0000000000}, {0x10000, 0x6, 0x9, 0x84b, 0x22, 0x400, 0x7, 0x8353, 0x9, 0x3ff, 0x2, 0x7, 0x8}, {0x7, 0x9, 0x6, 0xe3e, 0x3, 0x7, 0x800, 0x945, 0x80000001, 0x2, 0xfffffffffffffff8, 0xfffffffffffffec6, 0x100}], 0x100000000}) lsetxattr$trusted_overlay_redirect(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='trusted.overlay.redirect\x00', &(0x7f0000000240)='./file0\x00', 0x8, 0x2) rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:17 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x0, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 274.664521][ T9295] FAT-fs (loop5): Unrecognized mount option "defcontext=root" or missing value [ 274.671263][ T9290] CPU: 1 PID: 9290 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 274.682385][ T9290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 274.692441][ T9290] Call Trace: [ 274.695738][ T9290] dump_stack+0x1db/0x2d0 [ 274.700134][ T9290] ? dump_stack_print_info.cold+0x20/0x20 [ 274.705863][ T9290] should_fail.cold+0xa/0x14 [ 274.710462][ T9290] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 274.716288][ T9290] ? ___might_sleep+0x1e7/0x310 [ 274.721158][ T9290] ? arch_local_save_flags+0x50/0x50 [ 274.726435][ T9290] ? ovl_is_whiteout+0x89/0x110 [ 274.731260][ T9290] ? ovl_lookup_single+0xed/0x880 [ 274.736288][ T9290] __should_failslab+0x121/0x190 [ 274.741208][ T9290] should_failslab+0x9/0x14 [ 274.745707][ T9290] __kmalloc+0x2dc/0x740 [ 274.749932][ T9290] ? ovl_lookup_single+0x880/0x880 [ 274.755025][ T9290] ? ovl_path_real+0x410/0x410 [ 274.759773][ T9290] ? ovl_alloc_entry+0x25/0x70 [ 274.764518][ T9290] ovl_alloc_entry+0x25/0x70 [ 274.769090][ T9290] ovl_lookup+0xa58/0x29b0 [ 274.773496][ T9290] ? ovl_path_next+0x2e0/0x2e0 [ 274.778244][ T9290] ? kasan_check_read+0x11/0x20 [ 274.783080][ T9290] ? _raw_spin_unlock+0x2d/0x50 [ 274.787927][ T9290] ? d_alloc+0x2a3/0x420 [ 274.792173][ T9290] ? __d_alloc+0xbe0/0xbe0 [ 274.796581][ T9290] ? lock_rename+0x1ef/0x290 [ 274.801170][ T9290] __lookup_hash+0x122/0x190 [ 274.805772][ T9290] do_renameat2+0x6b2/0x1120 [ 274.810364][ T9290] ? user_path_create+0x50/0x50 [ 274.815194][ T9290] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 274.821412][ T9290] ? fput+0x128/0x1a0 [ 274.825404][ T9290] ? do_syscall_64+0x8c/0x800 [ 274.830098][ T9290] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 274.836165][ T9290] ? trace_hardirqs_off_caller+0x300/0x300 [ 274.841975][ T9290] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 274.847421][ T9290] __x64_sys_rename+0x61/0x80 [ 274.852086][ T9290] do_syscall_64+0x1a3/0x800 [ 274.856674][ T9290] ? syscall_return_slowpath+0x5f0/0x5f0 [ 274.862300][ T9290] ? prepare_exit_to_usermode+0x232/0x3b0 [ 274.868011][ T9290] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 274.873547][ T9290] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 274.879440][ T9290] RIP: 0033:0x457ec9 [ 274.883318][ T9290] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 274.902901][ T9290] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 274.911316][ T9290] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 274.919264][ T9290] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 274.927227][ T9290] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 274.935190][ T9290] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 274.943143][ T9290] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 [ 275.091963][ T9315] overlayfs: filesystem on './file0' not supported as upperdir 13:23:17 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x0, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:17 executing program 1 (fault-call:5 fault-nth:12): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:17 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:17 executing program 5: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x0, 0x8040) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0x0, 0x2) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x4, &(0x7f00000001c0)=[{&(0x7f00000003c0)="d82b5738da6a8d8bc8646b8edbb8274d43db37b6895dae351236c31df9761fa8a1ff82cb8f0f5ecc659f9478c960b4309cea207f8e9536e605f97c5b4184694a834efa1a23b2566c1130965b1801bec5f00ef3a650811b6a9396d6c9df94ab568a4746e1f5f4c14516ebad87025dc49880eb33fe2c541679655aa66aafccc64d9589ca905b53a8e140aa27b66702c86c570ffdc28f63aabf8712e4e7c50cf7bef59fdb93d435373fff0319b35c5d1a731f8e1eac920fd7f2cf7a52f3a91dcb270f2feb9424c03a31b32ef6dcaadba1ced3dcf21804ff7d445ecd53b29a846d081d7eed583e92b17c107c042eca35c01931", 0xf1, 0x9}, {&(0x7f0000000500)="f02268e061a7d2a1528c5c36918d9e37a9d40dd8f18d8cff46427bf796f02f12970f70033c58aaebc6ba371d8995375f2051192f34263b4514bd749b698156c1888534f8e1d1e297a03e22ba8759adf328c02b1689f42a72bc9f4539b001963e82c0906d52ffd8a9d1be01ca73d3ab2591d6f7a0aba994e0922a0b3400721b745b824545a9ecdaccdf92ac19798ef570325a773de608986d2854467af2bdfbace90bf6ff0dda56bb0042e78a40bb2b084c529959176390fef94c5e8ecf1cc2f7533db863cb70e308cd5bd006b84cbddb65e5434a3d10b55fc0f4b5af84a53ae81c23d334f5da1071251f84ad3b8e8edc2195be6c6751531e0b32178d62db872c53569781979195fc52951276f7b3c1fbb131fae45de33e82f596051eea7062ba33ce9649cd9639806f55867ba153276106fa7f53e27abbdd4e763f7a153effdd418869d117de985eaf05d5b1817f0ed3647d72cd0a8f5d1cb7d99f3aaed306cc441485e13898e6029d13d81fa33e8d5fa2ed4f6b25794d1b8408748a282109be5b55f3f017ca5235df15f69a445e3e8014f0fa0fa55d1c77b6ff123aafb075fb69aeb5b8c24f531cbc226e692c492a0ddc7f660f01cc9f46c9f4e9380c5c25bf9e221c78edc3ba1a46402d54829161d8e200c4bac08f0964f3015afd5acfc622350b50f217045d4be88b8510032c867b9344da3b36be47688023e11410e54e15ef067c84785f0f48bee6c5ebc2991a862f6d0af3dfb204b48b7041a585cfa691760424a402280a4eb2e12b29de24a116e929ab40256f650c5d616d8a7a1e97862f5aac19d85082d85b3cce7e0dc6bb0f5a46b73407d7f8cad4eb813e15e690fef5cc5ed475dc30afa9140f31c74d0bafa152ec776fc5982c44180b6f0fd351246e13f18bc4d06514d6bc26fe205f802a0f75842817521066f353b05f1c9a20c70548e9dce088f5bdb6d9ba9a945da39dbb95c43eadecc10fbc015c1f6bc287accd6decb80ed9767005cabe5c0cb882b79696c3c72281a34d4552752dc69d05bd5b28456ea79b5be8f79f1bd38b5040f87cad4937fbaf71869f2e0578cdffd86f868944e7158c7947aa68ae22cf3bed9a68895f94e8095e09941c74950885906dc4e8d0d564c3bad1105b77faf142aa0b77b94f61b4b787cb426890afce180dbd39bc5ea01b35e08b2ce10fa81908fbb91cedc7146a2b6e8e0b73c9315994f30e66f1c84ec59cd44a5fe66279f1d7e1412ff0b1bbb7b45f2646ae32faa12a073e7e379cba0da8460881ca94acc23734581fed66d4067faeb38a15363b3c1f3cc2b278469b06b0b0bf6cc90532df2a6d84447716f36b3ea4ad975613696d9a2ae7b24176fdd793ee5f239521005ef8212a991dd912325bf5fb797a55e67d1676de0d8987da9274b783633cedb98c051d1aad5638ebccc41212e80adacb83014ca9a632650b874ecc2ea80d9831c1f70cb5efec9845b4b5d3433b94a1ba7ff5fb8cbd84024d57a223a54ac271f6266a5e736d89a391646e27add36a58d2c9b765e017c8ac666512027056c77893dc5593a00213f7945f639d61ae0df61f8e671eeabf987140747a742d74d15e8cca731b237b70e5a701ca505fbba08ce748976857455494b3e3c202120771d7111f4240f0672978c12973b5a369ef540eca5abe63b2cc063e24895809ef59944402f82f970869ad4d73fe7a84abed071b196f296351a34c8bd09cee4dc1a787dbb6794acb399fb8e6c26fc032782e0431d3af1d8f3d8ba89de3976fccb79f787645fe40865391b29f2ca2dbabd6149b0954accc226297321873c182c9eba2a46e28269f083f6b7113f7495e882f042d03f448a4d922dca4a61f2a26d80ef9f0ad7201ac9123804b24cffaef69f7bff037942c28b99bb3f74b2cc0561e4dee3ee42309afe28d60ffa716d798a19f5c3f4692b4c51a2946fb0d21d8aa48c95c2fc55b7c0286731f2c5949d2840949e96667115be1df0b4c464a6bbb9c61bb339a7d2af3a3e01195b5496a6b8e447a9720a62a2c0079adc6ca93f60afee18579986e17c614da5179e1706a9317647db88aedd8f5069589d1b872e94849da6b0d66f9f2fab15953025e043f30c234fcf4a12805beb7c802d559c68f087742fc0cdbc66808073c7da45fae1d914afae2eddbb59682c0f3ff992db84fdd614774dc467a34c231119a788a9e57186e191fff0c1209520e5149b56848a7e5a8811d51048bfc15733df6fbefd6021525a05264e06ec4e9dfba1bab5bdd99867d52a5e5797c3db146d60fd39ec3103fd23f2827b9c1e66fb35614f36c86f6e20541af378e013e9f6ab406c18cafc3f51ce6dd6a17aeba5609c00b756c83fc6c78cecbbbe08cd270cf4f68afddaab892696fcb140664348fd4baa8bdfb1a5c6cdbe50cf32bfcfcbecc028da55b29f7946badef7b9826d636b0d373c2b955eadfc08c35dc455560f41882066f79b93c3aa8057af7f5af915a52f7ade8b542c74242c9a5d305c06b45af1ff17b96833945abe132511ba621276cba0883e38338769a3a537632deadc619c95cace7a1b6ca610d357cf75fea5d2682b4e7045b3a456530c0a6dac38b531d47f0029c2bb7681821b02182d83b19a5b0c99f99d26e72e1dc3fcbdb256d046f334ccd4a87807432546741eecd2909d4a96d42ec12859208bde2cd96e1e88577f2c1850764cf556b3546dd3b8249e2798c91ab68abd9eacd2ae0ce188ab067e72c40569a3b7eecd6708dbcf374b9fa2a6a0260fb096a0fb1b75d0af9296ee471611ba76511f2f50e7a414b39beb1c1d8f64988b37c02a1dd350a1e40f4a2d8bc24f29f1c03286ee80a759b4357b042d424cf4cbae474d89b633815751fa2343a648c623220ad5586bd61c67a30ec6bbf5de5bc0f8d8e3826305acabf336c3501bd34eaf44d174fda18f3dd630bd4b45ba39b141fd1e900a4cd1a9c75e95a9bb7798513eb448cfc79612462cfdf81421c201d4ac82b342faa152d8be8ebe143552254284eb763b86cc4ca1b8171a72df76fcc79859a65e2bca731adbb23905a1a6f22f8e0442af4ac28bceedf9f33f6d6c1a82acdaf4978d788864b683798bd20708780826ac1ff8a208ec03cdc748f2102d89c3433c1fc3f7b5506383026ffd03a3ea1240b483c4fdade16ccdf98223a8655882e5cf4f736beb2cf4c785d1b76deb7d63776721f88ba9f22cdfb4aab98c79a5e23196fa13db4c5552815c77f913dd4acf67377de4867783e7aaaaf76efe221877d8e8d893b93b08dc276eeb96e4c0340e60622fae616acf3f195691d097580ee40df2dd8dc0ff43832c4ffec37621214cd5c0c91051fc50f4b0644ad9264623b55b286cfc61f352a223b2531610e9bb4ce0270e010dc6649320a124dfd5ea638ac862dfef3bf3afcf92e38c1f7541bb41b3c64c6eff123280da680b6ddcf5626541a8990246dcf97b16af3513ec7c344558517629987aa0923a4503d6de90f2152f0dda2dbc9eb6ae6a9e1e3c26dd02224b4a8f450a6bc43d4613afaa83e7c2bb3a99e51fa32a775f8b4641015fc0b5decfdb15f2d7c9bed52965bd7a80789208111603f4a6889b7ac7d6332d8d91e349aa1054511ca70b8cae110f2ea949dcfb661822995a5727268e98e21d80b8a869970839c047cdfea4b7438c6afb8d5b6bde9a7ff2ff035ede7936e2641fc149cf1694e15e251ab378fe306d31106aeccf94234a8f53e353a2fed3b7f111ec7945b03080d8c27e5b05a0fa6e58e47caaa425c3b97116aa7267d9e40140a32489b86c3d60816e69d9e07cde3946492683a86043c0894098d99126741383062e2426be01703f248cf9e7733ac0f715c128c7089b4c277c71393f405e7a660c2125ed8b5a84966a6e46ddb8ed7d8538fe755bc8997649b8153786665bc556aca365c6fde9d4a79b72086152cab3bd1bd26d90c367688e8b4c70425ea547c472f870b8a4210ea60d829c694200d8535b07553685b9d44c166d1a9e9f0e1e12c2935c2daff9ed20374bc3e51010bc9a72d93b8e38d68b95ab64c2c63a990aea5678e0d2d2f0830bace1202e8313f07eedc5b38b6610a8bcaa8a7d44d57639810e5b3a53f70207d0f6d7dafe4df642b6233a64523e98d43a03cb4a82648c915329187b0b0645721adbd5d98bce6bb49898a21897ab39bb3180a1ed06207ba1bf677a63696929642285919d9a05615d49d929d38f5f1afdd222873f1d99d640e1e0d11e08ee169c49fde11459d0752e50407fabee506b39b09a1a3dd9c144fcf2d6e44039221508655beaa611ee71b9a24c1f18a77f96ec2b7484ed2f1087dea0295027b5e2398101092bdeba87527c1665751dafb67e5ecb44c430f707504d0f305d39908104feeeb7daaa60b23eb8a1fa954e96b79509904abe9b4f3b61120c5b38b7fb694ed9536f5a49ec3be8038b52e87101e8e6f52984386bf804c6417e00d11f5dabba71b563a6171b55e4a4d2caeb56906c299b62282e0e59873003c36ecba3fb5a68591c07f27001d5e0f79ce0748449a58648612e2aa452c2b0dfd469e2712f2c8c97e05c442aeb369dbcb22a443a078cb3a8b805d9348c6dbd627f26427f93cfefe3c0508d8cd018082f355e8b7533dca787b2f46058ee4dd1c5d174da28082bc0eca82a73fabab7fa8b46195a9ca08cf2ae48fe358bcc960204bfc07035c6b8efc600a87e7c6059e18ef471421730512e510d72426b2f08f1b888478b5298fa4b14c9399b91f9d474e5760db5b90239f74eb703ff6110bc77855555506c4c809c4ca502532ffe09ff1e3deeb8c97b62d1dd549fef9c988173bc7683d3a12532f79cf2bc10a1bdf8ed199c8566079517800688228e44a62973f767762709068a5949d2bdfc031e6a43ca86acaa59dcd1d60df480cab8aa9ad0db4e05c157574a2881f5424e592776b32fbd9a1d6dd74fd549326ac988f061702ebb1d549831099494af9fe0d78282a07385a99aa4ae2ca419f79b9b0fe16ca96b485dd9967b794eb26388ddec2759f27a5e738d61c341d6f27d4a077a2b2659b9e2b08cc405d9e11523da9bcf813de34bdde9a40f94e1a6c1f887e79c1636aac36fc58f5b0546fd784eee869c3ba4375208f7f379a2f4340baed36775533ec167bc6a5deedb17325caa91aa014f926629c1746e07dbd36cb7c139ff723075e8af479e167ebbb4e3d2d6807eaa23fb0d8a11eb917367a391c2d1b6ed07a90e45fc59f9bf0698aa166ebe62cceef6d4d215e20cb4cdc09b93f99481494b4e8f8c4025bf5495c32bbb397d5edab6f492ae6c3e3686c3304e3f52163dbe366dfdb831309ea97b0991b18aace871e4eee50642e9a673f5045aa506bccd9e3a5eb28673d2514d860f0675c021fa0bacd5d254364bcce2233c01b1afd09e2d20bed829c6d440f4bc9e5fd9c74eb164f2b0c8d31bd426fa8450c972a92afd0f283d4e905272105937cf74c577127614c7a42e55e021fb3ab337accea07cbf3774ea1d6a08d6d32ffb9573e0dc2612de122d4dba17811706fe6bcdb57b5ae02d6697519725fa31ba34b0cb997d603fa65fdc2204dd1099a546dfea05f14528ebadb325a395d1ad4e3a7da2c85afc6d48d6dc1df3cbfa0fb2c1308fe8cd62adc3dd9b7e5a376b4269014e5cd8390be7b137453dadca3ede88c00894f90fd95cfb7348684f24f001d7bc0637db220e26df6c3f5b0754c6a6a64e8299a849ad3b2d280e52dc7dc900bf7a8f6da477b4b8d0bca4a28d1d107cab2a67e5147a40fcb2a637b6ada24c1d14396d6483a6f22ef754977207e760f1b", 0x1000, 0x3f}, {&(0x7f0000001500)="55420e79e3938cf2b9de55e22490bc491aaedb2160c0cc4f764639ecd02bd85f6245d89ae4e0b91b63c866f22294aab5ecedc97c88c6444f33d7c665e263d9d094876f79cd80ddb0cd84ce2e945e6bfae948a9d650f9e414f16678d820547cbcc9686e574929fe4ba8dcd6254dfdbb52741ea77bc9dc516f12eb1be773e63d29c05ad85a02647ee8dd862ec936f1cbf136001982babc95a34d4bb14a972fb69e1bd3ddce5584", 0xa6, 0x1}, {&(0x7f00000015c0)="048071f6e55f2511081853f6f980aacd8fb3e787a8547515e85bd3ee898f866bc7a1a13fce068ce7a8dde7016135749090df41f4c30f2a2dc65126e46131e81c92ba3a748e612ebd8c2e054779cc699e4b06555425fa348761a6cb86dbdfe55f4a40d294a5a73c144ad2dc38632fc1affe7462344215194675992c40dda23b0b70e5a6bd88893d56b202eddb7ee263fc0567b5a36f8a36c097110e3530733b50f8b304dc21b82dbc3c2922bc64af61de6550eeced24ed1f8568d600c3ebde90081a0f7feaec67176fcd432c574c7ddf0417509f44abf34e8fbdb0ac650f8dd49a1c760fe9cfc506b72d465a5b9dee37738c8356650727826d5", 0xf9, 0x2}], 0x10488, &(0x7f00000016c0)={[{@numtail='nonumtail=0'}, {@fat=@flush='flush'}, {@fat=@check_normal='check=normal'}, {@shortname_win95='shortname=win95'}, {@utf8no='utf8=0'}, {@numtail='nonumtail=0'}, {@utf8no='utf8=0'}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@measure='measure'}]}) 13:23:17 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000), 0x0, 0x0) close(r0) 13:23:17 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a0") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:17 executing program 4: r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x101000, 0x0) getsockopt$inet6_tcp_int(r0, 0x6, 0x3f, &(0x7f0000000180), &(0x7f00000001c0)=0x4) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000140)={0x2, [0x8, 0x0]}, 0x8) ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000200)) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:17 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) [ 275.303225][ T9320] FAT-fs (loop5): Unrecognized mount option "defcontext=root" or missing value [ 275.326222][ T9327] FAULT_INJECTION: forcing a failure. [ 275.326222][ T9327] name failslab, interval 1, probability 0, space 0, times 0 [ 275.370382][ T9327] CPU: 1 PID: 9327 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 275.379334][ T9327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 275.379342][ T9327] Call Trace: [ 275.379365][ T9327] dump_stack+0x1db/0x2d0 [ 275.379391][ T9327] ? dump_stack_print_info.cold+0x20/0x20 [ 275.402718][ T9327] ? add_lock_to_list.isra.0+0x450/0x450 [ 275.402737][ T9327] ? save_stack+0xa9/0xd0 [ 275.402762][ T9327] should_fail.cold+0xa/0x14 [ 275.402790][ T9327] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 275.423113][ T9327] ? ___might_sleep+0x1e7/0x310 [ 275.427964][ T9327] ? arch_local_save_flags+0x50/0x50 [ 275.433261][ T9327] ? do_raw_spin_unlock+0xa0/0x330 [ 275.438390][ T9327] ? ovl_get_redirect_xattr.cold+0x3a/0x3a [ 275.444198][ T9327] __should_failslab+0x121/0x190 [ 275.449142][ T9327] should_failslab+0x9/0x14 [ 275.453663][ T9327] kmem_cache_alloc+0x2be/0x710 [ 275.458532][ T9327] ? _raw_spin_unlock+0x2d/0x50 [ 275.463416][ T9327] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 275.469654][ T9327] ? ilookup5_nowait+0xaa/0xc0 [ 275.474505][ T9327] ? ovl_i_callback+0x30/0x30 [ 275.479200][ T9327] ? ovl_get_redirect_xattr.cold+0x3a/0x3a [ 275.485048][ T9327] ovl_alloc_inode+0x1c/0x190 [ 275.489728][ T9327] alloc_inode+0x66/0x190 [ 275.494071][ T9327] iget5_locked+0x63/0xe0 [ 275.494086][ T9327] ? ovl_inode_test+0x50/0x50 [ 275.494105][ T9327] ovl_get_inode+0x97c/0xd6d [ 275.494117][ T9327] ? ovl_alloc_entry+0x25/0x70 [ 275.494138][ T9327] ovl_lookup+0xda2/0x29b0 [ 275.494175][ T9327] ? ovl_path_next+0x2e0/0x2e0 [ 275.494197][ T9327] ? kasan_check_read+0x11/0x20 [ 275.526557][ T9327] ? _raw_spin_unlock+0x2d/0x50 [ 275.531419][ T9327] ? __d_alloc+0xbe0/0xbe0 [ 275.535848][ T9327] ? lock_rename+0x1ef/0x290 [ 275.540452][ T9327] __lookup_hash+0x122/0x190 [ 275.545061][ T9327] do_renameat2+0x6b2/0x1120 [ 275.549685][ T9327] ? user_path_create+0x50/0x50 [ 275.554559][ T9327] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 275.560817][ T9327] ? fput+0x128/0x1a0 [ 275.564813][ T9327] ? do_syscall_64+0x8c/0x800 13:23:18 executing program 3 (fault-call:2 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) 13:23:18 executing program 5: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x0, 0x8040) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x4, &(0x7f00000001c0)=[{&(0x7f00000003c0)="d82b5738da6a8d8bc8646b8edbb8274d43db37b6895dae351236c31df9761fa8a1ff82cb8f0f5ecc659f9478c960b4309cea207f8e9536e605f97c5b4184694a834efa1a23b2566c1130965b1801bec5f00ef3a650811b6a9396d6c9df94ab568a4746e1f5f4c14516ebad87025dc49880eb33fe2c541679655aa66aafccc64d9589ca905b53a8e140aa27b66702c86c570ffdc28f63aabf8712e4e7c50cf7bef59fdb93d435373fff0319b35c5d1a731f8e1eac920fd7f2cf7a52f3a91dcb270f2feb9424c03a31b32ef6dcaadba1ced3dcf21804ff7d445ecd53b29a846d081d7eed583e92b17c107c042eca35c01931", 0xf1, 0x9}, {&(0x7f0000000500)="f02268e061a7d2a1528c5c36918d9e37a9d40dd8f18d8cff46427bf796f02f12970f70033c58aaebc6ba371d8995375f2051192f34263b4514bd749b698156c1888534f8e1d1e297a03e22ba8759adf328c02b1689f42a72bc9f4539b001963e82c0906d52ffd8a9d1be01ca73d3ab2591d6f7a0aba994e0922a0b3400721b745b824545a9ecdaccdf92ac19798ef570325a773de608986d2854467af2bdfbace90bf6ff0dda56bb0042e78a40bb2b084c529959176390fef94c5e8ecf1cc2f7533db863cb70e308cd5bd006b84cbddb65e5434a3d10b55fc0f4b5af84a53ae81c23d334f5da1071251f84ad3b8e8edc2195be6c6751531e0b32178d62db872c53569781979195fc52951276f7b3c1fbb131fae45de33e82f596051eea7062ba33ce9649cd9639806f55867ba153276106fa7f53e27abbdd4e763f7a153effdd418869d117de985eaf05d5b1817f0ed3647d72cd0a8f5d1cb7d99f3aaed306cc441485e13898e6029d13d81fa33e8d5fa2ed4f6b25794d1b8408748a282109be5b55f3f017ca5235df15f69a445e3e8014f0fa0fa55d1c77b6ff123aafb075fb69aeb5b8c24f531cbc226e692c492a0ddc7f660f01cc9f46c9f4e9380c5c25bf9e221c78edc3ba1a46402d54829161d8e200c4bac08f0964f3015afd5acfc622350b50f217045d4be88b8510032c867b9344da3b36be47688023e11410e54e15ef067c84785f0f48bee6c5ebc2991a862f6d0af3dfb204b48b7041a585cfa691760424a402280a4eb2e12b29de24a116e929ab40256f650c5d616d8a7a1e97862f5aac19d85082d85b3cce7e0dc6bb0f5a46b73407d7f8cad4eb813e15e690fef5cc5ed475dc30afa9140f31c74d0bafa152ec776fc5982c44180b6f0fd351246e13f18bc4d06514d6bc26fe205f802a0f75842817521066f353b05f1c9a20c70548e9dce088f5bdb6d9ba9a945da39dbb95c43eadecc10fbc015c1f6bc287accd6decb80ed9767005cabe5c0cb882b79696c3c72281a34d4552752dc69d05bd5b28456ea79b5be8f79f1bd38b5040f87cad4937fbaf71869f2e0578cdffd86f868944e7158c7947aa68ae22cf3bed9a68895f94e8095e09941c74950885906dc4e8d0d564c3bad1105b77faf142aa0b77b94f61b4b787cb426890afce180dbd39bc5ea01b35e08b2ce10fa81908fbb91cedc7146a2b6e8e0b73c9315994f30e66f1c84ec59cd44a5fe66279f1d7e1412ff0b1bbb7b45f2646ae32faa12a073e7e379cba0da8460881ca94acc23734581fed66d4067faeb38a15363b3c1f3cc2b278469b06b0b0bf6cc90532df2a6d84447716f36b3ea4ad975613696d9a2ae7b24176fdd793ee5f239521005ef8212a991dd912325bf5fb797a55e67d1676de0d8987da9274b783633cedb98c051d1aad5638ebccc41212e80adacb83014ca9a632650b874ecc2ea80d9831c1f70cb5efec9845b4b5d3433b94a1ba7ff5fb8cbd84024d57a223a54ac271f6266a5e736d89a391646e27add36a58d2c9b765e017c8ac666512027056c77893dc5593a00213f7945f639d61ae0df61f8e671eeabf987140747a742d74d15e8cca731b237b70e5a701ca505fbba08ce748976857455494b3e3c202120771d7111f4240f0672978c12973b5a369ef540eca5abe63b2cc063e24895809ef59944402f82f970869ad4d73fe7a84abed071b196f296351a34c8bd09cee4dc1a787dbb6794acb399fb8e6c26fc032782e0431d3af1d8f3d8ba89de3976fccb79f787645fe40865391b29f2ca2dbabd6149b0954accc226297321873c182c9eba2a46e28269f083f6b7113f7495e882f042d03f448a4d922dca4a61f2a26d80ef9f0ad7201ac9123804b24cffaef69f7bff037942c28b99bb3f74b2cc0561e4dee3ee42309afe28d60ffa716d798a19f5c3f4692b4c51a2946fb0d21d8aa48c95c2fc55b7c0286731f2c5949d2840949e96667115be1df0b4c464a6bbb9c61bb339a7d2af3a3e01195b5496a6b8e447a9720a62a2c0079adc6ca93f60afee18579986e17c614da5179e1706a9317647db88aedd8f5069589d1b872e94849da6b0d66f9f2fab15953025e043f30c234fcf4a12805beb7c802d559c68f087742fc0cdbc66808073c7da45fae1d914afae2eddbb59682c0f3ff992db84fdd614774dc467a34c231119a788a9e57186e191fff0c1209520e5149b56848a7e5a8811d51048bfc15733df6fbefd6021525a05264e06ec4e9dfba1bab5bdd99867d52a5e5797c3db146d60fd39ec3103fd23f2827b9c1e66fb35614f36c86f6e20541af378e013e9f6ab406c18cafc3f51ce6dd6a17aeba5609c00b756c83fc6c78cecbbbe08cd270cf4f68afddaab892696fcb140664348fd4baa8bdfb1a5c6cdbe50cf32bfcfcbecc028da55b29f7946badef7b9826d636b0d373c2b955eadfc08c35dc455560f41882066f79b93c3aa8057af7f5af915a52f7ade8b542c74242c9a5d305c06b45af1ff17b96833945abe132511ba621276cba0883e38338769a3a537632deadc619c95cace7a1b6ca610d357cf75fea5d2682b4e7045b3a456530c0a6dac38b531d47f0029c2bb7681821b02182d83b19a5b0c99f99d26e72e1dc3fcbdb256d046f334ccd4a87807432546741eecd2909d4a96d42ec12859208bde2cd96e1e88577f2c1850764cf556b3546dd3b8249e2798c91ab68abd9eacd2ae0ce188ab067e72c40569a3b7eecd6708dbcf374b9fa2a6a0260fb096a0fb1b75d0af9296ee471611ba76511f2f50e7a414b39beb1c1d8f64988b37c02a1dd350a1e40f4a2d8bc24f29f1c03286ee80a759b4357b042d424cf4cbae474d89b633815751fa2343a648c623220ad5586bd61c67a30ec6bbf5de5bc0f8d8e3826305acabf336c3501bd34eaf44d174fda18f3dd630bd4b45ba39b141fd1e900a4cd1a9c75e95a9bb7798513eb448cfc79612462cfdf81421c201d4ac82b342faa152d8be8ebe143552254284eb763b86cc4ca1b8171a72df76fcc79859a65e2bca731adbb23905a1a6f22f8e0442af4ac28bceedf9f33f6d6c1a82acdaf4978d788864b683798bd20708780826ac1ff8a208ec03cdc748f2102d89c3433c1fc3f7b5506383026ffd03a3ea1240b483c4fdade16ccdf98223a8655882e5cf4f736beb2cf4c785d1b76deb7d63776721f88ba9f22cdfb4aab98c79a5e23196fa13db4c5552815c77f913dd4acf67377de4867783e7aaaaf76efe221877d8e8d893b93b08dc276eeb96e4c0340e60622fae616acf3f195691d097580ee40df2dd8dc0ff43832c4ffec37621214cd5c0c91051fc50f4b0644ad9264623b55b286cfc61f352a223b2531610e9bb4ce0270e010dc6649320a124dfd5ea638ac862dfef3bf3afcf92e38c1f7541bb41b3c64c6eff123280da680b6ddcf5626541a8990246dcf97b16af3513ec7c344558517629987aa0923a4503d6de90f2152f0dda2dbc9eb6ae6a9e1e3c26dd02224b4a8f450a6bc43d4613afaa83e7c2bb3a99e51fa32a775f8b4641015fc0b5decfdb15f2d7c9bed52965bd7a80789208111603f4a6889b7ac7d6332d8d91e349aa1054511ca70b8cae110f2ea949dcfb661822995a5727268e98e21d80b8a869970839c047cdfea4b7438c6afb8d5b6bde9a7ff2ff035ede7936e2641fc149cf1694e15e251ab378fe306d31106aeccf94234a8f53e353a2fed3b7f111ec7945b03080d8c27e5b05a0fa6e58e47caaa425c3b97116aa7267d9e40140a32489b86c3d60816e69d9e07cde3946492683a86043c0894098d99126741383062e2426be01703f248cf9e7733ac0f715c128c7089b4c277c71393f405e7a660c2125ed8b5a84966a6e46ddb8ed7d8538fe755bc8997649b8153786665bc556aca365c6fde9d4a79b72086152cab3bd1bd26d90c367688e8b4c70425ea547c472f870b8a4210ea60d829c694200d8535b07553685b9d44c166d1a9e9f0e1e12c2935c2daff9ed20374bc3e51010bc9a72d93b8e38d68b95ab64c2c63a990aea5678e0d2d2f0830bace1202e8313f07eedc5b38b6610a8bcaa8a7d44d57639810e5b3a53f70207d0f6d7dafe4df642b6233a64523e98d43a03cb4a82648c915329187b0b0645721adbd5d98bce6bb49898a21897ab39bb3180a1ed06207ba1bf677a63696929642285919d9a05615d49d929d38f5f1afdd222873f1d99d640e1e0d11e08ee169c49fde11459d0752e50407fabee506b39b09a1a3dd9c144fcf2d6e44039221508655beaa611ee71b9a24c1f18a77f96ec2b7484ed2f1087dea0295027b5e2398101092bdeba87527c1665751dafb67e5ecb44c430f707504d0f305d39908104feeeb7daaa60b23eb8a1fa954e96b79509904abe9b4f3b61120c5b38b7fb694ed9536f5a49ec3be8038b52e87101e8e6f52984386bf804c6417e00d11f5dabba71b563a6171b55e4a4d2caeb56906c299b62282e0e59873003c36ecba3fb5a68591c07f27001d5e0f79ce0748449a58648612e2aa452c2b0dfd469e2712f2c8c97e05c442aeb369dbcb22a443a078cb3a8b805d9348c6dbd627f26427f93cfefe3c0508d8cd018082f355e8b7533dca787b2f46058ee4dd1c5d174da28082bc0eca82a73fabab7fa8b46195a9ca08cf2ae48fe358bcc960204bfc07035c6b8efc600a87e7c6059e18ef471421730512e510d72426b2f08f1b888478b5298fa4b14c9399b91f9d474e5760db5b90239f74eb703ff6110bc77855555506c4c809c4ca502532ffe09ff1e3deeb8c97b62d1dd549fef9c988173bc7683d3a12532f79cf2bc10a1bdf8ed199c8566079517800688228e44a62973f767762709068a5949d2bdfc031e6a43ca86acaa59dcd1d60df480cab8aa9ad0db4e05c157574a2881f5424e592776b32fbd9a1d6dd74fd549326ac988f061702ebb1d549831099494af9fe0d78282a07385a99aa4ae2ca419f79b9b0fe16ca96b485dd9967b794eb26388ddec2759f27a5e738d61c341d6f27d4a077a2b2659b9e2b08cc405d9e11523da9bcf813de34bdde9a40f94e1a6c1f887e79c1636aac36fc58f5b0546fd784eee869c3ba4375208f7f379a2f4340baed36775533ec167bc6a5deedb17325caa91aa014f926629c1746e07dbd36cb7c139ff723075e8af479e167ebbb4e3d2d6807eaa23fb0d8a11eb917367a391c2d1b6ed07a90e45fc59f9bf0698aa166ebe62cceef6d4d215e20cb4cdc09b93f99481494b4e8f8c4025bf5495c32bbb397d5edab6f492ae6c3e3686c3304e3f52163dbe366dfdb831309ea97b0991b18aace871e4eee50642e9a673f5045aa506bccd9e3a5eb28673d2514d860f0675c021fa0bacd5d254364bcce2233c01b1afd09e2d20bed829c6d440f4bc9e5fd9c74eb164f2b0c8d31bd426fa8450c972a92afd0f283d4e905272105937cf74c577127614c7a42e55e021fb3ab337accea07cbf3774ea1d6a08d6d32ffb9573e0dc2612de122d4dba17811706fe6bcdb57b5ae02d6697519725fa31ba34b0cb997d603fa65fdc2204dd1099a546dfea05f14528ebadb325a395d1ad4e3a7da2c85afc6d48d6dc1df3cbfa0fb2c1308fe8cd62adc3dd9b7e5a376b4269014e5cd8390be7b137453dadca3ede88c00894f90fd95cfb7348684f24f001d7bc0637db220e26df6c3f5b0754c6a6a64e8299a849ad3b2d280e52dc7dc900bf7a8f6da477b4b8d0bca4a28d1d107cab2a67e5147a40fcb2a637b6ada24c1d14396d6483a6f22ef754977207e760f1b", 0x1000, 0x3f}, {&(0x7f0000001500)="55420e79e3938cf2b9de55e22490bc491aaedb2160c0cc4f764639ecd02bd85f6245d89ae4e0b91b63c866f22294aab5ecedc97c88c6444f33d7c665e263d9d094876f79cd80ddb0cd84ce2e945e6bfae948a9d650f9e414f16678d820547cbcc9686e574929fe4ba8dcd6254dfdbb52741ea77bc9dc516f12eb1be773e63d29c05ad85a02647ee8dd862ec936f1cbf136001982babc95a34d4bb14a972fb69e1bd3ddce5584", 0xa6, 0x1}, {&(0x7f00000015c0)="048071f6e55f2511081853f6f980aacd8fb3e787a8547515e85bd3ee898f866bc7a1a13fce068ce7a8dde7016135749090df41f4c30f2a2dc65126e46131e81c92ba3a748e612ebd8c2e054779cc699e4b06555425fa348761a6cb86dbdfe55f4a40d294a5a73c144ad2dc38632fc1affe7462344215194675992c40dda23b0b70e5a6bd88893d56b202eddb7ee263fc0567b5a36f8a36c097110e3530733b50f8b304dc21b82dbc3c2922bc64af61de6550eeced24ed1f8568d600c3ebde90081a0f7feaec67176fcd432c574c7ddf0417509f44abf34e8fbdb0ac650f8dd49a1c760fe9cfc506b72d465a5b9dee37738c8356650727826d5", 0xf9, 0x2}], 0x10488, &(0x7f00000016c0)={[{@numtail='nonumtail=0'}, {@fat=@flush='flush'}, {@fat=@check_normal='check=normal'}, {@shortname_win95='shortname=win95'}, {@utf8no='utf8=0'}, {@numtail='nonumtail=0'}, {@utf8no='utf8=0'}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@measure='measure'}]}) [ 275.569529][ T9327] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 275.575603][ T9327] ? trace_hardirqs_off_caller+0x300/0x300 [ 275.581415][ T9327] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 275.586886][ T9327] __x64_sys_rename+0x61/0x80 [ 275.591572][ T9327] do_syscall_64+0x1a3/0x800 [ 275.596172][ T9327] ? syscall_return_slowpath+0x5f0/0x5f0 [ 275.601839][ T9327] ? prepare_exit_to_usermode+0x232/0x3b0 [ 275.605887][ T9342] FAULT_INJECTION: forcing a failure. [ 275.605887][ T9342] name failslab, interval 1, probability 0, space 0, times 0 [ 275.607567][ T9327] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 275.607594][ T9327] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 275.607607][ T9327] RIP: 0033:0x457ec9 [ 275.607629][ T9327] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 275.655091][ T9327] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 275.663499][ T9327] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 275.671466][ T9327] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 275.679436][ T9327] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 275.687409][ T9327] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 275.695387][ T9327] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 [ 275.703381][ T9342] CPU: 0 PID: 9342 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190116 #13 [ 275.712324][ T9342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 275.722589][ T9342] Call Trace: [ 275.725881][ T9342] dump_stack+0x1db/0x2d0 [ 275.730223][ T9342] ? dump_stack_print_info.cold+0x20/0x20 [ 275.735948][ T9342] ? add_lock_to_list.isra.0+0x450/0x450 [ 275.741587][ T9342] ? kasan_check_read+0x11/0x20 [ 275.746445][ T9342] should_fail.cold+0xa/0x14 [ 275.751035][ T9342] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 275.756850][ T9342] ? ___might_sleep+0x1e7/0x310 [ 275.761731][ T9342] ? arch_local_save_flags+0x50/0x50 [ 275.767034][ T9342] ? lock_acquire+0x1db/0x570 [ 275.771715][ T9342] ? _raw_spin_unlock_irq+0x28/0x90 [ 275.776935][ T9342] __should_failslab+0x121/0x190 [ 275.781808][ T9346] FAULT_INJECTION: forcing a failure. [ 275.781808][ T9346] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 275.795065][ T9342] should_failslab+0x9/0x14 [ 275.795084][ T9342] kmem_cache_alloc_node+0x265/0x710 [ 275.795098][ T9342] ? print_usage_bug+0xd0/0xd0 [ 275.795214][ T9342] copy_process+0x4088/0x8740 [ 275.795234][ T9342] ? print_usage_bug+0xd0/0xd0 [ 275.795249][ T9342] ? __lock_acquire+0x572/0x4a10 [ 275.795298][ T9342] ? process_measurement+0x268/0x1be0 [ 275.829577][ T9342] ? print_usage_bug+0xd0/0xd0 [ 275.834341][ T9342] ? __lock_acquire+0x572/0x4a10 [ 275.839289][ T9342] ? __lock_acquire+0x572/0x4a10 [ 275.844242][ T9342] ? __cleanup_sighand+0x70/0x70 [ 275.849452][ T9342] ? mark_held_locks+0x100/0x100 [ 275.854395][ T9342] ? __lock_acquire+0x572/0x4a10 [ 275.859355][ T9342] ? mark_held_locks+0x100/0x100 [ 275.864310][ T9342] ? __might_fault+0x12b/0x1e0 [ 275.869085][ T9342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.875371][ T9342] ? _parse_integer+0x139/0x190 [ 275.880231][ T9342] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 275.886472][ T9342] ? _kstrtoull+0x17d/0x250 [ 275.891008][ T9342] ? add_lock_to_list.isra.0+0x450/0x450 [ 275.896639][ T9342] ? lock_downgrade+0xbe0/0xbe0 [ 275.901490][ T9342] ? add_lock_to_list.isra.0+0x450/0x450 [ 275.907134][ T9342] ? __check_object_size+0xa3/0x790 [ 275.912372][ T9342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.918612][ T9342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.924854][ T9342] ? check_preemption_disabled+0x48/0x290 [ 275.930575][ T9342] ? get_pid_task+0xd4/0x190 [ 275.935198][ T9342] ? find_held_lock+0x35/0x120 [ 275.940014][ T9342] ? get_pid_task+0xd4/0x190 [ 275.944606][ T9342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.950847][ T9342] ? add_lock_to_list.isra.0+0x450/0x450 [ 275.956473][ T9342] ? kasan_check_read+0x11/0x20 [ 275.961326][ T9342] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 275.967342][ T9342] ? rcu_read_unlock_special+0x380/0x380 [ 275.972991][ T9342] ? __f_unlock_pos+0x19/0x20 [ 275.977682][ T9342] ? find_held_lock+0x35/0x120 [ 275.982441][ T9342] ? __f_unlock_pos+0x19/0x20 [ 275.987137][ T9342] ? proc_fail_nth_write+0xa0/0x220 [ 275.992341][ T9342] ? lock_downgrade+0xbe0/0xbe0 [ 275.997206][ T9342] ? vfs_write+0x2f0/0x580 [ 276.001642][ T9342] ? kasan_check_write+0x14/0x20 [ 276.006598][ T9342] ? __mutex_unlock_slowpath+0x195/0x870 [ 276.012233][ T9342] _do_fork+0x1a9/0x1170 [ 276.016483][ T9342] ? fork_idle+0x1d0/0x1d0 [ 276.020921][ T9342] ? __sb_end_write+0xd9/0x110 [ 276.025693][ T9342] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 276.031962][ T9342] ? fput+0x128/0x1a0 [ 276.035956][ T9342] ? do_syscall_64+0x8c/0x800 [ 276.040633][ T9342] ? do_syscall_64+0x8c/0x800 [ 276.045316][ T9342] ? lockdep_hardirqs_on+0x415/0x5d0 [ 276.050606][ T9342] ? trace_hardirqs_on+0xbd/0x310 [ 276.055643][ T9342] ? __ia32_sys_read+0xb0/0xb0 [ 276.060413][ T9342] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 276.066479][ T9342] ? trace_hardirqs_off_caller+0x300/0x300 [ 276.072296][ T9342] __x64_sys_clone+0xbf/0x150 [ 276.076978][ T9342] do_syscall_64+0x1a3/0x800 [ 276.081583][ T9342] ? syscall_return_slowpath+0x5f0/0x5f0 [ 276.087227][ T9342] ? prepare_exit_to_usermode+0x232/0x3b0 [ 276.092980][ T9342] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 276.098573][ T9342] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 276.104460][ T9342] RIP: 0033:0x457ec9 [ 276.108359][ T9342] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 276.127965][ T9342] RSP: 002b:00007fba4906ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 276.136378][ T9342] RAX: ffffffffffffffda RBX: 00007fba4906ac90 RCX: 0000000000457ec9 [ 276.144356][ T9342] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000001006210f [ 276.152325][ T9342] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 276.160303][ T9342] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fba4906b6d4 13:23:18 executing program 2 (fault-call:6 fault-nth:0): r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 276.168271][ T9342] R13: 00000000004be2a0 R14: 00000000004ce760 R15: 0000000000000004 [ 276.176288][ T9346] CPU: 1 PID: 9346 Comm: syz-executor2 Not tainted 5.0.0-rc2-next-20190116 #13 [ 276.185234][ T9346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 276.185240][ T9346] Call Trace: [ 276.185270][ T9346] dump_stack+0x1db/0x2d0 [ 276.185302][ T9346] ? dump_stack_print_info.cold+0x20/0x20 [ 276.208683][ T9346] ? prep_new_page+0x230/0x4b0 [ 276.213463][ T9346] ? __free_page_list+0x1260/0x1260 [ 276.218669][ T9346] should_fail.cold+0xa/0x14 [ 276.223265][ T9346] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 276.223300][ T9346] ? arch_local_save_flags+0x50/0x50 [ 276.234380][ T9346] ? lock_release+0xc40/0xc40 [ 276.239079][ T9346] should_fail_alloc_page+0x50/0x60 [ 276.244304][ T9346] __alloc_pages_nodemask+0x323/0xdc0 [ 276.249711][ T9346] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 276.255971][ T9346] ? __alloc_pages_slowpath+0x2c60/0x2c60 [ 276.261720][ T9346] ? print_usage_bug+0xd0/0xd0 [ 276.266516][ T9346] ? print_usage_bug+0xd0/0xd0 13:23:18 executing program 1 (fault-call:5 fault-nth:13): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:18 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a0") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:18 executing program 3 (fault-call:2 fault-nth:1): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) [ 276.271336][ T9346] ? print_usage_bug+0xd0/0xd0 [ 276.276118][ T9346] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 276.282449][ T9346] alloc_pages_current+0x107/0x210 [ 276.287615][ T9346] pte_alloc_one+0x1b/0x1a0 [ 276.292171][ T9346] do_huge_pmd_anonymous_page+0xc0e/0x1830 [ 276.297991][ T9346] ? __thp_get_unmapped_area+0x190/0x190 [ 276.303631][ T9346] ? mark_held_locks+0x100/0x100 [ 276.308574][ T9346] ? pud_val+0x85/0x100 [ 276.312733][ T9346] ? pmd_val+0x100/0x100 [ 276.316993][ T9346] ? mark_held_locks+0x100/0x100 [ 276.321932][ T9346] ? print_usage_bug+0xd0/0xd0 [ 276.321968][ T9346] __handle_mm_fault+0x38cc/0x5610 [ 276.322006][ T9346] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 276.329819][ T9350] overlayfs: filesystem on './file0' not supported as upperdir [ 276.331864][ T9346] ? check_preemption_disabled+0x48/0x290 [ 276.344910][ T9346] ? handle_mm_fault+0x3cc/0xc80 [ 276.344957][ T9346] ? lock_downgrade+0xbe0/0xbe0 [ 276.344971][ T9346] ? kasan_check_read+0x11/0x20 [ 276.344989][ T9346] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 276.345006][ T9346] ? rcu_read_unlock_special+0x380/0x380 [ 276.345022][ T9346] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 276.345060][ T9346] ? check_preemption_disabled+0x48/0x290 [ 276.345081][ T9346] handle_mm_fault+0x4ec/0xc80 [ 276.373751][ T9355] FAULT_INJECTION: forcing a failure. [ 276.373751][ T9355] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 276.376982][ T9346] ? __handle_mm_fault+0x5610/0x5610 [ 276.412090][ T9346] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 276.417824][ T9346] __get_user_pages+0x8f7/0x1e10 [ 276.422787][ T9346] ? follow_page_mask+0x1f40/0x1f40 [ 276.427995][ T9346] ? lock_release+0xc40/0xc40 [ 276.432682][ T9346] ? down_read+0x8d/0x120 [ 276.437008][ T9346] ? get_user_pages_unlocked+0xfe/0x5d0 [ 276.442553][ T9346] ? __down_interruptible+0x740/0x740 [ 276.447930][ T9346] get_user_pages_unlocked+0x2fd/0x5d0 [ 276.453395][ T9346] ? get_user_pages_longterm+0x630/0x630 [ 276.459060][ T9346] ? print_usage_bug+0xd0/0xd0 [ 276.463840][ T9346] get_user_pages_fast+0x317/0x460 [ 276.468959][ T9346] ? __get_user_pages_fast+0x3f0/0x3f0 [ 276.474413][ T9346] ? __lock_acquire+0x572/0x4a10 [ 276.479361][ T9346] iov_iter_get_pages+0x2df/0x12f0 [ 276.484469][ T9346] ? ___might_sleep+0x1e7/0x310 [ 276.489333][ T9346] ? csum_and_copy_to_iter+0x1b60/0x1b60 [ 276.494985][ T9346] ? pipe_lock+0x6e/0x80 [ 276.499233][ T9346] ? __mutex_lock+0x622/0x1670 [ 276.504006][ T9346] ? pipe_lock+0x6e/0x80 [ 276.508309][ T9346] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 276.514554][ T9346] iter_to_pipe+0x295/0x890 [ 276.519094][ T9346] ? write_pipe_buf+0x240/0x240 [ 276.523955][ T9346] ? lock_downgrade+0xbe0/0xbe0 [ 276.528839][ T9346] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 276.535076][ T9346] ? _copy_from_user+0xdd/0x150 [ 276.539925][ T9346] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 276.545638][ T9346] ? wait_for_space+0x1fa/0x280 [ 276.550496][ T9346] do_vmsplice.part.0+0x352/0x3d0 [ 276.555516][ T9346] ? do_tee+0x7c0/0x7c0 [ 276.559683][ T9346] ? import_iovec+0x16c/0x2a0 [ 276.564364][ T9346] ? dup_iter+0x260/0x260 [ 276.568694][ T9346] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 276.574941][ T9346] __do_sys_vmsplice+0x23e/0x2d0 [ 276.579896][ T9346] ? vmsplice_type.isra.0+0x150/0x150 [ 276.585270][ T9346] ? __sb_end_write+0xd9/0x110 [ 276.590053][ T9346] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 276.596299][ T9346] ? fput+0x128/0x1a0 [ 276.600289][ T9346] ? do_syscall_64+0x8c/0x800 [ 276.604964][ T9346] ? do_syscall_64+0x8c/0x800 [ 276.609666][ T9346] ? lockdep_hardirqs_on+0x415/0x5d0 [ 276.614960][ T9346] ? trace_hardirqs_on+0xbd/0x310 [ 276.619984][ T9346] ? __ia32_sys_read+0xb0/0xb0 [ 276.624751][ T9346] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 276.630813][ T9346] ? trace_hardirqs_off_caller+0x300/0x300 [ 276.636614][ T9346] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 276.642851][ T9346] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 276.648318][ T9346] __x64_sys_vmsplice+0x97/0xf0 [ 276.653197][ T9346] do_syscall_64+0x1a3/0x800 [ 276.657798][ T9346] ? syscall_return_slowpath+0x5f0/0x5f0 [ 276.663439][ T9346] ? prepare_exit_to_usermode+0x232/0x3b0 [ 276.669183][ T9346] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 276.674741][ T9346] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 276.680650][ T9346] RIP: 0033:0x457ec9 [ 276.684540][ T9346] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 276.704152][ T9346] RSP: 002b:00007fbb114cac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 276.712573][ T9346] RAX: ffffffffffffffda RBX: 00007fbb114cac90 RCX: 0000000000457ec9 [ 276.720556][ T9346] RDX: 0000000000000001 RSI: 0000000020b1d000 RDI: 0000000000000005 [ 276.728537][ T9346] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 276.736504][ T9346] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbb114cb6d4 [ 276.744471][ T9346] R13: 00000000004c6bb8 R14: 00000000004dc128 R15: 0000000000000006 [ 276.752460][ T9355] CPU: 0 PID: 9355 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190116 #13 [ 276.761393][ T9355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 276.771442][ T9355] Call Trace: [ 276.774736][ T9355] dump_stack+0x1db/0x2d0 [ 276.779114][ T9355] ? dump_stack_print_info.cold+0x20/0x20 [ 276.784837][ T9355] ? lock_downgrade+0xbe0/0xbe0 [ 276.789690][ T9355] ? kasan_check_read+0x11/0x20 [ 276.794579][ T9355] should_fail.cold+0xa/0x14 [ 276.799178][ T9355] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 276.804999][ T9355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 276.811268][ T9355] ? rcu_read_unlock+0x16/0x60 [ 276.816044][ T9355] ? find_held_lock+0x35/0x120 [ 276.820814][ T9355] ? rcu_read_unlock+0x16/0x60 [ 276.825583][ T9355] should_fail_alloc_page+0x50/0x60 [ 276.830845][ T9355] __alloc_pages_nodemask+0x323/0xdc0 [ 276.836229][ T9355] ? lock_downgrade+0xbe0/0xbe0 [ 276.841125][ T9355] ? kasan_check_read+0x11/0x20 [ 276.842377][ T9359] FAULT_INJECTION: forcing a failure. [ 276.842377][ T9359] name failslab, interval 1, probability 0, space 0, times 0 [ 276.845974][ T9355] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 276.845987][ T9355] ? __alloc_pages_slowpath+0x2c60/0x2c60 [ 276.846005][ T9355] ? ___might_sleep+0x1e7/0x310 [ 276.846016][ T9355] ? trace_hardirqs_off+0xb8/0x310 [ 276.846026][ T9355] cache_grow_begin+0x9c/0x8c0 [ 276.846035][ T9355] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 276.846051][ T9355] ? check_preemption_disabled+0x48/0x290 [ 276.846073][ T9355] kmem_cache_alloc_node+0x64d/0x710 [ 276.846086][ T9355] ? print_usage_bug+0xd0/0xd0 [ 276.846114][ T9355] copy_process+0x4088/0x8740 [ 276.846129][ T9355] ? print_usage_bug+0xd0/0xd0 [ 276.846150][ T9355] ? __lock_acquire+0x572/0x4a10 [ 276.921395][ T9355] ? process_measurement+0x268/0x1be0 [ 276.926767][ T9355] ? print_usage_bug+0xd0/0xd0 [ 276.931569][ T9355] ? __lock_acquire+0x572/0x4a10 [ 276.936519][ T9355] ? __lock_acquire+0x572/0x4a10 [ 276.941513][ T9355] ? __cleanup_sighand+0x70/0x70 [ 276.946453][ T9355] ? mark_held_locks+0x100/0x100 [ 276.951398][ T9355] ? __lock_acquire+0x572/0x4a10 [ 276.956347][ T9355] ? mark_held_locks+0x100/0x100 [ 276.961314][ T9355] ? __might_fault+0x12b/0x1e0 [ 276.966108][ T9355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 276.972346][ T9355] ? _parse_integer+0x139/0x190 [ 276.977201][ T9355] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 276.983443][ T9355] ? _kstrtoull+0x17d/0x250 [ 276.987977][ T9355] ? add_lock_to_list.isra.0+0x450/0x450 [ 276.993607][ T9355] ? lock_downgrade+0xbe0/0xbe0 [ 276.998481][ T9355] ? add_lock_to_list.isra.0+0x450/0x450 [ 277.004112][ T9355] ? __check_object_size+0xa3/0x790 [ 277.009317][ T9355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 277.015575][ T9355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 277.021823][ T9355] ? check_preemption_disabled+0x48/0x290 [ 277.027551][ T9355] ? get_pid_task+0xd4/0x190 [ 277.032145][ T9355] ? find_held_lock+0x35/0x120 [ 277.036996][ T9355] ? get_pid_task+0xd4/0x190 [ 277.041590][ T9355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 277.047852][ T9355] ? add_lock_to_list.isra.0+0x450/0x450 [ 277.053489][ T9355] ? kasan_check_read+0x11/0x20 [ 277.058348][ T9355] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 277.064349][ T9355] ? rcu_read_unlock_special+0x380/0x380 [ 277.070000][ T9355] ? __f_unlock_pos+0x19/0x20 [ 277.074675][ T9355] ? find_held_lock+0x35/0x120 [ 277.079439][ T9355] ? __f_unlock_pos+0x19/0x20 [ 277.084115][ T9355] ? proc_fail_nth_write+0xa0/0x220 [ 277.089336][ T9355] ? lock_downgrade+0xbe0/0xbe0 [ 277.094187][ T9355] ? vfs_write+0x2f0/0x580 [ 277.098625][ T9355] ? kasan_check_write+0x14/0x20 [ 277.103610][ T9355] ? __mutex_unlock_slowpath+0x195/0x870 [ 277.109268][ T9355] _do_fork+0x1a9/0x1170 [ 277.113531][ T9355] ? fork_idle+0x1d0/0x1d0 [ 277.117958][ T9355] ? __sb_end_write+0xd9/0x110 [ 277.122722][ T9355] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 277.128994][ T9355] ? fput+0x128/0x1a0 [ 277.132978][ T9355] ? do_syscall_64+0x8c/0x800 [ 277.137670][ T9355] ? do_syscall_64+0x8c/0x800 [ 277.142341][ T9355] ? lockdep_hardirqs_on+0x415/0x5d0 [ 277.147628][ T9355] ? trace_hardirqs_on+0xbd/0x310 [ 277.152647][ T9355] ? __ia32_sys_read+0xb0/0xb0 [ 277.157475][ T9355] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.163551][ T9355] ? trace_hardirqs_off_caller+0x300/0x300 [ 277.169465][ T9355] __x64_sys_clone+0xbf/0x150 [ 277.174163][ T9355] do_syscall_64+0x1a3/0x800 [ 277.178755][ T9355] ? syscall_return_slowpath+0x5f0/0x5f0 [ 277.184397][ T9355] ? prepare_exit_to_usermode+0x232/0x3b0 [ 277.190122][ T9355] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 277.195675][ T9355] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.201568][ T9355] RIP: 0033:0x457ec9 [ 277.205460][ T9355] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 277.225070][ T9355] RSP: 002b:00007fba4906ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 277.233479][ T9355] RAX: ffffffffffffffda RBX: 00007fba4906ac90 RCX: 0000000000457ec9 [ 277.241459][ T9355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000001006210f [ 277.249430][ T9355] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 277.257396][ T9355] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fba4906b6d4 [ 277.265380][ T9355] R13: 00000000004be2a0 R14: 00000000004ce760 R15: 0000000000000004 13:23:19 executing program 4: r0 = semget(0x1, 0x0, 0x0) semctl$GETVAL(r0, 0x0, 0xc, &(0x7f0000000140)=""/195) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:19 executing program 2 (fault-call:6 fault-nth:1): r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) [ 277.273370][ T9359] CPU: 1 PID: 9359 Comm: syz-executor2 Not tainted 5.0.0-rc2-next-20190116 #13 [ 277.282318][ T9359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.292388][ T9359] Call Trace: [ 277.295684][ T9359] dump_stack+0x1db/0x2d0 [ 277.300032][ T9359] ? dump_stack_print_info.cold+0x20/0x20 [ 277.305767][ T9359] should_fail.cold+0xa/0x14 [ 277.310361][ T9359] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 277.316174][ T9359] ? ___might_sleep+0x1e7/0x310 [ 277.321026][ T9359] ? arch_local_save_flags+0x50/0x50 [ 277.326331][ T9359] __should_failslab+0x121/0x190 [ 277.331269][ T9359] should_failslab+0x9/0x14 [ 277.335794][ T9359] kmem_cache_alloc+0x2be/0x710 [ 277.340655][ T9359] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 277.346902][ T9359] ptlock_alloc+0x20/0x70 [ 277.351245][ T9359] pte_alloc_one+0x6d/0x1a0 [ 277.355756][ T9359] do_huge_pmd_anonymous_page+0xc0e/0x1830 [ 277.361601][ T9359] ? __thp_get_unmapped_area+0x190/0x190 [ 277.367275][ T9359] ? mark_held_locks+0x100/0x100 [ 277.372222][ T9359] ? pud_val+0x85/0x100 [ 277.376374][ T9359] ? pmd_val+0x100/0x100 [ 277.380644][ T9359] ? mark_held_locks+0x100/0x100 [ 277.385574][ T9359] ? print_usage_bug+0xd0/0xd0 [ 277.390339][ T9359] __handle_mm_fault+0x38cc/0x5610 [ 277.395460][ T9359] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 277.401002][ T9359] ? check_preemption_disabled+0x48/0x290 [ 277.406717][ T9359] ? handle_mm_fault+0x3cc/0xc80 [ 277.411659][ T9359] ? lock_downgrade+0xbe0/0xbe0 [ 277.416496][ T9359] ? kasan_check_read+0x11/0x20 [ 277.421343][ T9359] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 277.427314][ T9359] ? rcu_read_unlock_special+0x380/0x380 [ 277.432940][ T9359] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 277.439172][ T9359] ? check_preemption_disabled+0x48/0x290 [ 277.444904][ T9359] handle_mm_fault+0x4ec/0xc80 [ 277.449681][ T9359] ? __handle_mm_fault+0x5610/0x5610 [ 277.454979][ T9359] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 277.460768][ T9359] __get_user_pages+0x8f7/0x1e10 [ 277.465723][ T9359] ? follow_page_mask+0x1f40/0x1f40 [ 277.470908][ T9359] ? lock_release+0xc40/0xc40 [ 277.475586][ T9359] ? down_read+0x8d/0x120 [ 277.479905][ T9359] ? get_user_pages_unlocked+0xfe/0x5d0 [ 277.485440][ T9359] ? __down_interruptible+0x740/0x740 [ 277.490811][ T9359] get_user_pages_unlocked+0x2fd/0x5d0 [ 277.496271][ T9359] ? get_user_pages_longterm+0x630/0x630 [ 277.501911][ T9359] ? print_usage_bug+0xd0/0xd0 [ 277.506673][ T9359] get_user_pages_fast+0x317/0x460 [ 277.511780][ T9359] ? __get_user_pages_fast+0x3f0/0x3f0 [ 277.517230][ T9359] ? __lock_acquire+0x572/0x4a10 [ 277.522221][ T9359] iov_iter_get_pages+0x2df/0x12f0 [ 277.527340][ T9359] ? ___might_sleep+0x1e7/0x310 [ 277.532194][ T9359] ? csum_and_copy_to_iter+0x1b60/0x1b60 [ 277.537818][ T9359] ? pipe_lock+0x6e/0x80 [ 277.542064][ T9359] ? __mutex_lock+0x622/0x1670 [ 277.546825][ T9359] ? pipe_lock+0x6e/0x80 [ 277.551076][ T9359] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 277.557323][ T9359] iter_to_pipe+0x295/0x890 [ 277.561831][ T9359] ? write_pipe_buf+0x240/0x240 [ 277.566709][ T9359] ? lock_downgrade+0xbe0/0xbe0 [ 277.571573][ T9359] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 277.577839][ T9359] ? _copy_from_user+0xdd/0x150 [ 277.582716][ T9359] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 277.588444][ T9359] ? wait_for_space+0x1fa/0x280 [ 277.593307][ T9359] do_vmsplice.part.0+0x352/0x3d0 [ 277.598330][ T9359] ? do_tee+0x7c0/0x7c0 [ 277.602483][ T9359] ? import_iovec+0x16c/0x2a0 [ 277.607170][ T9359] ? dup_iter+0x260/0x260 [ 277.611492][ T9359] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 277.617742][ T9359] __do_sys_vmsplice+0x23e/0x2d0 [ 277.622693][ T9359] ? vmsplice_type.isra.0+0x150/0x150 [ 277.628074][ T9359] ? __sb_end_write+0xd9/0x110 [ 277.632841][ T9359] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 277.639097][ T9359] ? fput+0x128/0x1a0 [ 277.643081][ T9359] ? do_syscall_64+0x8c/0x800 [ 277.647800][ T9359] ? do_syscall_64+0x8c/0x800 [ 277.652504][ T9359] ? lockdep_hardirqs_on+0x415/0x5d0 [ 277.657802][ T9359] ? trace_hardirqs_on+0xbd/0x310 [ 277.662825][ T9359] ? __ia32_sys_read+0xb0/0xb0 [ 277.667585][ T9359] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.673643][ T9359] ? trace_hardirqs_off_caller+0x300/0x300 [ 277.679489][ T9359] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 277.685723][ T9359] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 277.691178][ T9359] __x64_sys_vmsplice+0x97/0xf0 [ 277.696045][ T9359] do_syscall_64+0x1a3/0x800 [ 277.700633][ T9359] ? syscall_return_slowpath+0x5f0/0x5f0 [ 277.706286][ T9359] ? prepare_exit_to_usermode+0x232/0x3b0 [ 277.712036][ T9359] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 277.717690][ T9359] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.723609][ T9359] RIP: 0033:0x457ec9 [ 277.727499][ T9359] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 277.747087][ T9359] RSP: 002b:00007fbb114cac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 277.755501][ T9359] RAX: ffffffffffffffda RBX: 00007fbb114cac90 RCX: 0000000000457ec9 [ 277.763468][ T9359] RDX: 0000000000000001 RSI: 0000000020b1d000 RDI: 0000000000000005 [ 277.771426][ T9359] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 277.779426][ T9359] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbb114cb6d4 [ 277.787407][ T9359] R13: 00000000004c6bb8 R14: 00000000004dc128 R15: 0000000000000006 13:23:20 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a0") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:20 executing program 3 (fault-call:2 fault-nth:2): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) 13:23:20 executing program 2 (fault-call:6 fault-nth:2): r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:20 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 278.033447][ T9383] overlayfs: filesystem on './file0' not supported as upperdir [ 278.035669][ T9378] FAULT_INJECTION: forcing a failure. [ 278.035669][ T9378] name failslab, interval 1, probability 0, space 0, times 0 [ 278.055655][ T9380] FAULT_INJECTION: forcing a failure. [ 278.055655][ T9380] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 278.061008][ T9378] CPU: 1 PID: 9378 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 278.077825][ T9378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.077832][ T9378] Call Trace: [ 278.077855][ T9378] dump_stack+0x1db/0x2d0 [ 278.077875][ T9378] ? dump_stack_print_info.cold+0x20/0x20 [ 278.077905][ T9378] should_fail.cold+0xa/0x14 [ 278.077925][ T9378] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 278.077948][ T9378] ? ___might_sleep+0x1e7/0x310 [ 278.077964][ T9378] ? arch_local_save_flags+0x50/0x50 [ 278.077989][ T9378] __should_failslab+0x121/0x190 [ 278.100814][ T9377] FAT-fs (loop5): Unrecognized mount option "defcontext=root" or missing value [ 278.101400][ T9378] should_failslab+0x9/0x14 [ 278.140200][ T9378] kmem_cache_alloc+0x2be/0x710 [ 278.145075][ T9378] ? print_usage_bug+0xd0/0xd0 [ 278.149852][ T9378] __d_alloc+0xae/0xbe0 [ 278.154014][ T9378] ? __lock_acquire+0x572/0x4a10 [ 278.158965][ T9378] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 278.164691][ T9378] ? __lock_acquire+0x572/0x4a10 [ 278.169642][ T9378] ? print_usage_bug+0xd0/0xd0 [ 278.174419][ T9378] ? print_usage_bug+0xd0/0xd0 [ 278.179189][ T9378] d_alloc+0x99/0x420 [ 278.183178][ T9378] ? __d_alloc+0xbe0/0xbe0 [ 278.187595][ T9378] ? __lock_acquire+0x572/0x4a10 [ 278.192541][ T9378] d_alloc_parallel+0x11b/0x1f10 [ 278.197484][ T9378] ? mark_held_locks+0x100/0x100 [ 278.202428][ T9378] ? __d_lookup+0x560/0x960 [ 278.206934][ T9378] ? find_held_lock+0x35/0x120 [ 278.211707][ T9378] ? __d_lookup_rcu+0x990/0x990 [ 278.216563][ T9378] ? lock_downgrade+0xbe0/0xbe0 [ 278.221418][ T9378] ? add_lock_to_list.isra.0+0x450/0x450 [ 278.227088][ T9378] ? lockdep_init_map+0x10c/0x5b0 [ 278.232118][ T9378] ? lockdep_init_map+0x10c/0x5b0 [ 278.237147][ T9378] ? __init_waitqueue_head+0x92/0x150 [ 278.242523][ T9378] ? init_wait_entry+0x1c0/0x1c0 [ 278.247465][ T9378] ? __d_lookup+0x587/0x960 [ 278.251984][ T9378] __lookup_slow+0x1fa/0x560 [ 278.256582][ T9378] ? vfs_unlink+0x500/0x500 [ 278.261087][ T9378] ? lock_release+0xc40/0xc40 [ 278.265793][ T9378] ? __down_interruptible+0x740/0x740 [ 278.271166][ T9378] ? inode_permission+0xb4/0x570 [ 278.276135][ T9378] lookup_slow+0x58/0x80 [ 278.280391][ T9378] lookup_one_len_unlocked+0xf6/0x100 [ 278.285769][ T9378] ? lookup_slow+0x80/0x80 [ 278.290201][ T9378] ovl_lookup_single+0x63/0x880 [ 278.294766][ T9392] FAULT_INJECTION: forcing a failure. [ 278.294766][ T9392] name failslab, interval 1, probability 0, space 0, times 0 [ 278.295075][ T9378] ovl_lookup_layer+0x40d/0x4c0 [ 278.312511][ T9378] ? override_creds+0x1cd/0x240 [ 278.317383][ T9378] ? ovl_dentry_upper+0x65/0x120 [ 278.322363][ T9378] ? ovl_lookup_single+0x880/0x880 [ 278.327470][ T9378] ? ovl_path_real+0x410/0x410 13:23:20 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 278.332247][ T9378] ovl_lookup+0x606/0x29b0 [ 278.336694][ T9378] ? ovl_path_next+0x2e0/0x2e0 [ 278.341460][ T9378] ? kasan_check_read+0x11/0x20 [ 278.346371][ T9378] ? _raw_spin_unlock+0x2d/0x50 [ 278.351227][ T9378] ? d_alloc+0x2a3/0x420 [ 278.355475][ T9378] ? __d_alloc+0xbe0/0xbe0 [ 278.359890][ T9378] ? lock_rename+0x1ef/0x290 [ 278.364500][ T9378] __lookup_hash+0x122/0x190 [ 278.369122][ T9378] do_renameat2+0x749/0x1120 [ 278.373729][ T9378] ? user_path_create+0x50/0x50 [ 278.378602][ T9378] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 278.384849][ T9378] ? fput+0x128/0x1a0 [ 278.388843][ T9378] ? do_syscall_64+0x8c/0x800 [ 278.393540][ T9378] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.399611][ T9378] ? trace_hardirqs_off_caller+0x300/0x300 [ 278.405421][ T9378] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 278.410887][ T9378] __x64_sys_rename+0x61/0x80 [ 278.415570][ T9378] do_syscall_64+0x1a3/0x800 [ 278.420196][ T9378] ? syscall_return_slowpath+0x5f0/0x5f0 [ 278.425854][ T9378] ? prepare_exit_to_usermode+0x232/0x3b0 [ 278.431589][ T9378] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 278.437145][ T9378] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.443075][ T9378] RIP: 0033:0x457ec9 [ 278.446967][ T9378] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 278.466572][ T9378] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 278.474982][ T9378] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 278.482976][ T9378] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 278.490961][ T9378] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 278.498964][ T9378] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 278.506931][ T9378] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 [ 278.514947][ T9380] CPU: 0 PID: 9380 Comm: syz-executor2 Not tainted 5.0.0-rc2-next-20190116 #13 [ 278.523909][ T9380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.533957][ T9380] Call Trace: [ 278.537291][ T9380] dump_stack+0x1db/0x2d0 [ 278.541667][ T9380] ? dump_stack_print_info.cold+0x20/0x20 [ 278.547390][ T9380] ? lockdep_hardirqs_on+0x415/0x5d0 [ 278.552690][ T9380] should_fail.cold+0xa/0x14 [ 278.557303][ T9380] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 278.563125][ T9380] ? arch_local_save_flags+0x50/0x50 [ 278.568417][ T9380] ? lock_release+0xc40/0xc40 [ 278.573096][ T9380] ? lockdep_hardirqs_on+0x415/0x5d0 [ 278.578395][ T9380] should_fail_alloc_page+0x50/0x60 [ 278.583596][ T9380] __alloc_pages_nodemask+0x323/0xdc0 [ 278.588978][ T9380] ? __alloc_pages_slowpath+0x2c60/0x2c60 [ 278.594711][ T9380] ? __lock_is_held+0xb6/0x140 [ 278.599483][ T9380] ? print_usage_bug+0xd0/0xd0 [ 278.604252][ T9380] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 278.610515][ T9380] alloc_pages_current+0x107/0x210 [ 278.615641][ T9380] pte_alloc_one+0x1b/0x1a0 [ 278.620150][ T9380] do_huge_pmd_anonymous_page+0xc0e/0x1830 [ 278.625966][ T9380] ? __thp_get_unmapped_area+0x190/0x190 [ 278.631603][ T9380] ? mark_held_locks+0x100/0x100 [ 278.636556][ T9380] ? pud_val+0x85/0x100 [ 278.640712][ T9380] ? pmd_val+0x100/0x100 [ 278.644958][ T9380] ? mark_held_locks+0x100/0x100 [ 278.649904][ T9380] ? print_usage_bug+0xd0/0xd0 [ 278.654673][ T9380] __handle_mm_fault+0x38cc/0x5610 [ 278.659797][ T9380] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 278.665347][ T9380] ? check_preemption_disabled+0x48/0x290 [ 278.671067][ T9380] ? handle_mm_fault+0x3cc/0xc80 [ 278.676034][ T9380] ? lock_downgrade+0xbe0/0xbe0 [ 278.680907][ T9380] ? kasan_check_read+0x11/0x20 [ 278.685764][ T9380] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 278.691774][ T9380] ? rcu_read_unlock_special+0x380/0x380 [ 278.697414][ T9380] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 278.703661][ T9380] ? check_preemption_disabled+0x48/0x290 [ 278.709394][ T9380] handle_mm_fault+0x4ec/0xc80 [ 278.714334][ T9380] ? __handle_mm_fault+0x5610/0x5610 [ 278.719625][ T9380] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 278.725358][ T9380] __get_user_pages+0x8f7/0x1e10 [ 278.730336][ T9380] ? follow_page_mask+0x1f40/0x1f40 [ 278.735534][ T9380] ? lock_release+0xc40/0xc40 [ 278.740239][ T9380] ? down_read+0x8d/0x120 [ 278.744569][ T9380] ? get_user_pages_unlocked+0x24d/0x5d0 [ 278.750201][ T9380] ? __down_interruptible+0x740/0x740 [ 278.755585][ T9380] get_user_pages_unlocked+0x276/0x5d0 [ 278.761069][ T9380] ? get_user_pages_longterm+0x630/0x630 [ 278.766708][ T9380] ? print_usage_bug+0xd0/0xd0 [ 278.771481][ T9380] get_user_pages_fast+0x317/0x460 [ 278.776612][ T9380] ? __get_user_pages_fast+0x3f0/0x3f0 [ 278.782074][ T9380] ? __lock_acquire+0x572/0x4a10 [ 278.787020][ T9380] iov_iter_get_pages+0x2df/0x12f0 [ 278.792129][ T9380] ? ___might_sleep+0x1e7/0x310 [ 278.796992][ T9380] ? csum_and_copy_to_iter+0x1b60/0x1b60 [ 278.802628][ T9380] ? pipe_lock+0x6e/0x80 [ 278.806882][ T9380] ? __mutex_lock+0x622/0x1670 [ 278.811658][ T9380] ? pipe_lock+0x6e/0x80 [ 278.815914][ T9380] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 278.822157][ T9380] iter_to_pipe+0x295/0x890 [ 278.826673][ T9380] ? write_pipe_buf+0x240/0x240 [ 278.831524][ T9380] ? lock_downgrade+0xbe0/0xbe0 [ 278.836435][ T9380] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 278.842673][ T9380] ? _copy_from_user+0xdd/0x150 [ 278.847533][ T9380] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 278.853263][ T9380] ? wait_for_space+0x1fa/0x280 [ 278.858129][ T9380] do_vmsplice.part.0+0x352/0x3d0 [ 278.863168][ T9380] ? do_tee+0x7c0/0x7c0 [ 278.867336][ T9380] ? import_iovec+0x16c/0x2a0 [ 278.872017][ T9380] ? dup_iter+0x260/0x260 [ 278.876350][ T9380] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 278.882593][ T9380] __do_sys_vmsplice+0x23e/0x2d0 [ 278.887532][ T9380] ? vmsplice_type.isra.0+0x150/0x150 [ 278.892939][ T9380] ? __sb_end_write+0xd9/0x110 [ 278.897708][ T9380] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 278.903944][ T9380] ? fput+0x128/0x1a0 [ 278.907927][ T9380] ? do_syscall_64+0x8c/0x800 [ 278.912635][ T9380] ? do_syscall_64+0x8c/0x800 [ 278.917316][ T9380] ? lockdep_hardirqs_on+0x415/0x5d0 [ 278.922603][ T9380] ? trace_hardirqs_on+0xbd/0x310 [ 278.927625][ T9380] ? __ia32_sys_read+0xb0/0xb0 [ 278.932392][ T9380] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.938459][ T9380] ? trace_hardirqs_off_caller+0x300/0x300 [ 278.944264][ T9380] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 278.950520][ T9380] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 278.955988][ T9380] __x64_sys_vmsplice+0x97/0xf0 [ 278.960889][ T9380] do_syscall_64+0x1a3/0x800 [ 278.965498][ T9380] ? syscall_return_slowpath+0x5f0/0x5f0 [ 278.971136][ T9380] ? prepare_exit_to_usermode+0x232/0x3b0 [ 278.976860][ T9380] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 278.982418][ T9380] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.988310][ T9380] RIP: 0033:0x457ec9 [ 278.992207][ T9380] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 279.011814][ T9380] RSP: 002b:00007fbb114cac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 279.020220][ T9380] RAX: ffffffffffffffda RBX: 00007fbb114cac90 RCX: 0000000000457ec9 [ 279.028215][ T9380] RDX: 0000000000000001 RSI: 0000000020b1d000 RDI: 0000000000000005 [ 279.036185][ T9380] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 279.044155][ T9380] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbb114cb6d4 [ 279.052125][ T9380] R13: 00000000004c6bb8 R14: 00000000004dc128 R15: 0000000000000006 [ 279.060147][ T9392] CPU: 1 PID: 9392 Comm: syz-executor3 Not tainted 5.0.0-rc2-next-20190116 #13 [ 279.069098][ T9392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.079151][ T9392] Call Trace: [ 279.082541][ T9392] dump_stack+0x1db/0x2d0 [ 279.086881][ T9392] ? dump_stack_print_info.cold+0x20/0x20 [ 279.092620][ T9392] should_fail.cold+0xa/0x14 [ 279.097226][ T9392] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 279.103048][ T9392] ? ___might_sleep+0x1e7/0x310 [ 279.107900][ T9392] ? arch_local_save_flags+0x50/0x50 [ 279.113185][ T9392] __should_failslab+0x121/0x190 [ 279.118142][ T9392] should_failslab+0x9/0x14 [ 279.122638][ T9392] kmem_cache_alloc+0x2be/0x710 [ 279.127489][ T9392] ? rcu_read_lock_sched_held+0x110/0x130 [ 279.133202][ T9392] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 279.139426][ T9392] prepare_creds+0xa4/0x510 [ 279.143952][ T9392] ? abort_creds+0x2c0/0x2c0 [ 279.148537][ T9392] ? copy_process+0xb3c/0x8740 [ 279.153295][ T9392] ? trace_hardirqs_off_caller+0x300/0x300 [ 279.159082][ T9392] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 279.165319][ T9392] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 279.171561][ T9392] ? check_preemption_disabled+0x48/0x290 [ 279.177290][ T9392] copy_creds+0x7b/0x6c0 [ 279.181525][ T9392] copy_process+0x114d/0x8740 [ 279.186210][ T9392] ? print_usage_bug+0xd0/0xd0 [ 279.190967][ T9392] ? add_lock_to_list.isra.0+0x450/0x450 [ 279.196589][ T9392] ? print_usage_bug+0xd0/0xd0 [ 279.201361][ T9392] ? __lock_acquire+0x572/0x4a10 [ 279.206318][ T9392] ? __lock_acquire+0x572/0x4a10 [ 279.211267][ T9392] ? __cleanup_sighand+0x70/0x70 [ 279.216204][ T9392] ? mark_held_locks+0x100/0x100 [ 279.221121][ T9392] ? __lock_acquire+0x572/0x4a10 [ 279.226056][ T9392] ? set_next_entity+0x30e/0xc50 [ 279.231006][ T9392] ? mark_held_locks+0x100/0x100 [ 279.235944][ T9392] ? __might_fault+0x12b/0x1e0 [ 279.240701][ T9392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 279.246931][ T9392] ? _parse_integer+0x139/0x190 [ 279.251775][ T9392] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 279.257993][ T9392] ? _kstrtoull+0x17d/0x250 [ 279.262476][ T9392] ? add_lock_to_list.isra.0+0x450/0x450 [ 279.268097][ T9392] ? lock_downgrade+0xbe0/0xbe0 [ 279.272940][ T9392] ? add_lock_to_list.isra.0+0x450/0x450 [ 279.278554][ T9392] ? __check_object_size+0xa3/0x790 [ 279.283796][ T9392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 279.290060][ T9392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 279.296288][ T9392] ? check_preemption_disabled+0x48/0x290 [ 279.302025][ T9392] ? get_pid_task+0xd4/0x190 [ 279.306635][ T9392] ? find_held_lock+0x35/0x120 [ 279.311393][ T9392] ? get_pid_task+0xd4/0x190 [ 279.315997][ T9392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 279.322238][ T9392] ? add_lock_to_list.isra.0+0x450/0x450 [ 279.327867][ T9392] ? kasan_check_read+0x11/0x20 [ 279.332710][ T9392] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 279.338669][ T9392] ? rcu_read_unlock_special+0x380/0x380 [ 279.344317][ T9392] ? __f_unlock_pos+0x19/0x20 [ 279.348985][ T9392] ? find_held_lock+0x35/0x120 [ 279.353725][ T9392] ? __f_unlock_pos+0x19/0x20 [ 279.358387][ T9392] ? proc_fail_nth_write+0xa0/0x220 [ 279.363579][ T9392] ? lock_downgrade+0xbe0/0xbe0 [ 279.368463][ T9392] ? vfs_write+0x2f0/0x580 [ 279.372907][ T9392] ? kasan_check_write+0x14/0x20 [ 279.377827][ T9392] ? __mutex_unlock_slowpath+0x195/0x870 [ 279.383444][ T9392] _do_fork+0x1a9/0x1170 [ 279.387687][ T9392] ? fork_idle+0x1d0/0x1d0 [ 279.392108][ T9392] ? __sb_end_write+0xd9/0x110 [ 279.396857][ T9392] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 279.403082][ T9392] ? fput+0x128/0x1a0 [ 279.407066][ T9392] ? do_syscall_64+0x8c/0x800 [ 279.411735][ T9392] ? do_syscall_64+0x8c/0x800 [ 279.416395][ T9392] ? lockdep_hardirqs_on+0x415/0x5d0 [ 279.421660][ T9392] ? trace_hardirqs_on+0xbd/0x310 [ 279.426672][ T9392] ? __ia32_sys_read+0xb0/0xb0 [ 279.431430][ T9392] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.437488][ T9392] ? trace_hardirqs_off_caller+0x300/0x300 [ 279.443313][ T9392] __x64_sys_clone+0xbf/0x150 [ 279.447987][ T9392] do_syscall_64+0x1a3/0x800 [ 279.452571][ T9392] ? syscall_return_slowpath+0x5f0/0x5f0 [ 279.458182][ T9392] ? prepare_exit_to_usermode+0x232/0x3b0 [ 279.463913][ T9392] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 279.469459][ T9392] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.475337][ T9392] RIP: 0033:0x457ec9 [ 279.479224][ T9392] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 279.498810][ T9392] RSP: 002b:00007fba4906ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 279.507209][ T9392] RAX: ffffffffffffffda RBX: 00007fba4906ac90 RCX: 0000000000457ec9 [ 279.515178][ T9392] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000001006210f [ 279.523139][ T9392] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 279.531107][ T9392] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fba4906b6d4 [ 279.539068][ T9392] R13: 00000000004be2a0 R14: 00000000004ce760 R15: 0000000000000004 13:23:22 executing program 5: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x0, 0x8040) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x4, &(0x7f00000001c0)=[{&(0x7f00000003c0)="d82b5738da6a8d8bc8646b8edbb8274d43db37b6895dae351236c31df9761fa8a1ff82cb8f0f5ecc659f9478c960b4309cea207f8e9536e605f97c5b4184694a834efa1a23b2566c1130965b1801bec5f00ef3a650811b6a9396d6c9df94ab568a4746e1f5f4c14516ebad87025dc49880eb33fe2c541679655aa66aafccc64d9589ca905b53a8e140aa27b66702c86c570ffdc28f63aabf8712e4e7c50cf7bef59fdb93d435373fff0319b35c5d1a731f8e1eac920fd7f2cf7a52f3a91dcb270f2feb9424c03a31b32ef6dcaadba1ced3dcf21804ff7d445ecd53b29a846d081d7eed583e92b17c107c042eca35c01931", 0xf1, 0x9}, {&(0x7f0000000500)="f02268e061a7d2a1528c5c36918d9e37a9d40dd8f18d8cff46427bf796f02f12970f70033c58aaebc6ba371d8995375f2051192f34263b4514bd749b698156c1888534f8e1d1e297a03e22ba8759adf328c02b1689f42a72bc9f4539b001963e82c0906d52ffd8a9d1be01ca73d3ab2591d6f7a0aba994e0922a0b3400721b745b824545a9ecdaccdf92ac19798ef570325a773de608986d2854467af2bdfbace90bf6ff0dda56bb0042e78a40bb2b084c529959176390fef94c5e8ecf1cc2f7533db863cb70e308cd5bd006b84cbddb65e5434a3d10b55fc0f4b5af84a53ae81c23d334f5da1071251f84ad3b8e8edc2195be6c6751531e0b32178d62db872c53569781979195fc52951276f7b3c1fbb131fae45de33e82f596051eea7062ba33ce9649cd9639806f55867ba153276106fa7f53e27abbdd4e763f7a153effdd418869d117de985eaf05d5b1817f0ed3647d72cd0a8f5d1cb7d99f3aaed306cc441485e13898e6029d13d81fa33e8d5fa2ed4f6b25794d1b8408748a282109be5b55f3f017ca5235df15f69a445e3e8014f0fa0fa55d1c77b6ff123aafb075fb69aeb5b8c24f531cbc226e692c492a0ddc7f660f01cc9f46c9f4e9380c5c25bf9e221c78edc3ba1a46402d54829161d8e200c4bac08f0964f3015afd5acfc622350b50f217045d4be88b8510032c867b9344da3b36be47688023e11410e54e15ef067c84785f0f48bee6c5ebc2991a862f6d0af3dfb204b48b7041a585cfa691760424a402280a4eb2e12b29de24a116e929ab40256f650c5d616d8a7a1e97862f5aac19d85082d85b3cce7e0dc6bb0f5a46b73407d7f8cad4eb813e15e690fef5cc5ed475dc30afa9140f31c74d0bafa152ec776fc5982c44180b6f0fd351246e13f18bc4d06514d6bc26fe205f802a0f75842817521066f353b05f1c9a20c70548e9dce088f5bdb6d9ba9a945da39dbb95c43eadecc10fbc015c1f6bc287accd6decb80ed9767005cabe5c0cb882b79696c3c72281a34d4552752dc69d05bd5b28456ea79b5be8f79f1bd38b5040f87cad4937fbaf71869f2e0578cdffd86f868944e7158c7947aa68ae22cf3bed9a68895f94e8095e09941c74950885906dc4e8d0d564c3bad1105b77faf142aa0b77b94f61b4b787cb426890afce180dbd39bc5ea01b35e08b2ce10fa81908fbb91cedc7146a2b6e8e0b73c9315994f30e66f1c84ec59cd44a5fe66279f1d7e1412ff0b1bbb7b45f2646ae32faa12a073e7e379cba0da8460881ca94acc23734581fed66d4067faeb38a15363b3c1f3cc2b278469b06b0b0bf6cc90532df2a6d84447716f36b3ea4ad975613696d9a2ae7b24176fdd793ee5f239521005ef8212a991dd912325bf5fb797a55e67d1676de0d8987da9274b783633cedb98c051d1aad5638ebccc41212e80adacb83014ca9a632650b874ecc2ea80d9831c1f70cb5efec9845b4b5d3433b94a1ba7ff5fb8cbd84024d57a223a54ac271f6266a5e736d89a391646e27add36a58d2c9b765e017c8ac666512027056c77893dc5593a00213f7945f639d61ae0df61f8e671eeabf987140747a742d74d15e8cca731b237b70e5a701ca505fbba08ce748976857455494b3e3c202120771d7111f4240f0672978c12973b5a369ef540eca5abe63b2cc063e24895809ef59944402f82f970869ad4d73fe7a84abed071b196f296351a34c8bd09cee4dc1a787dbb6794acb399fb8e6c26fc032782e0431d3af1d8f3d8ba89de3976fccb79f787645fe40865391b29f2ca2dbabd6149b0954accc226297321873c182c9eba2a46e28269f083f6b7113f7495e882f042d03f448a4d922dca4a61f2a26d80ef9f0ad7201ac9123804b24cffaef69f7bff037942c28b99bb3f74b2cc0561e4dee3ee42309afe28d60ffa716d798a19f5c3f4692b4c51a2946fb0d21d8aa48c95c2fc55b7c0286731f2c5949d2840949e96667115be1df0b4c464a6bbb9c61bb339a7d2af3a3e01195b5496a6b8e447a9720a62a2c0079adc6ca93f60afee18579986e17c614da5179e1706a9317647db88aedd8f5069589d1b872e94849da6b0d66f9f2fab15953025e043f30c234fcf4a12805beb7c802d559c68f087742fc0cdbc66808073c7da45fae1d914afae2eddbb59682c0f3ff992db84fdd614774dc467a34c231119a788a9e57186e191fff0c1209520e5149b56848a7e5a8811d51048bfc15733df6fbefd6021525a05264e06ec4e9dfba1bab5bdd99867d52a5e5797c3db146d60fd39ec3103fd23f2827b9c1e66fb35614f36c86f6e20541af378e013e9f6ab406c18cafc3f51ce6dd6a17aeba5609c00b756c83fc6c78cecbbbe08cd270cf4f68afddaab892696fcb140664348fd4baa8bdfb1a5c6cdbe50cf32bfcfcbecc028da55b29f7946badef7b9826d636b0d373c2b955eadfc08c35dc455560f41882066f79b93c3aa8057af7f5af915a52f7ade8b542c74242c9a5d305c06b45af1ff17b96833945abe132511ba621276cba0883e38338769a3a537632deadc619c95cace7a1b6ca610d357cf75fea5d2682b4e7045b3a456530c0a6dac38b531d47f0029c2bb7681821b02182d83b19a5b0c99f99d26e72e1dc3fcbdb256d046f334ccd4a87807432546741eecd2909d4a96d42ec12859208bde2cd96e1e88577f2c1850764cf556b3546dd3b8249e2798c91ab68abd9eacd2ae0ce188ab067e72c40569a3b7eecd6708dbcf374b9fa2a6a0260fb096a0fb1b75d0af9296ee471611ba76511f2f50e7a414b39beb1c1d8f64988b37c02a1dd350a1e40f4a2d8bc24f29f1c03286ee80a759b4357b042d424cf4cbae474d89b633815751fa2343a648c623220ad5586bd61c67a30ec6bbf5de5bc0f8d8e3826305acabf336c3501bd34eaf44d174fda18f3dd630bd4b45ba39b141fd1e900a4cd1a9c75e95a9bb7798513eb448cfc79612462cfdf81421c201d4ac82b342faa152d8be8ebe143552254284eb763b86cc4ca1b8171a72df76fcc79859a65e2bca731adbb23905a1a6f22f8e0442af4ac28bceedf9f33f6d6c1a82acdaf4978d788864b683798bd20708780826ac1ff8a208ec03cdc748f2102d89c3433c1fc3f7b5506383026ffd03a3ea1240b483c4fdade16ccdf98223a8655882e5cf4f736beb2cf4c785d1b76deb7d63776721f88ba9f22cdfb4aab98c79a5e23196fa13db4c5552815c77f913dd4acf67377de4867783e7aaaaf76efe221877d8e8d893b93b08dc276eeb96e4c0340e60622fae616acf3f195691d097580ee40df2dd8dc0ff43832c4ffec37621214cd5c0c91051fc50f4b0644ad9264623b55b286cfc61f352a223b2531610e9bb4ce0270e010dc6649320a124dfd5ea638ac862dfef3bf3afcf92e38c1f7541bb41b3c64c6eff123280da680b6ddcf5626541a8990246dcf97b16af3513ec7c344558517629987aa0923a4503d6de90f2152f0dda2dbc9eb6ae6a9e1e3c26dd02224b4a8f450a6bc43d4613afaa83e7c2bb3a99e51fa32a775f8b4641015fc0b5decfdb15f2d7c9bed52965bd7a80789208111603f4a6889b7ac7d6332d8d91e349aa1054511ca70b8cae110f2ea949dcfb661822995a5727268e98e21d80b8a869970839c047cdfea4b7438c6afb8d5b6bde9a7ff2ff035ede7936e2641fc149cf1694e15e251ab378fe306d31106aeccf94234a8f53e353a2fed3b7f111ec7945b03080d8c27e5b05a0fa6e58e47caaa425c3b97116aa7267d9e40140a32489b86c3d60816e69d9e07cde3946492683a86043c0894098d99126741383062e2426be01703f248cf9e7733ac0f715c128c7089b4c277c71393f405e7a660c2125ed8b5a84966a6e46ddb8ed7d8538fe755bc8997649b8153786665bc556aca365c6fde9d4a79b72086152cab3bd1bd26d90c367688e8b4c70425ea547c472f870b8a4210ea60d829c694200d8535b07553685b9d44c166d1a9e9f0e1e12c2935c2daff9ed20374bc3e51010bc9a72d93b8e38d68b95ab64c2c63a990aea5678e0d2d2f0830bace1202e8313f07eedc5b38b6610a8bcaa8a7d44d57639810e5b3a53f70207d0f6d7dafe4df642b6233a64523e98d43a03cb4a82648c915329187b0b0645721adbd5d98bce6bb49898a21897ab39bb3180a1ed06207ba1bf677a63696929642285919d9a05615d49d929d38f5f1afdd222873f1d99d640e1e0d11e08ee169c49fde11459d0752e50407fabee506b39b09a1a3dd9c144fcf2d6e44039221508655beaa611ee71b9a24c1f18a77f96ec2b7484ed2f1087dea0295027b5e2398101092bdeba87527c1665751dafb67e5ecb44c430f707504d0f305d39908104feeeb7daaa60b23eb8a1fa954e96b79509904abe9b4f3b61120c5b38b7fb694ed9536f5a49ec3be8038b52e87101e8e6f52984386bf804c6417e00d11f5dabba71b563a6171b55e4a4d2caeb56906c299b62282e0e59873003c36ecba3fb5a68591c07f27001d5e0f79ce0748449a58648612e2aa452c2b0dfd469e2712f2c8c97e05c442aeb369dbcb22a443a078cb3a8b805d9348c6dbd627f26427f93cfefe3c0508d8cd018082f355e8b7533dca787b2f46058ee4dd1c5d174da28082bc0eca82a73fabab7fa8b46195a9ca08cf2ae48fe358bcc960204bfc07035c6b8efc600a87e7c6059e18ef471421730512e510d72426b2f08f1b888478b5298fa4b14c9399b91f9d474e5760db5b90239f74eb703ff6110bc77855555506c4c809c4ca502532ffe09ff1e3deeb8c97b62d1dd549fef9c988173bc7683d3a12532f79cf2bc10a1bdf8ed199c8566079517800688228e44a62973f767762709068a5949d2bdfc031e6a43ca86acaa59dcd1d60df480cab8aa9ad0db4e05c157574a2881f5424e592776b32fbd9a1d6dd74fd549326ac988f061702ebb1d549831099494af9fe0d78282a07385a99aa4ae2ca419f79b9b0fe16ca96b485dd9967b794eb26388ddec2759f27a5e738d61c341d6f27d4a077a2b2659b9e2b08cc405d9e11523da9bcf813de34bdde9a40f94e1a6c1f887e79c1636aac36fc58f5b0546fd784eee869c3ba4375208f7f379a2f4340baed36775533ec167bc6a5deedb17325caa91aa014f926629c1746e07dbd36cb7c139ff723075e8af479e167ebbb4e3d2d6807eaa23fb0d8a11eb917367a391c2d1b6ed07a90e45fc59f9bf0698aa166ebe62cceef6d4d215e20cb4cdc09b93f99481494b4e8f8c4025bf5495c32bbb397d5edab6f492ae6c3e3686c3304e3f52163dbe366dfdb831309ea97b0991b18aace871e4eee50642e9a673f5045aa506bccd9e3a5eb28673d2514d860f0675c021fa0bacd5d254364bcce2233c01b1afd09e2d20bed829c6d440f4bc9e5fd9c74eb164f2b0c8d31bd426fa8450c972a92afd0f283d4e905272105937cf74c577127614c7a42e55e021fb3ab337accea07cbf3774ea1d6a08d6d32ffb9573e0dc2612de122d4dba17811706fe6bcdb57b5ae02d6697519725fa31ba34b0cb997d603fa65fdc2204dd1099a546dfea05f14528ebadb325a395d1ad4e3a7da2c85afc6d48d6dc1df3cbfa0fb2c1308fe8cd62adc3dd9b7e5a376b4269014e5cd8390be7b137453dadca3ede88c00894f90fd95cfb7348684f24f001d7bc0637db220e26df6c3f5b0754c6a6a64e8299a849ad3b2d280e52dc7dc900bf7a8f6da477b4b8d0bca4a28d1d107cab2a67e5147a40fcb2a637b6ada24c1d14396d6483a6f22ef754977207e760f1b", 0x1000, 0x3f}, {&(0x7f0000001500)="55420e79e3938cf2b9de55e22490bc491aaedb2160c0cc4f764639ecd02bd85f6245d89ae4e0b91b63c866f22294aab5ecedc97c88c6444f33d7c665e263d9d094876f79cd80ddb0cd84ce2e945e6bfae948a9d650f9e414f16678d820547cbcc9686e574929fe4ba8dcd6254dfdbb52741ea77bc9dc516f12eb1be773e63d29c05ad85a02647ee8dd862ec936f1cbf136001982babc95a34d4bb14a972fb69e1bd3ddce5584", 0xa6, 0x1}, {&(0x7f00000015c0)="048071f6e55f2511081853f6f980aacd8fb3e787a8547515e85bd3ee898f866bc7a1a13fce068ce7a8dde7016135749090df41f4c30f2a2dc65126e46131e81c92ba3a748e612ebd8c2e054779cc699e4b06555425fa348761a6cb86dbdfe55f4a40d294a5a73c144ad2dc38632fc1affe7462344215194675992c40dda23b0b70e5a6bd88893d56b202eddb7ee263fc0567b5a36f8a36c097110e3530733b50f8b304dc21b82dbc3c2922bc64af61de6550eeced24ed1f8568d600c3ebde90081a0f7feaec67176fcd432c574c7ddf0417509f44abf34e8fbdb0ac650f8dd49a1c760fe9cfc506b72d465a5b9dee37738c8356650727826d5", 0xf9, 0x2}], 0x10488, &(0x7f00000016c0)={[{@numtail='nonumtail=0'}, {@fat=@flush='flush'}, {@fat=@check_normal='check=normal'}, {@shortname_win95='shortname=win95'}, {@utf8no='utf8=0'}, {@numtail='nonumtail=0'}, {@utf8no='utf8=0'}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@measure='measure'}]}) 13:23:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x0) clone(0x1006210f, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:22 executing program 1 (fault-call:5 fault-nth:14): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:22 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0}], 0x1, 0x0) close(r0) 13:23:22 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rfkill\x00', 0x200080, 0x0) getpeername$unix(r0, &(0x7f0000000200)=@abs, &(0x7f0000000380)=0x6e) 13:23:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) 13:23:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x0, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 279.751111][ T9407] FAULT_INJECTION: forcing a failure. [ 279.751111][ T9407] name failslab, interval 1, probability 0, space 0, times 0 [ 279.769227][ T9418] overlayfs: filesystem on './file0' not supported as upperdir [ 279.781458][ T9407] CPU: 1 PID: 9407 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 279.790432][ T9407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.800499][ T9407] Call Trace: [ 279.803862][ T9407] dump_stack+0x1db/0x2d0 [ 279.808237][ T9407] ? dump_stack_print_info.cold+0x20/0x20 [ 279.814000][ T9407] ? do_raw_spin_unlock+0xa0/0x330 [ 279.819130][ T9407] ? __d_rehash+0x26c/0x460 [ 279.823644][ T9407] should_fail.cold+0xa/0x14 [ 279.828259][ T9407] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 279.829796][ T9416] FAT-fs (loop5): Unrecognized mount option "defcontext=root" or missing value [ 279.834084][ T9407] ? ___might_sleep+0x1e7/0x310 13:23:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x0, 0x0, 0x0, &(0x7f0000000000), 0x0) 13:23:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x0, 0x0, 0x0, &(0x7f0000000000), 0x0) [ 279.834101][ T9407] ? arch_local_save_flags+0x50/0x50 [ 279.834131][ T9407] __should_failslab+0x121/0x190 [ 279.858601][ T9407] should_failslab+0x9/0x14 [ 279.863115][ T9407] kmem_cache_alloc+0x2be/0x710 [ 279.867979][ T9407] __d_alloc+0xae/0xbe0 [ 279.872146][ T9407] ? d_lookup+0x163/0x360 [ 279.876486][ T9407] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 279.882214][ T9407] ? d_alloc_parallel+0x1f10/0x1f10 [ 279.887416][ T9407] ? trace_hardirqs_on+0xbd/0x310 [ 279.892445][ T9407] ? ovl_path_next+0x2e0/0x2e0 [ 279.897214][ T9407] ? lookup_dcache+0x23/0x140 13:23:22 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) [ 279.901898][ T9407] ? trace_hardirqs_off_caller+0x300/0x300 [ 279.907739][ T9407] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 279.913471][ T9407] d_alloc+0x99/0x420 [ 279.917473][ T9407] ? __d_lookup+0x960/0x960 [ 279.921983][ T9407] ? __d_alloc+0xbe0/0xbe0 [ 279.926406][ T9407] ? lock_rename+0x1ef/0x290 [ 279.931017][ T9407] __lookup_hash+0xcd/0x190 [ 279.935536][ T9407] do_renameat2+0x749/0x1120 [ 279.940144][ T9407] ? user_path_create+0x50/0x50 [ 279.945002][ T9407] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 279.951256][ T9407] ? fput+0x128/0x1a0 [ 279.955257][ T9407] ? do_syscall_64+0x8c/0x800 [ 279.959965][ T9407] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.966047][ T9407] ? trace_hardirqs_off_caller+0x300/0x300 [ 279.971882][ T9407] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 279.977358][ T9407] __x64_sys_rename+0x61/0x80 [ 279.982071][ T9407] do_syscall_64+0x1a3/0x800 [ 279.986692][ T9407] ? syscall_return_slowpath+0x5f0/0x5f0 [ 279.992309][ T9407] ? prepare_exit_to_usermode+0x232/0x3b0 [ 279.998013][ T9407] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 280.003552][ T9407] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.009439][ T9407] RIP: 0033:0x457ec9 [ 280.013312][ T9407] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 280.032930][ T9407] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 280.041339][ T9407] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 13:23:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x400, 0x0) sendto$ax25(r1, &(0x7f0000000080)="42514077563e7fc0651b9ba7448aff54b52a3e0705d6748ea5de84639cf177", 0x1f, 0x20040800, &(0x7f00000000c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x2}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]}, 0x48) ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000000000)) clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) 13:23:22 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') r0 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x2000, 0x0) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000200)=@req={0x1, 0x3, 0xc5ce, 0x80000001}, 0x10) rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0\x00') r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x20000, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000140)=[@in6={0xa, 0x4e23, 0x2e, @mcast2, 0x8}, @in={0x2, 0x4e22, @loopback}, @in6={0xa, 0x4e22, 0x9, @mcast1, 0x2}, @in6={0xa, 0x4e24, 0xd4, @remote, 0x3}, @in={0x2, 0x4e20, @loopback}], 0x74) [ 280.049384][ T9407] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 280.057339][ T9407] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 280.065309][ T9407] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 280.073270][ T9407] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 13:23:22 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0, 0x2}], 0x1, 0x0) close(r0) 13:23:22 executing program 5: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x0, 0x8040) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x4, &(0x7f00000001c0)=[{&(0x7f00000003c0)="d82b5738da6a8d8bc8646b8edbb8274d43db37b6895dae351236c31df9761fa8a1ff82cb8f0f5ecc659f9478c960b4309cea207f8e9536e605f97c5b4184694a834efa1a23b2566c1130965b1801bec5f00ef3a650811b6a9396d6c9df94ab568a4746e1f5f4c14516ebad87025dc49880eb33fe2c541679655aa66aafccc64d9589ca905b53a8e140aa27b66702c86c570ffdc28f63aabf8712e4e7c50cf7bef59fdb93d435373fff0319b35c5d1a731f8e1eac920fd7f2cf7a52f3a91dcb270f2feb9424c03a31b32ef6dcaadba1ced3dcf21804ff7d445ecd53b29a846d081d7eed583e92b17c107c042eca35c01931", 0xf1, 0x9}, {&(0x7f0000000500)="f02268e061a7d2a1528c5c36918d9e37a9d40dd8f18d8cff46427bf796f02f12970f70033c58aaebc6ba371d8995375f2051192f34263b4514bd749b698156c1888534f8e1d1e297a03e22ba8759adf328c02b1689f42a72bc9f4539b001963e82c0906d52ffd8a9d1be01ca73d3ab2591d6f7a0aba994e0922a0b3400721b745b824545a9ecdaccdf92ac19798ef570325a773de608986d2854467af2bdfbace90bf6ff0dda56bb0042e78a40bb2b084c529959176390fef94c5e8ecf1cc2f7533db863cb70e308cd5bd006b84cbddb65e5434a3d10b55fc0f4b5af84a53ae81c23d334f5da1071251f84ad3b8e8edc2195be6c6751531e0b32178d62db872c53569781979195fc52951276f7b3c1fbb131fae45de33e82f596051eea7062ba33ce9649cd9639806f55867ba153276106fa7f53e27abbdd4e763f7a153effdd418869d117de985eaf05d5b1817f0ed3647d72cd0a8f5d1cb7d99f3aaed306cc441485e13898e6029d13d81fa33e8d5fa2ed4f6b25794d1b8408748a282109be5b55f3f017ca5235df15f69a445e3e8014f0fa0fa55d1c77b6ff123aafb075fb69aeb5b8c24f531cbc226e692c492a0ddc7f660f01cc9f46c9f4e9380c5c25bf9e221c78edc3ba1a46402d54829161d8e200c4bac08f0964f3015afd5acfc622350b50f217045d4be88b8510032c867b9344da3b36be47688023e11410e54e15ef067c84785f0f48bee6c5ebc2991a862f6d0af3dfb204b48b7041a585cfa691760424a402280a4eb2e12b29de24a116e929ab40256f650c5d616d8a7a1e97862f5aac19d85082d85b3cce7e0dc6bb0f5a46b73407d7f8cad4eb813e15e690fef5cc5ed475dc30afa9140f31c74d0bafa152ec776fc5982c44180b6f0fd351246e13f18bc4d06514d6bc26fe205f802a0f75842817521066f353b05f1c9a20c70548e9dce088f5bdb6d9ba9a945da39dbb95c43eadecc10fbc015c1f6bc287accd6decb80ed9767005cabe5c0cb882b79696c3c72281a34d4552752dc69d05bd5b28456ea79b5be8f79f1bd38b5040f87cad4937fbaf71869f2e0578cdffd86f868944e7158c7947aa68ae22cf3bed9a68895f94e8095e09941c74950885906dc4e8d0d564c3bad1105b77faf142aa0b77b94f61b4b787cb426890afce180dbd39bc5ea01b35e08b2ce10fa81908fbb91cedc7146a2b6e8e0b73c9315994f30e66f1c84ec59cd44a5fe66279f1d7e1412ff0b1bbb7b45f2646ae32faa12a073e7e379cba0da8460881ca94acc23734581fed66d4067faeb38a15363b3c1f3cc2b278469b06b0b0bf6cc90532df2a6d84447716f36b3ea4ad975613696d9a2ae7b24176fdd793ee5f239521005ef8212a991dd912325bf5fb797a55e67d1676de0d8987da9274b783633cedb98c051d1aad5638ebccc41212e80adacb83014ca9a632650b874ecc2ea80d9831c1f70cb5efec9845b4b5d3433b94a1ba7ff5fb8cbd84024d57a223a54ac271f6266a5e736d89a391646e27add36a58d2c9b765e017c8ac666512027056c77893dc5593a00213f7945f639d61ae0df61f8e671eeabf987140747a742d74d15e8cca731b237b70e5a701ca505fbba08ce748976857455494b3e3c202120771d7111f4240f0672978c12973b5a369ef540eca5abe63b2cc063e24895809ef59944402f82f970869ad4d73fe7a84abed071b196f296351a34c8bd09cee4dc1a787dbb6794acb399fb8e6c26fc032782e0431d3af1d8f3d8ba89de3976fccb79f787645fe40865391b29f2ca2dbabd6149b0954accc226297321873c182c9eba2a46e28269f083f6b7113f7495e882f042d03f448a4d922dca4a61f2a26d80ef9f0ad7201ac9123804b24cffaef69f7bff037942c28b99bb3f74b2cc0561e4dee3ee42309afe28d60ffa716d798a19f5c3f4692b4c51a2946fb0d21d8aa48c95c2fc55b7c0286731f2c5949d2840949e96667115be1df0b4c464a6bbb9c61bb339a7d2af3a3e01195b5496a6b8e447a9720a62a2c0079adc6ca93f60afee18579986e17c614da5179e1706a9317647db88aedd8f5069589d1b872e94849da6b0d66f9f2fab15953025e043f30c234fcf4a12805beb7c802d559c68f087742fc0cdbc66808073c7da45fae1d914afae2eddbb59682c0f3ff992db84fdd614774dc467a34c231119a788a9e57186e191fff0c1209520e5149b56848a7e5a8811d51048bfc15733df6fbefd6021525a05264e06ec4e9dfba1bab5bdd99867d52a5e5797c3db146d60fd39ec3103fd23f2827b9c1e66fb35614f36c86f6e20541af378e013e9f6ab406c18cafc3f51ce6dd6a17aeba5609c00b756c83fc6c78cecbbbe08cd270cf4f68afddaab892696fcb140664348fd4baa8bdfb1a5c6cdbe50cf32bfcfcbecc028da55b29f7946badef7b9826d636b0d373c2b955eadfc08c35dc455560f41882066f79b93c3aa8057af7f5af915a52f7ade8b542c74242c9a5d305c06b45af1ff17b96833945abe132511ba621276cba0883e38338769a3a537632deadc619c95cace7a1b6ca610d357cf75fea5d2682b4e7045b3a456530c0a6dac38b531d47f0029c2bb7681821b02182d83b19a5b0c99f99d26e72e1dc3fcbdb256d046f334ccd4a87807432546741eecd2909d4a96d42ec12859208bde2cd96e1e88577f2c1850764cf556b3546dd3b8249e2798c91ab68abd9eacd2ae0ce188ab067e72c40569a3b7eecd6708dbcf374b9fa2a6a0260fb096a0fb1b75d0af9296ee471611ba76511f2f50e7a414b39beb1c1d8f64988b37c02a1dd350a1e40f4a2d8bc24f29f1c03286ee80a759b4357b042d424cf4cbae474d89b633815751fa2343a648c623220ad5586bd61c67a30ec6bbf5de5bc0f8d8e3826305acabf336c3501bd34eaf44d174fda18f3dd630bd4b45ba39b141fd1e900a4cd1a9c75e95a9bb7798513eb448cfc79612462cfdf81421c201d4ac82b342faa152d8be8ebe143552254284eb763b86cc4ca1b8171a72df76fcc79859a65e2bca731adbb23905a1a6f22f8e0442af4ac28bceedf9f33f6d6c1a82acdaf4978d788864b683798bd20708780826ac1ff8a208ec03cdc748f2102d89c3433c1fc3f7b5506383026ffd03a3ea1240b483c4fdade16ccdf98223a8655882e5cf4f736beb2cf4c785d1b76deb7d63776721f88ba9f22cdfb4aab98c79a5e23196fa13db4c5552815c77f913dd4acf67377de4867783e7aaaaf76efe221877d8e8d893b93b08dc276eeb96e4c0340e60622fae616acf3f195691d097580ee40df2dd8dc0ff43832c4ffec37621214cd5c0c91051fc50f4b0644ad9264623b55b286cfc61f352a223b2531610e9bb4ce0270e010dc6649320a124dfd5ea638ac862dfef3bf3afcf92e38c1f7541bb41b3c64c6eff123280da680b6ddcf5626541a8990246dcf97b16af3513ec7c344558517629987aa0923a4503d6de90f2152f0dda2dbc9eb6ae6a9e1e3c26dd02224b4a8f450a6bc43d4613afaa83e7c2bb3a99e51fa32a775f8b4641015fc0b5decfdb15f2d7c9bed52965bd7a80789208111603f4a6889b7ac7d6332d8d91e349aa1054511ca70b8cae110f2ea949dcfb661822995a5727268e98e21d80b8a869970839c047cdfea4b7438c6afb8d5b6bde9a7ff2ff035ede7936e2641fc149cf1694e15e251ab378fe306d31106aeccf94234a8f53e353a2fed3b7f111ec7945b03080d8c27e5b05a0fa6e58e47caaa425c3b97116aa7267d9e40140a32489b86c3d60816e69d9e07cde3946492683a86043c0894098d99126741383062e2426be01703f248cf9e7733ac0f715c128c7089b4c277c71393f405e7a660c2125ed8b5a84966a6e46ddb8ed7d8538fe755bc8997649b8153786665bc556aca365c6fde9d4a79b72086152cab3bd1bd26d90c367688e8b4c70425ea547c472f870b8a4210ea60d829c694200d8535b07553685b9d44c166d1a9e9f0e1e12c2935c2daff9ed20374bc3e51010bc9a72d93b8e38d68b95ab64c2c63a990aea5678e0d2d2f0830bace1202e8313f07eedc5b38b6610a8bcaa8a7d44d57639810e5b3a53f70207d0f6d7dafe4df642b6233a64523e98d43a03cb4a82648c915329187b0b0645721adbd5d98bce6bb49898a21897ab39bb3180a1ed06207ba1bf677a63696929642285919d9a05615d49d929d38f5f1afdd222873f1d99d640e1e0d11e08ee169c49fde11459d0752e50407fabee506b39b09a1a3dd9c144fcf2d6e44039221508655beaa611ee71b9a24c1f18a77f96ec2b7484ed2f1087dea0295027b5e2398101092bdeba87527c1665751dafb67e5ecb44c430f707504d0f305d39908104feeeb7daaa60b23eb8a1fa954e96b79509904abe9b4f3b61120c5b38b7fb694ed9536f5a49ec3be8038b52e87101e8e6f52984386bf804c6417e00d11f5dabba71b563a6171b55e4a4d2caeb56906c299b62282e0e59873003c36ecba3fb5a68591c07f27001d5e0f79ce0748449a58648612e2aa452c2b0dfd469e2712f2c8c97e05c442aeb369dbcb22a443a078cb3a8b805d9348c6dbd627f26427f93cfefe3c0508d8cd018082f355e8b7533dca787b2f46058ee4dd1c5d174da28082bc0eca82a73fabab7fa8b46195a9ca08cf2ae48fe358bcc960204bfc07035c6b8efc600a87e7c6059e18ef471421730512e510d72426b2f08f1b888478b5298fa4b14c9399b91f9d474e5760db5b90239f74eb703ff6110bc77855555506c4c809c4ca502532ffe09ff1e3deeb8c97b62d1dd549fef9c988173bc7683d3a12532f79cf2bc10a1bdf8ed199c8566079517800688228e44a62973f767762709068a5949d2bdfc031e6a43ca86acaa59dcd1d60df480cab8aa9ad0db4e05c157574a2881f5424e592776b32fbd9a1d6dd74fd549326ac988f061702ebb1d549831099494af9fe0d78282a07385a99aa4ae2ca419f79b9b0fe16ca96b485dd9967b794eb26388ddec2759f27a5e738d61c341d6f27d4a077a2b2659b9e2b08cc405d9e11523da9bcf813de34bdde9a40f94e1a6c1f887e79c1636aac36fc58f5b0546fd784eee869c3ba4375208f7f379a2f4340baed36775533ec167bc6a5deedb17325caa91aa014f926629c1746e07dbd36cb7c139ff723075e8af479e167ebbb4e3d2d6807eaa23fb0d8a11eb917367a391c2d1b6ed07a90e45fc59f9bf0698aa166ebe62cceef6d4d215e20cb4cdc09b93f99481494b4e8f8c4025bf5495c32bbb397d5edab6f492ae6c3e3686c3304e3f52163dbe366dfdb831309ea97b0991b18aace871e4eee50642e9a673f5045aa506bccd9e3a5eb28673d2514d860f0675c021fa0bacd5d254364bcce2233c01b1afd09e2d20bed829c6d440f4bc9e5fd9c74eb164f2b0c8d31bd426fa8450c972a92afd0f283d4e905272105937cf74c577127614c7a42e55e021fb3ab337accea07cbf3774ea1d6a08d6d32ffb9573e0dc2612de122d4dba17811706fe6bcdb57b5ae02d6697519725fa31ba34b0cb997d603fa65fdc2204dd1099a546dfea05f14528ebadb325a395d1ad4e3a7da2c85afc6d48d6dc1df3cbfa0fb2c1308fe8cd62adc3dd9b7e5a376b4269014e5cd8390be7b137453dadca3ede88c00894f90fd95cfb7348684f24f001d7bc0637db220e26df6c3f5b0754c6a6a64e8299a849ad3b2d280e52dc7dc900bf7a8f6da477b4b8d0bca4a28d1d107cab2a67e5147a40fcb2a637b6ada24c1d14396d6483a6f22ef754977207e760f1b", 0x1000, 0x3f}, {&(0x7f0000001500)="55420e79e3938cf2b9de55e22490bc491aaedb2160c0cc4f764639ecd02bd85f6245d89ae4e0b91b63c866f22294aab5ecedc97c88c6444f33d7c665e263d9d094876f79cd80ddb0cd84ce2e945e6bfae948a9d650f9e414f16678d820547cbcc9686e574929fe4ba8dcd6254dfdbb52741ea77bc9dc516f12eb1be773e63d29c05ad85a02647ee8dd862ec936f1cbf136001982babc95a34d4bb14a972fb69e1bd3ddce5584", 0xa6, 0x1}, {&(0x7f00000015c0)="048071f6e55f2511081853f6f980aacd8fb3e787a8547515e85bd3ee898f866bc7a1a13fce068ce7a8dde7016135749090df41f4c30f2a2dc65126e46131e81c92ba3a748e612ebd8c2e054779cc699e4b06555425fa348761a6cb86dbdfe55f4a40d294a5a73c144ad2dc38632fc1affe7462344215194675992c40dda23b0b70e5a6bd88893d56b202eddb7ee263fc0567b5a36f8a36c097110e3530733b50f8b304dc21b82dbc3c2922bc64af61de6550eeced24ed1f8568d600c3ebde90081a0f7feaec67176fcd432c574c7ddf0417509f44abf34e8fbdb0ac650f8dd49a1c760fe9cfc506b72d465a5b9dee37738c8356650727826d5", 0xf9, 0x2}], 0x10488, &(0x7f00000016c0)={[{@numtail='nonumtail=0'}, {@fat=@flush='flush'}, {@fat=@check_normal='check=normal'}, {@shortname_win95='shortname=win95'}, {@utf8no='utf8=0'}, {@numtail='nonumtail=0'}, {@utf8no='utf8=0'}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@measure='measure'}]}) 13:23:22 executing program 1 (fault-call:5 fault-nth:15): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:22 executing program 0 (fault-call:3 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) 13:23:22 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x20040, 0x0) getsockopt$bt_sco_SCO_OPTIONS(r1, 0x11, 0x1, &(0x7f0000000080)=""/255, &(0x7f0000000180)=0xff) ioctl(r0, 0x3, &(0x7f0000000040)="544d732fba63f3b717fb5da070") clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) [ 280.280601][ T9448] overlayfs: filesystem on './file0' not supported as upperdir [ 280.287856][ T9444] FAULT_INJECTION: forcing a failure. [ 280.287856][ T9444] name failslab, interval 1, probability 0, space 0, times 0 [ 280.299397][ T9449] FAULT_INJECTION: forcing a failure. [ 280.299397][ T9449] name failslab, interval 1, probability 0, space 0, times 0 [ 280.360474][ T9444] CPU: 0 PID: 9444 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 280.369421][ T9444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.379474][ T9444] Call Trace: [ 280.383303][ T9444] dump_stack+0x1db/0x2d0 [ 280.383327][ T9444] ? dump_stack_print_info.cold+0x20/0x20 [ 280.383346][ T9444] ? do_raw_spin_unlock+0xa0/0x330 [ 280.383364][ T9444] ? __d_rehash+0x26c/0x460 [ 280.383391][ T9444] should_fail.cold+0xa/0x14 [ 280.383413][ T9444] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 280.383439][ T9444] ? ___might_sleep+0x1e7/0x310 [ 280.383458][ T9444] ? arch_local_save_flags+0x50/0x50 [ 280.383485][ T9444] __should_failslab+0x121/0x190 [ 280.383508][ T9444] should_failslab+0x9/0x14 [ 280.383530][ T9444] kmem_cache_alloc+0x2be/0x710 [ 280.383586][ T9444] __d_alloc+0xae/0xbe0 [ 280.383621][ T9444] ? d_lookup+0x163/0x360 [ 280.383640][ T9444] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 280.383656][ T9444] ? d_alloc_parallel+0x1f10/0x1f10 [ 280.383678][ T9444] ? trace_hardirqs_on+0xbd/0x310 [ 280.462388][ T9444] ? ovl_path_next+0x2e0/0x2e0 [ 280.462409][ T9444] ? lookup_dcache+0x23/0x140 [ 280.471844][ T9444] ? trace_hardirqs_off_caller+0x300/0x300 [ 280.477659][ T9444] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 280.483386][ T9444] d_alloc+0x99/0x420 [ 280.487364][ T9444] ? __d_lookup+0x960/0x960 [ 280.491869][ T9444] ? __d_alloc+0xbe0/0xbe0 [ 280.496294][ T9444] ? lock_rename+0x1ef/0x290 [ 280.500894][ T9444] __lookup_hash+0xcd/0x190 [ 280.505396][ T9444] do_renameat2+0x749/0x1120 [ 280.510050][ T9444] ? user_path_create+0x50/0x50 [ 280.514916][ T9444] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 280.521172][ T9444] ? fput+0x128/0x1a0 [ 280.525152][ T9444] ? do_syscall_64+0x8c/0x800 [ 280.529875][ T9444] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.535970][ T9444] ? trace_hardirqs_off_caller+0x300/0x300 [ 280.541781][ T9444] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 280.547269][ T9444] __x64_sys_rename+0x61/0x80 [ 280.551999][ T9444] do_syscall_64+0x1a3/0x800 [ 280.556602][ T9444] ? syscall_return_slowpath+0x5f0/0x5f0 [ 280.562237][ T9444] ? prepare_exit_to_usermode+0x232/0x3b0 [ 280.567995][ T9444] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 280.573576][ T9444] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.579504][ T9444] RIP: 0033:0x457ec9 [ 280.583441][ T9444] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 280.603136][ T9444] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 280.611554][ T9444] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 280.619591][ T9444] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 280.627573][ T9444] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 280.635557][ T9444] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 [ 280.643578][ T9444] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 13:23:23 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x54402, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x8, 0x4}, &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000180)={r2, @in={{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}}, [0x7, 0x10000, 0x3, 0x1, 0x0, 0x1, 0x8, 0x80, 0x4, 0x9, 0x4, 0x3, 0x8, 0x7f, 0x4]}, &(0x7f00000000c0)=0x100) 13:23:23 executing program 3: r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video36\x00', 0x2, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") getsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000240)=""/217, &(0x7f0000000340)=0xd9) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_PRI(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x12000400}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x68, r3, 0x304, 0x70bd27, 0x25dfdbfd, {{}, 0x0, 0x4108, 0x0, {0x4c, 0x18, {0xdeb, @media='udp\x00'}}}, ["", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x20004054}, 0x0) clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) 13:23:23 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000000)=0xfffffffffffff05e) 13:23:23 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$vbi(&(0x7f0000000100)='/dev/vbi#\x00', 0x0, 0x2) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000180)={0x15, 0x8, 0x13, 0x1, 0x2, 0x5, 0x0, 0x8b, 0x1}) ioctl$LOOP_SET_CAPACITY(r1, 0x4c07) ioctl(r0, 0x1000008d12, &(0x7f0000000280)="6a0370000000000000000000ffe20000000065d930a0fa28b4e3be62d097d6e8ccde4c5f9475afce84f565e76307dd1cfa579fcdd56c2aac1b0cb918dfe2c9a42bad14bd0d64ec1f7e6dadafcaa4928dbe3f47e8f1d9a23345322a30d9928bd2805e9a0f7ebe1f") r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x4c100, 0x0) ioctl$SIOCX25SCALLUSERDATA(r2, 0x89e5, &(0x7f0000000040)={0x12, "949fab170df173bc636376409c3344c4a33474d116afc8f2e543217a164dabb4b4b38e46dc0188c8c03b8b4d37ac47d57bd5054a91e91d373d7edd491a41e01fa535a5da705c177ea77da0c4ec4c4b57bd84a8cddbd7861382f5914840128992db744ddc50e7f5680141c51cf8e14244bcf82bc98c5c43f8b693eb12217d0fe6"}) clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) 13:23:23 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0, 0x8}], 0x1, 0x0) close(r0) 13:23:23 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') prctl$PR_GET_SECCOMP(0x15) rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') [ 280.669439][ T9477] FAT-fs (loop5): Unrecognized mount option "defcontext=root" or missing value [ 280.687272][ T9449] CPU: 1 PID: 9449 Comm: syz-executor0 Not tainted 5.0.0-rc2-next-20190116 #13 [ 280.696242][ T9449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.706337][ T9449] Call Trace: [ 280.706360][ T9449] dump_stack+0x1db/0x2d0 13:23:23 executing program 1 (fault-call:5 fault-nth:16): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') [ 280.706380][ T9449] ? dump_stack_print_info.cold+0x20/0x20 13:23:23 executing program 5: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x4, &(0x7f00000001c0)=[{&(0x7f00000003c0)="d82b5738da6a8d8bc8646b8edbb8274d43db37b6895dae351236c31df9761fa8a1ff82cb8f0f5ecc659f9478c960b4309cea207f8e9536e605f97c5b4184694a834efa1a23b2566c1130965b1801bec5f00ef3a650811b6a9396d6c9df94ab568a4746e1f5f4c14516ebad87025dc49880eb33fe2c541679655aa66aafccc64d9589ca905b53a8e140aa27b66702c86c570ffdc28f63aabf8712e4e7c50cf7bef59fdb93d435373fff0319b35c5d1a731f8e1eac920fd7f2cf7a52f3a91dcb270f2feb9424c03a31b32ef6dcaadba1ced3dcf21804ff7d445ecd53b29a846d081d7eed583e92b17c107c042eca35c01931", 0xf1, 0x9}, {&(0x7f0000000500)="f02268e061a7d2a1528c5c36918d9e37a9d40dd8f18d8cff46427bf796f02f12970f70033c58aaebc6ba371d8995375f2051192f34263b4514bd749b698156c1888534f8e1d1e297a03e22ba8759adf328c02b1689f42a72bc9f4539b001963e82c0906d52ffd8a9d1be01ca73d3ab2591d6f7a0aba994e0922a0b3400721b745b824545a9ecdaccdf92ac19798ef570325a773de608986d2854467af2bdfbace90bf6ff0dda56bb0042e78a40bb2b084c529959176390fef94c5e8ecf1cc2f7533db863cb70e308cd5bd006b84cbddb65e5434a3d10b55fc0f4b5af84a53ae81c23d334f5da1071251f84ad3b8e8edc2195be6c6751531e0b32178d62db872c53569781979195fc52951276f7b3c1fbb131fae45de33e82f596051eea7062ba33ce9649cd9639806f55867ba153276106fa7f53e27abbdd4e763f7a153effdd418869d117de985eaf05d5b1817f0ed3647d72cd0a8f5d1cb7d99f3aaed306cc441485e13898e6029d13d81fa33e8d5fa2ed4f6b25794d1b8408748a282109be5b55f3f017ca5235df15f69a445e3e8014f0fa0fa55d1c77b6ff123aafb075fb69aeb5b8c24f531cbc226e692c492a0ddc7f660f01cc9f46c9f4e9380c5c25bf9e221c78edc3ba1a46402d54829161d8e200c4bac08f0964f3015afd5acfc622350b50f217045d4be88b8510032c867b9344da3b36be47688023e11410e54e15ef067c84785f0f48bee6c5ebc2991a862f6d0af3dfb204b48b7041a585cfa691760424a402280a4eb2e12b29de24a116e929ab40256f650c5d616d8a7a1e97862f5aac19d85082d85b3cce7e0dc6bb0f5a46b73407d7f8cad4eb813e15e690fef5cc5ed475dc30afa9140f31c74d0bafa152ec776fc5982c44180b6f0fd351246e13f18bc4d06514d6bc26fe205f802a0f75842817521066f353b05f1c9a20c70548e9dce088f5bdb6d9ba9a945da39dbb95c43eadecc10fbc015c1f6bc287accd6decb80ed9767005cabe5c0cb882b79696c3c72281a34d4552752dc69d05bd5b28456ea79b5be8f79f1bd38b5040f87cad4937fbaf71869f2e0578cdffd86f868944e7158c7947aa68ae22cf3bed9a68895f94e8095e09941c74950885906dc4e8d0d564c3bad1105b77faf142aa0b77b94f61b4b787cb426890afce180dbd39bc5ea01b35e08b2ce10fa81908fbb91cedc7146a2b6e8e0b73c9315994f30e66f1c84ec59cd44a5fe66279f1d7e1412ff0b1bbb7b45f2646ae32faa12a073e7e379cba0da8460881ca94acc23734581fed66d4067faeb38a15363b3c1f3cc2b278469b06b0b0bf6cc90532df2a6d84447716f36b3ea4ad975613696d9a2ae7b24176fdd793ee5f239521005ef8212a991dd912325bf5fb797a55e67d1676de0d8987da9274b783633cedb98c051d1aad5638ebccc41212e80adacb83014ca9a632650b874ecc2ea80d9831c1f70cb5efec9845b4b5d3433b94a1ba7ff5fb8cbd84024d57a223a54ac271f6266a5e736d89a391646e27add36a58d2c9b765e017c8ac666512027056c77893dc5593a00213f7945f639d61ae0df61f8e671eeabf987140747a742d74d15e8cca731b237b70e5a701ca505fbba08ce748976857455494b3e3c202120771d7111f4240f0672978c12973b5a369ef540eca5abe63b2cc063e24895809ef59944402f82f970869ad4d73fe7a84abed071b196f296351a34c8bd09cee4dc1a787dbb6794acb399fb8e6c26fc032782e0431d3af1d8f3d8ba89de3976fccb79f787645fe40865391b29f2ca2dbabd6149b0954accc226297321873c182c9eba2a46e28269f083f6b7113f7495e882f042d03f448a4d922dca4a61f2a26d80ef9f0ad7201ac9123804b24cffaef69f7bff037942c28b99bb3f74b2cc0561e4dee3ee42309afe28d60ffa716d798a19f5c3f4692b4c51a2946fb0d21d8aa48c95c2fc55b7c0286731f2c5949d2840949e96667115be1df0b4c464a6bbb9c61bb339a7d2af3a3e01195b5496a6b8e447a9720a62a2c0079adc6ca93f60afee18579986e17c614da5179e1706a9317647db88aedd8f5069589d1b872e94849da6b0d66f9f2fab15953025e043f30c234fcf4a12805beb7c802d559c68f087742fc0cdbc66808073c7da45fae1d914afae2eddbb59682c0f3ff992db84fdd614774dc467a34c231119a788a9e57186e191fff0c1209520e5149b56848a7e5a8811d51048bfc15733df6fbefd6021525a05264e06ec4e9dfba1bab5bdd99867d52a5e5797c3db146d60fd39ec3103fd23f2827b9c1e66fb35614f36c86f6e20541af378e013e9f6ab406c18cafc3f51ce6dd6a17aeba5609c00b756c83fc6c78cecbbbe08cd270cf4f68afddaab892696fcb140664348fd4baa8bdfb1a5c6cdbe50cf32bfcfcbecc028da55b29f7946badef7b9826d636b0d373c2b955eadfc08c35dc455560f41882066f79b93c3aa8057af7f5af915a52f7ade8b542c74242c9a5d305c06b45af1ff17b96833945abe132511ba621276cba0883e38338769a3a537632deadc619c95cace7a1b6ca610d357cf75fea5d2682b4e7045b3a456530c0a6dac38b531d47f0029c2bb7681821b02182d83b19a5b0c99f99d26e72e1dc3fcbdb256d046f334ccd4a87807432546741eecd2909d4a96d42ec12859208bde2cd96e1e88577f2c1850764cf556b3546dd3b8249e2798c91ab68abd9eacd2ae0ce188ab067e72c40569a3b7eecd6708dbcf374b9fa2a6a0260fb096a0fb1b75d0af9296ee471611ba76511f2f50e7a414b39beb1c1d8f64988b37c02a1dd350a1e40f4a2d8bc24f29f1c03286ee80a759b4357b042d424cf4cbae474d89b633815751fa2343a648c623220ad5586bd61c67a30ec6bbf5de5bc0f8d8e3826305acabf336c3501bd34eaf44d174fda18f3dd630bd4b45ba39b141fd1e900a4cd1a9c75e95a9bb7798513eb448cfc79612462cfdf81421c201d4ac82b342faa152d8be8ebe143552254284eb763b86cc4ca1b8171a72df76fcc79859a65e2bca731adbb23905a1a6f22f8e0442af4ac28bceedf9f33f6d6c1a82acdaf4978d788864b683798bd20708780826ac1ff8a208ec03cdc748f2102d89c3433c1fc3f7b5506383026ffd03a3ea1240b483c4fdade16ccdf98223a8655882e5cf4f736beb2cf4c785d1b76deb7d63776721f88ba9f22cdfb4aab98c79a5e23196fa13db4c5552815c77f913dd4acf67377de4867783e7aaaaf76efe221877d8e8d893b93b08dc276eeb96e4c0340e60622fae616acf3f195691d097580ee40df2dd8dc0ff43832c4ffec37621214cd5c0c91051fc50f4b0644ad9264623b55b286cfc61f352a223b2531610e9bb4ce0270e010dc6649320a124dfd5ea638ac862dfef3bf3afcf92e38c1f7541bb41b3c64c6eff123280da680b6ddcf5626541a8990246dcf97b16af3513ec7c344558517629987aa0923a4503d6de90f2152f0dda2dbc9eb6ae6a9e1e3c26dd02224b4a8f450a6bc43d4613afaa83e7c2bb3a99e51fa32a775f8b4641015fc0b5decfdb15f2d7c9bed52965bd7a80789208111603f4a6889b7ac7d6332d8d91e349aa1054511ca70b8cae110f2ea949dcfb661822995a5727268e98e21d80b8a869970839c047cdfea4b7438c6afb8d5b6bde9a7ff2ff035ede7936e2641fc149cf1694e15e251ab378fe306d31106aeccf94234a8f53e353a2fed3b7f111ec7945b03080d8c27e5b05a0fa6e58e47caaa425c3b97116aa7267d9e40140a32489b86c3d60816e69d9e07cde3946492683a86043c0894098d99126741383062e2426be01703f248cf9e7733ac0f715c128c7089b4c277c71393f405e7a660c2125ed8b5a84966a6e46ddb8ed7d8538fe755bc8997649b8153786665bc556aca365c6fde9d4a79b72086152cab3bd1bd26d90c367688e8b4c70425ea547c472f870b8a4210ea60d829c694200d8535b07553685b9d44c166d1a9e9f0e1e12c2935c2daff9ed20374bc3e51010bc9a72d93b8e38d68b95ab64c2c63a990aea5678e0d2d2f0830bace1202e8313f07eedc5b38b6610a8bcaa8a7d44d57639810e5b3a53f70207d0f6d7dafe4df642b6233a64523e98d43a03cb4a82648c915329187b0b0645721adbd5d98bce6bb49898a21897ab39bb3180a1ed06207ba1bf677a63696929642285919d9a05615d49d929d38f5f1afdd222873f1d99d640e1e0d11e08ee169c49fde11459d0752e50407fabee506b39b09a1a3dd9c144fcf2d6e44039221508655beaa611ee71b9a24c1f18a77f96ec2b7484ed2f1087dea0295027b5e2398101092bdeba87527c1665751dafb67e5ecb44c430f707504d0f305d39908104feeeb7daaa60b23eb8a1fa954e96b79509904abe9b4f3b61120c5b38b7fb694ed9536f5a49ec3be8038b52e87101e8e6f52984386bf804c6417e00d11f5dabba71b563a6171b55e4a4d2caeb56906c299b62282e0e59873003c36ecba3fb5a68591c07f27001d5e0f79ce0748449a58648612e2aa452c2b0dfd469e2712f2c8c97e05c442aeb369dbcb22a443a078cb3a8b805d9348c6dbd627f26427f93cfefe3c0508d8cd018082f355e8b7533dca787b2f46058ee4dd1c5d174da28082bc0eca82a73fabab7fa8b46195a9ca08cf2ae48fe358bcc960204bfc07035c6b8efc600a87e7c6059e18ef471421730512e510d72426b2f08f1b888478b5298fa4b14c9399b91f9d474e5760db5b90239f74eb703ff6110bc77855555506c4c809c4ca502532ffe09ff1e3deeb8c97b62d1dd549fef9c988173bc7683d3a12532f79cf2bc10a1bdf8ed199c8566079517800688228e44a62973f767762709068a5949d2bdfc031e6a43ca86acaa59dcd1d60df480cab8aa9ad0db4e05c157574a2881f5424e592776b32fbd9a1d6dd74fd549326ac988f061702ebb1d549831099494af9fe0d78282a07385a99aa4ae2ca419f79b9b0fe16ca96b485dd9967b794eb26388ddec2759f27a5e738d61c341d6f27d4a077a2b2659b9e2b08cc405d9e11523da9bcf813de34bdde9a40f94e1a6c1f887e79c1636aac36fc58f5b0546fd784eee869c3ba4375208f7f379a2f4340baed36775533ec167bc6a5deedb17325caa91aa014f926629c1746e07dbd36cb7c139ff723075e8af479e167ebbb4e3d2d6807eaa23fb0d8a11eb917367a391c2d1b6ed07a90e45fc59f9bf0698aa166ebe62cceef6d4d215e20cb4cdc09b93f99481494b4e8f8c4025bf5495c32bbb397d5edab6f492ae6c3e3686c3304e3f52163dbe366dfdb831309ea97b0991b18aace871e4eee50642e9a673f5045aa506bccd9e3a5eb28673d2514d860f0675c021fa0bacd5d254364bcce2233c01b1afd09e2d20bed829c6d440f4bc9e5fd9c74eb164f2b0c8d31bd426fa8450c972a92afd0f283d4e905272105937cf74c577127614c7a42e55e021fb3ab337accea07cbf3774ea1d6a08d6d32ffb9573e0dc2612de122d4dba17811706fe6bcdb57b5ae02d6697519725fa31ba34b0cb997d603fa65fdc2204dd1099a546dfea05f14528ebadb325a395d1ad4e3a7da2c85afc6d48d6dc1df3cbfa0fb2c1308fe8cd62adc3dd9b7e5a376b4269014e5cd8390be7b137453dadca3ede88c00894f90fd95cfb7348684f24f001d7bc0637db220e26df6c3f5b0754c6a6a64e8299a849ad3b2d280e52dc7dc900bf7a8f6da477b4b8d0bca4a28d1d107cab2a67e5147a40fcb2a637b6ada24c1d14396d6483a6f22ef754977207e760f1b", 0x1000, 0x3f}, {&(0x7f0000001500)="55420e79e3938cf2b9de55e22490bc491aaedb2160c0cc4f764639ecd02bd85f6245d89ae4e0b91b63c866f22294aab5ecedc97c88c6444f33d7c665e263d9d094876f79cd80ddb0cd84ce2e945e6bfae948a9d650f9e414f16678d820547cbcc9686e574929fe4ba8dcd6254dfdbb52741ea77bc9dc516f12eb1be773e63d29c05ad85a02647ee8dd862ec936f1cbf136001982babc95a34d4bb14a972fb69e1bd3ddce5584", 0xa6, 0x1}, {&(0x7f00000015c0)="048071f6e55f2511081853f6f980aacd8fb3e787a8547515e85bd3ee898f866bc7a1a13fce068ce7a8dde7016135749090df41f4c30f2a2dc65126e46131e81c92ba3a748e612ebd8c2e054779cc699e4b06555425fa348761a6cb86dbdfe55f4a40d294a5a73c144ad2dc38632fc1affe7462344215194675992c40dda23b0b70e5a6bd88893d56b202eddb7ee263fc0567b5a36f8a36c097110e3530733b50f8b304dc21b82dbc3c2922bc64af61de6550eeced24ed1f8568d600c3ebde90081a0f7feaec67176fcd432c574c7ddf0417509f44abf34e8fbdb0ac650f8dd49a1c760fe9cfc506b72d465a5b9dee37738c8356650727826d5", 0xf9, 0x2}], 0x10488, &(0x7f00000016c0)={[{@numtail='nonumtail=0'}, {@fat=@flush='flush'}, {@fat=@check_normal='check=normal'}, {@shortname_win95='shortname=win95'}, {@utf8no='utf8=0'}, {@numtail='nonumtail=0'}, {@utf8no='utf8=0'}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@measure='measure'}]}) 13:23:23 executing program 0 (fault-call:3 fault-nth:1): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) [ 280.706396][ T9449] ? add_lock_to_list.isra.0+0x450/0x450 [ 280.706415][ T9449] ? kasan_check_read+0x11/0x20 [ 280.706436][ T9449] should_fail.cold+0xa/0x14 [ 280.706455][ T9449] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 280.706477][ T9449] ? ___might_sleep+0x1e7/0x310 [ 280.706493][ T9449] ? arch_local_save_flags+0x50/0x50 [ 280.706509][ T9449] ? lock_acquire+0x1db/0x570 [ 280.706527][ T9449] ? _raw_spin_unlock_irq+0x28/0x90 [ 280.706545][ T9449] __should_failslab+0x121/0x190 [ 280.706564][ T9449] should_failslab+0x9/0x14 [ 280.706579][ T9449] kmem_cache_alloc_node+0x265/0x710 [ 280.706594][ T9449] ? print_usage_bug+0xd0/0xd0 [ 280.706628][ T9449] copy_process+0x4088/0x8740 [ 280.706657][ T9449] ? print_usage_bug+0xd0/0xd0 [ 280.706686][ T9449] ? __lock_acquire+0x572/0x4a10 [ 280.706703][ T9449] ? process_measurement+0x268/0x1be0 13:23:23 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0, 0x10}], 0x1, 0x0) close(r0) [ 280.706720][ T9449] ? print_usage_bug+0xd0/0xd0 [ 280.706739][ T9449] ? __lock_acquire+0x572/0x4a10 [ 280.706754][ T9449] ? __lock_acquire+0x572/0x4a10 [ 280.706785][ T9449] ? __cleanup_sighand+0x70/0x70 [ 280.706801][ T9449] ? mark_held_locks+0x100/0x100 [ 280.706821][ T9449] ? __lock_acquire+0x572/0x4a10 [ 280.706854][ T9449] ? mark_held_locks+0x100/0x100 [ 280.706876][ T9449] ? __might_fault+0x12b/0x1e0 [ 280.706893][ T9449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.706909][ T9449] ? _parse_integer+0x139/0x190 [ 280.706929][ T9449] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 280.706944][ T9449] ? _kstrtoull+0x17d/0x250 [ 280.706976][ T9449] ? add_lock_to_list.isra.0+0x450/0x450 [ 280.706989][ T9449] ? lock_downgrade+0xbe0/0xbe0 [ 280.707004][ T9449] ? add_lock_to_list.isra.0+0x450/0x450 [ 280.707018][ T9449] ? __check_object_size+0xa3/0x790 [ 280.707032][ T9449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.707056][ T9449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.707072][ T9449] ? check_preemption_disabled+0x48/0x290 [ 280.707088][ T9449] ? get_pid_task+0xd4/0x190 [ 280.707102][ T9449] ? find_held_lock+0x35/0x120 [ 280.707116][ T9449] ? get_pid_task+0xd4/0x190 [ 280.707133][ T9449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.707153][ T9449] ? add_lock_to_list.isra.0+0x450/0x450 [ 280.707168][ T9449] ? kasan_check_read+0x11/0x20 [ 280.707185][ T9449] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 280.707204][ T9449] ? rcu_read_unlock_special+0x380/0x380 [ 280.707225][ T9449] ? __f_unlock_pos+0x19/0x20 [ 280.707240][ T9449] ? find_held_lock+0x35/0x120 [ 280.707256][ T9449] ? __f_unlock_pos+0x19/0x20 [ 280.707274][ T9449] ? proc_fail_nth_write+0xa0/0x220 [ 280.707308][ T9449] ? lock_downgrade+0xbe0/0xbe0 [ 280.707327][ T9449] ? vfs_write+0x2f0/0x580 [ 280.707368][ T9449] ? kasan_check_write+0x14/0x20 [ 280.707385][ T9449] ? __mutex_unlock_slowpath+0x195/0x870 [ 280.707408][ T9449] _do_fork+0x1a9/0x1170 [ 280.707430][ T9449] ? fork_idle+0x1d0/0x1d0 [ 280.707449][ T9449] ? __sb_end_write+0xd9/0x110 [ 280.707469][ T9449] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 280.707485][ T9449] ? fput+0x128/0x1a0 [ 280.707502][ T9449] ? do_syscall_64+0x8c/0x800 [ 280.707518][ T9449] ? do_syscall_64+0x8c/0x800 [ 280.707534][ T9449] ? lockdep_hardirqs_on+0x415/0x5d0 [ 280.707551][ T9449] ? trace_hardirqs_on+0xbd/0x310 [ 280.707566][ T9449] ? __ia32_sys_read+0xb0/0xb0 [ 280.707584][ T9449] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.707601][ T9449] ? trace_hardirqs_off_caller+0x300/0x300 [ 280.707623][ T9449] __x64_sys_clone+0xbf/0x150 [ 280.707644][ T9449] do_syscall_64+0x1a3/0x800 [ 280.707664][ T9449] ? syscall_return_slowpath+0x5f0/0x5f0 [ 280.707683][ T9449] ? prepare_exit_to_usermode+0x232/0x3b0 [ 280.707704][ T9449] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 280.707729][ T9449] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.707742][ T9449] RIP: 0033:0x457ec9 [ 280.707757][ T9449] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 280.707766][ T9449] RSP: 002b:00007ff25af18c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 280.707781][ T9449] RAX: ffffffffffffffda RBX: 00007ff25af18c90 RCX: 0000000000457ec9 [ 280.707790][ T9449] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000001006210f [ 280.707799][ T9449] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 280.707808][ T9449] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff25af196d4 [ 280.707818][ T9449] R13: 00000000004be2a0 R14: 00000000004ce760 R15: 0000000000000004 [ 280.931873][ T9491] FAULT_INJECTION: forcing a failure. [ 280.931873][ T9491] name failslab, interval 1, probability 0, space 0, times 0 [ 281.000239][ T9497] FAULT_INJECTION: forcing a failure. [ 281.000239][ T9497] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 281.100969][ T9491] CPU: 0 PID: 9491 Comm: syz-executor1 Not tainted 5.0.0-rc2-next-20190116 #13 [ 281.298949][ T9491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.308997][ T9491] Call Trace: [ 281.312302][ T9491] dump_stack+0x1db/0x2d0 [ 281.316639][ T9491] ? dump_stack_print_info.cold+0x20/0x20 [ 281.322356][ T9491] ? do_raw_spin_unlock+0xa0/0x330 [ 281.327468][ T9491] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 281.333462][ T9491] should_fail.cold+0xa/0x14 [ 281.338053][ T9491] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 281.343864][ T9491] ? ___might_sleep+0x1e7/0x310 [ 281.348717][ T9491] ? arch_local_save_flags+0x50/0x50 [ 281.354019][ T9491] ? ovl_lookup_single+0xed/0x880 [ 281.359073][ T9491] __should_failslab+0x121/0x190 [ 281.364043][ T9491] should_failslab+0x9/0x14 [ 281.368574][ T9491] __kmalloc+0x2dc/0x740 [ 281.372812][ T9491] ? rcu_read_lock_sched_held+0x110/0x130 [ 281.378525][ T9491] ? ovl_lookup_single+0x880/0x880 [ 281.383648][ T9491] ? ovl_path_real+0x410/0x410 [ 281.388406][ T9491] ? ovl_alloc_entry+0x25/0x70 [ 281.393183][ T9491] ovl_alloc_entry+0x25/0x70 [ 281.397768][ T9491] ovl_lookup+0xa58/0x29b0 [ 281.402201][ T9491] ? ovl_path_next+0x2e0/0x2e0 [ 281.406961][ T9491] ? kasan_check_read+0x11/0x20 [ 281.411839][ T9491] ? _raw_spin_unlock+0x2d/0x50 [ 281.416687][ T9491] ? d_alloc+0x2a3/0x420 [ 281.420926][ T9491] ? __d_alloc+0xbe0/0xbe0 [ 281.425338][ T9491] ? lock_rename+0x1ef/0x290 [ 281.429937][ T9491] __lookup_hash+0x122/0x190 [ 281.434529][ T9491] do_renameat2+0x749/0x1120 [ 281.439150][ T9491] ? user_path_create+0x50/0x50 [ 281.443999][ T9491] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 281.450253][ T9491] ? fput+0x128/0x1a0 [ 281.454247][ T9491] ? do_syscall_64+0x8c/0x800 [ 281.458939][ T9491] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.465007][ T9491] ? trace_hardirqs_off_caller+0x300/0x300 [ 281.470816][ T9491] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 281.476275][ T9491] __x64_sys_rename+0x61/0x80 [ 281.481001][ T9491] do_syscall_64+0x1a3/0x800 [ 281.485603][ T9491] ? syscall_return_slowpath+0x5f0/0x5f0 [ 281.491247][ T9491] ? prepare_exit_to_usermode+0x232/0x3b0 [ 281.496991][ T9491] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 281.502563][ T9491] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.508450][ T9491] RIP: 0033:0x457ec9 [ 281.512347][ T9491] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 281.531944][ T9491] RSP: 002b:00007f0d41ed5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 281.540349][ T9491] RAX: ffffffffffffffda RBX: 00007f0d41ed5c90 RCX: 0000000000457ec9 [ 281.548313][ T9491] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000040 [ 281.556286][ T9491] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 281.564250][ T9491] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0d41ed66d4 13:23:23 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x80, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000040)={0x2, 0x4e21, @loopback}, 0x10) ioctl$DRM_IOCTL_MARK_BUFS(r1, 0x40206417, &(0x7f0000000280)={0x1, 0x1000, 0x3, 0xc, 0x10}) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) sendmsg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)="79a6da6935256869eaef83ab9abbe8c2366c8917a2af443bc5c217ee8756c394dc7d9c7d9178ae8e0e92222e5cb98e8a1a1185f9906430724cca95e7fc1e09c7f262842de48f229a465e48165feb4e18afc81034a5b1220f40250e18746ee950e82d5af929878af4a9ec0826cdffef94449723a66c4318bbff41db076526aca7807cf11e80b7775cbf3e7bcb7896417590961beb3fe2fd4197f540", 0x9b}, {&(0x7f0000000180)="50d20e4f4e0efa192b6203ea52dff2ffffca15f0a895a07076c5cf9624920ee1946ee862ceca5e50cf925621571d74dc311fde173ab3590742872d3c8a1ec51575955d1519", 0x45}], 0x2}, 0x4000010) [ 281.572220][ T9491] R13: 00000000004c4b3c R14: 00000000004d8408 R15: 0000000000000003 [ 281.580207][ T9497] CPU: 1 PID: 9497 Comm: syz-executor0 Not tainted 5.0.0-rc2-next-20190116 #13 [ 281.589144][ T9497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.599196][ T9497] Call Trace: [ 281.602488][ T9497] dump_stack+0x1db/0x2d0 [ 281.606825][ T9497] ? dump_stack_print_info.cold+0x20/0x20 [ 281.612549][ T9497] ? lock_downgrade+0xbe0/0xbe0 [ 281.617405][ T9497] ? kasan_check_read+0x11/0x20 [ 281.622266][ T9497] should_fail.cold+0xa/0x14 [ 281.626877][ T9497] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 281.632681][ T9497] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.632709][ T9497] ? rcu_read_unlock+0x16/0x60 [ 281.632725][ T9497] ? find_held_lock+0x35/0x120 [ 281.632741][ T9497] ? rcu_read_unlock+0x16/0x60 [ 281.632763][ T9497] should_fail_alloc_page+0x50/0x60 [ 281.658427][ T9497] __alloc_pages_nodemask+0x323/0xdc0 [ 281.663799][ T9497] ? lock_downgrade+0xbe0/0xbe0 [ 281.663816][ T9497] ? kasan_check_read+0x11/0x20 [ 281.663834][ T9497] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 281.663855][ T9497] ? __alloc_pages_slowpath+0x2c60/0x2c60 [ 281.663887][ T9497] ? ___might_sleep+0x1e7/0x310 [ 281.663907][ T9497] ? trace_hardirqs_off+0xb8/0x310 [ 281.663934][ T9497] cache_grow_begin+0x9c/0x8c0 [ 281.699985][ T9497] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 281.706234][ T9497] ? check_preemption_disabled+0x48/0x290 [ 281.711964][ T9497] kmem_cache_alloc_node+0x64d/0x710 [ 281.717390][ T9497] ? print_usage_bug+0xd0/0xd0 [ 281.722174][ T9497] copy_process+0x4088/0x8740 [ 281.726857][ T9497] ? print_usage_bug+0xd0/0xd0 [ 281.731624][ T9497] ? __lock_acquire+0x572/0x4a10 [ 281.736569][ T9497] ? process_measurement+0x268/0x1be0 [ 281.741949][ T9497] ? print_usage_bug+0xd0/0xd0 [ 281.746719][ T9497] ? __lock_acquire+0x572/0x4a10 [ 281.751664][ T9497] ? __lock_acquire+0x572/0x4a10 [ 281.756625][ T9497] ? __cleanup_sighand+0x70/0x70 [ 281.761572][ T9497] ? mark_held_locks+0x100/0x100 [ 281.766525][ T9497] ? __lock_acquire+0x572/0x4a10 13:23:24 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) r1 = gettid() r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x400000, 0x0) ioctl$LOOP_SET_CAPACITY(r2, 0x4c07) fcntl$setown(r0, 0x8, r1) 13:23:24 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') [ 281.771485][ T9497] ? mark_held_locks+0x100/0x100 [ 281.776435][ T9497] ? __might_fault+0x12b/0x1e0 [ 281.781212][ T9497] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.787456][ T9497] ? _parse_integer+0x139/0x190 [ 281.792322][ T9497] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 281.798574][ T9497] ? _kstrtoull+0x17d/0x250 [ 281.803091][ T9497] ? add_lock_to_list.isra.0+0x450/0x450 [ 281.808731][ T9497] ? lock_downgrade+0xbe0/0xbe0 [ 281.813590][ T9497] ? add_lock_to_list.isra.0+0x450/0x450 13:23:24 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x2080000, 0x0, 0x0, 0x0, 0x0) [ 281.819229][ T9497] ? __check_object_size+0xa3/0x790 [ 281.824460][ T9497] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.830700][ T9497] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.836950][ T9497] ? check_preemption_disabled+0x48/0x290 [ 281.842677][ T9497] ? get_pid_task+0xd4/0x190 [ 281.847764][ T9497] ? find_held_lock+0x35/0x120 [ 281.852532][ T9497] ? get_pid_task+0xd4/0x190 [ 281.857130][ T9497] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.863387][ T9497] ? add_lock_to_list.isra.0+0x450/0x450 [ 281.869025][ T9497] ? kasan_check_read+0x11/0x20 [ 281.874431][ T9497] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 281.880420][ T9497] ? rcu_read_unlock_special+0x380/0x380 [ 281.886066][ T9497] ? __f_unlock_pos+0x19/0x20 [ 281.890744][ T9497] ? find_held_lock+0x35/0x120 [ 281.895516][ T9497] ? __f_unlock_pos+0x19/0x20 [ 281.900193][ T9497] ? proc_fail_nth_write+0xa0/0x220 [ 281.905446][ T9497] ? lock_downgrade+0xbe0/0xbe0 [ 281.910307][ T9497] ? vfs_write+0x2f0/0x580 [ 281.914737][ T9497] ? kasan_check_write+0x14/0x20 13:23:24 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0, 0x50}], 0x1, 0x0) close(r0) [ 281.919683][ T9497] ? __mutex_unlock_slowpath+0x195/0x870 [ 281.925346][ T9497] _do_fork+0x1a9/0x1170 [ 281.929603][ T9497] ? fork_idle+0x1d0/0x1d0 [ 281.934024][ T9497] ? __sb_end_write+0xd9/0x110 [ 281.938798][ T9497] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 281.945062][ T9497] ? fput+0x128/0x1a0 [ 281.949067][ T9497] ? do_syscall_64+0x8c/0x800 [ 281.953743][ T9497] ? do_syscall_64+0x8c/0x800 [ 281.958414][ T9497] ? lockdep_hardirqs_on+0x415/0x5d0 [ 281.963681][ T9497] ? trace_hardirqs_on+0xbd/0x310 [ 281.968712][ T9497] ? __ia32_sys_read+0xb0/0xb0 [ 281.973467][ T9497] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.979515][ T9497] ? trace_hardirqs_off_caller+0x300/0x300 [ 281.985328][ T9497] __x64_sys_clone+0xbf/0x150 [ 281.990012][ T9497] do_syscall_64+0x1a3/0x800 [ 281.994606][ T9497] ? syscall_return_slowpath+0x5f0/0x5f0 [ 282.000314][ T9497] ? prepare_exit_to_usermode+0x232/0x3b0 [ 282.006068][ T9497] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 282.011658][ T9497] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 282.017544][ T9497] RIP: 0033:0x457ec9 [ 282.021420][ T9497] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 282.041018][ T9497] RSP: 002b:00007ff25af18c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 282.049437][ T9497] RAX: ffffffffffffffda RBX: 00007ff25af18c90 RCX: 0000000000457ec9 [ 282.057400][ T9497] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000001006210f [ 282.065359][ T9497] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 282.073376][ T9497] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff25af196d4 [ 282.081357][ T9497] R13: 00000000004be2a0 R14: 00000000004ce760 R15: 0000000000000004 [ 282.156298][ T9514] overlayfs: filesystem on './file0' not supported as upperdir 13:23:24 executing program 0 (fault-call:3 fault-nth:2): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) [ 282.249220][ T9521] FAT-fs (loop5): Unrecognized mount option "defcontext=root" or missing value 13:23:24 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f0000000240)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="75707065224229683d2ef600000065302c2c6f7765726469723d2e242633926b913de1b5c27cc6b784b8655e0d01000000000005056469723d2e2f66696c6531"]) lsetxattr$trusted_overlay_nlink(&(0x7f0000000140)='./file1/file0\x00', &(0x7f0000000180)='trusted.overlay.nlink\x00', &(0x7f00000001c0)={'L-'}, 0x28, 0x1) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x1ffc, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @reserved}) r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video1\x00', 0x2, 0x0) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0\x00') fsetxattr$security_smack_entry(r1, &(0x7f00000002c0)='security.SMACK64MMAP\x00', &(0x7f0000000440)='L-', 0x2, 0x2) rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') [ 282.289877][ T9534] FAULT_INJECTION: forcing a failure. [ 282.289877][ T9534] name fail_page_alloc, interval 1, probability 0, space 0, times 0 13:23:24 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0, 0x5000}], 0x1, 0x0) close(r0) 13:23:24 executing program 3: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x200000, 0x0) ioctl$PPPIOCSMRU1(r0, 0x40047452, &(0x7f0000000180)=0x9) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) r3 = getuid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0xc) setsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000000c0)={r2, r3, r4}, 0xc) clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) [ 282.338638][ T9534] CPU: 1 PID: 9534 Comm: syz-executor0 Not tainted 5.0.0-rc2-next-20190116 #13 [ 282.347586][ T9534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.357635][ T9534] Call Trace: [ 282.360934][ T9534] dump_stack+0x1db/0x2d0 [ 282.365299][ T9534] ? dump_stack_print_info.cold+0x20/0x20 [ 282.371033][ T9534] should_fail.cold+0xa/0x14 [ 282.375640][ T9534] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 282.381456][ T9534] ? arch_local_save_flags+0x50/0x50 [ 282.386745][ T9534] ? lock_release+0xc40/0xc40 [ 282.391422][ T9534] should_fail_alloc_page+0x50/0x60 [ 282.396612][ T9534] __alloc_pages_nodemask+0x323/0xdc0 [ 282.402001][ T9534] ? __alloc_pages_slowpath+0x2c60/0x2c60 [ 282.407903][ T9534] ? rcu_pm_notify+0xd0/0xd0 [ 282.412507][ T9534] ? rcu_read_lock_sched_held+0x110/0x130 [ 282.418250][ T9534] ? kmem_cache_alloc_node+0x347/0x710 [ 282.423716][ T9534] ? print_usage_bug+0xd0/0xd0 [ 282.428528][ T9534] copy_process+0x847/0x8740 [ 282.433138][ T9534] ? print_usage_bug+0xd0/0xd0 [ 282.437904][ T9534] ? __lock_acquire+0x572/0x4a10 [ 282.442821][ T9534] ? process_measurement+0x268/0x1be0 [ 282.448179][ T9534] ? print_usage_bug+0xd0/0xd0 [ 282.452929][ T9534] ? __lock_acquire+0x572/0x4a10 [ 282.457843][ T9534] ? __lock_acquire+0x572/0x4a10 [ 282.462792][ T9534] ? __cleanup_sighand+0x70/0x70 [ 282.467733][ T9534] ? mark_held_locks+0x100/0x100 [ 282.472674][ T9534] ? __lock_acquire+0x572/0x4a10 [ 282.477598][ T9534] ? mark_held_locks+0x100/0x100 [ 282.482520][ T9534] ? __might_fault+0x12b/0x1e0 [ 282.487301][ T9534] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.493537][ T9534] ? _parse_integer+0x139/0x190 [ 282.498392][ T9534] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 282.504624][ T9534] ? _kstrtoull+0x17d/0x250 [ 282.509131][ T9534] ? add_lock_to_list.isra.0+0x450/0x450 [ 282.514764][ T9534] ? lock_downgrade+0xbe0/0xbe0 [ 282.519607][ T9534] ? add_lock_to_list.isra.0+0x450/0x450 [ 282.525231][ T9534] ? __check_object_size+0xa3/0x790 [ 282.530436][ T9534] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.536654][ T9534] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.542894][ T9534] ? check_preemption_disabled+0x48/0x290 [ 282.548630][ T9534] ? get_pid_task+0xd4/0x190 [ 282.553211][ T9534] ? find_held_lock+0x35/0x120 [ 282.557969][ T9534] ? get_pid_task+0xd4/0x190 [ 282.562558][ T9534] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 282.568796][ T9534] ? add_lock_to_list.isra.0+0x450/0x450 [ 282.574435][ T9534] ? kasan_check_read+0x11/0x20 [ 282.579286][ T9534] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 282.585257][ T9534] ? rcu_read_unlock_special+0x380/0x380 [ 282.590938][ T9534] ? __f_unlock_pos+0x19/0x20 [ 282.595612][ T9534] ? find_held_lock+0x35/0x120 [ 282.600357][ T9534] ? __f_unlock_pos+0x19/0x20 [ 282.605054][ T9534] ? proc_fail_nth_write+0xa0/0x220 [ 282.610244][ T9534] ? lock_downgrade+0xbe0/0xbe0 [ 282.615082][ T9534] ? vfs_write+0x2f0/0x580 [ 282.619488][ T9534] ? kasan_check_write+0x14/0x20 [ 282.624416][ T9534] ? __mutex_unlock_slowpath+0x195/0x870 [ 282.630048][ T9534] _do_fork+0x1a9/0x1170 [ 282.634297][ T9534] ? fork_idle+0x1d0/0x1d0 [ 282.638713][ T9534] ? __sb_end_write+0xd9/0x110 [ 282.643458][ T9534] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 282.649676][ T9534] ? fput+0x128/0x1a0 [ 282.653639][ T9534] ? do_syscall_64+0x8c/0x800 [ 282.658309][ T9534] ? do_syscall_64+0x8c/0x800 [ 282.662968][ T9534] ? lockdep_hardirqs_on+0x415/0x5d0 [ 282.668245][ T9534] ? trace_hardirqs_on+0xbd/0x310 [ 282.673288][ T9534] ? __ia32_sys_read+0xb0/0xb0 [ 282.678050][ T9534] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 282.684104][ T9534] ? trace_hardirqs_off_caller+0x300/0x300 [ 282.689901][ T9534] __x64_sys_clone+0xbf/0x150 [ 282.694575][ T9534] do_syscall_64+0x1a3/0x800 [ 282.699157][ T9534] ? syscall_return_slowpath+0x5f0/0x5f0 [ 282.704797][ T9534] ? prepare_exit_to_usermode+0x232/0x3b0 [ 282.710510][ T9534] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 282.716046][ T9534] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 282.721917][ T9534] RIP: 0033:0x457ec9 [ 282.725798][ T9534] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 282.745396][ T9534] RSP: 002b:00007ff25af18c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 282.753803][ T9534] RAX: ffffffffffffffda RBX: 00007ff25af18c90 RCX: 0000000000457ec9 [ 282.761773][ T9534] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000001006210f [ 282.769746][ T9534] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 282.777720][ T9534] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff25af196d4 [ 282.785678][ T9534] R13: 00000000004be2a0 R14: 00000000004ce760 R15: 0000000000000004 13:23:25 executing program 5: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x7, 0x4, &(0x7f00000001c0)=[{&(0x7f00000003c0)="d82b5738da6a8d8bc8646b8edbb8274d43db37b6895dae351236c31df9761fa8a1ff82cb8f0f5ecc659f9478c960b4309cea207f8e9536e605f97c5b4184694a834efa1a23b2566c1130965b1801bec5f00ef3a650811b6a9396d6c9df94ab568a4746e1f5f4c14516ebad87025dc49880eb33fe2c541679655aa66aafccc64d9589ca905b53a8e140aa27b66702c86c570ffdc28f63aabf8712e4e7c50cf7bef59fdb93d435373fff0319b35c5d1a731f8e1eac920fd7f2cf7a52f3a91dcb270f2feb9424c03a31b32ef6dcaadba1ced3dcf21804ff7d445ecd53b29a846d081d7eed583e92b17c107c042eca35c01931", 0xf1, 0x9}, {&(0x7f0000000500)="f02268e061a7d2a1528c5c36918d9e37a9d40dd8f18d8cff46427bf796f02f12970f70033c58aaebc6ba371d8995375f2051192f34263b4514bd749b698156c1888534f8e1d1e297a03e22ba8759adf328c02b1689f42a72bc9f4539b001963e82c0906d52ffd8a9d1be01ca73d3ab2591d6f7a0aba994e0922a0b3400721b745b824545a9ecdaccdf92ac19798ef570325a773de608986d2854467af2bdfbace90bf6ff0dda56bb0042e78a40bb2b084c529959176390fef94c5e8ecf1cc2f7533db863cb70e308cd5bd006b84cbddb65e5434a3d10b55fc0f4b5af84a53ae81c23d334f5da1071251f84ad3b8e8edc2195be6c6751531e0b32178d62db872c53569781979195fc52951276f7b3c1fbb131fae45de33e82f596051eea7062ba33ce9649cd9639806f55867ba153276106fa7f53e27abbdd4e763f7a153effdd418869d117de985eaf05d5b1817f0ed3647d72cd0a8f5d1cb7d99f3aaed306cc441485e13898e6029d13d81fa33e8d5fa2ed4f6b25794d1b8408748a282109be5b55f3f017ca5235df15f69a445e3e8014f0fa0fa55d1c77b6ff123aafb075fb69aeb5b8c24f531cbc226e692c492a0ddc7f660f01cc9f46c9f4e9380c5c25bf9e221c78edc3ba1a46402d54829161d8e200c4bac08f0964f3015afd5acfc622350b50f217045d4be88b8510032c867b9344da3b36be47688023e11410e54e15ef067c84785f0f48bee6c5ebc2991a862f6d0af3dfb204b48b7041a585cfa691760424a402280a4eb2e12b29de24a116e929ab40256f650c5d616d8a7a1e97862f5aac19d85082d85b3cce7e0dc6bb0f5a46b73407d7f8cad4eb813e15e690fef5cc5ed475dc30afa9140f31c74d0bafa152ec776fc5982c44180b6f0fd351246e13f18bc4d06514d6bc26fe205f802a0f75842817521066f353b05f1c9a20c70548e9dce088f5bdb6d9ba9a945da39dbb95c43eadecc10fbc015c1f6bc287accd6decb80ed9767005cabe5c0cb882b79696c3c72281a34d4552752dc69d05bd5b28456ea79b5be8f79f1bd38b5040f87cad4937fbaf71869f2e0578cdffd86f868944e7158c7947aa68ae22cf3bed9a68895f94e8095e09941c74950885906dc4e8d0d564c3bad1105b77faf142aa0b77b94f61b4b787cb426890afce180dbd39bc5ea01b35e08b2ce10fa81908fbb91cedc7146a2b6e8e0b73c9315994f30e66f1c84ec59cd44a5fe66279f1d7e1412ff0b1bbb7b45f2646ae32faa12a073e7e379cba0da8460881ca94acc23734581fed66d4067faeb38a15363b3c1f3cc2b278469b06b0b0bf6cc90532df2a6d84447716f36b3ea4ad975613696d9a2ae7b24176fdd793ee5f239521005ef8212a991dd912325bf5fb797a55e67d1676de0d8987da9274b783633cedb98c051d1aad5638ebccc41212e80adacb83014ca9a632650b874ecc2ea80d9831c1f70cb5efec9845b4b5d3433b94a1ba7ff5fb8cbd84024d57a223a54ac271f6266a5e736d89a391646e27add36a58d2c9b765e017c8ac666512027056c77893dc5593a00213f7945f639d61ae0df61f8e671eeabf987140747a742d74d15e8cca731b237b70e5a701ca505fbba08ce748976857455494b3e3c202120771d7111f4240f0672978c12973b5a369ef540eca5abe63b2cc063e24895809ef59944402f82f970869ad4d73fe7a84abed071b196f296351a34c8bd09cee4dc1a787dbb6794acb399fb8e6c26fc032782e0431d3af1d8f3d8ba89de3976fccb79f787645fe40865391b29f2ca2dbabd6149b0954accc226297321873c182c9eba2a46e28269f083f6b7113f7495e882f042d03f448a4d922dca4a61f2a26d80ef9f0ad7201ac9123804b24cffaef69f7bff037942c28b99bb3f74b2cc0561e4dee3ee42309afe28d60ffa716d798a19f5c3f4692b4c51a2946fb0d21d8aa48c95c2fc55b7c0286731f2c5949d2840949e96667115be1df0b4c464a6bbb9c61bb339a7d2af3a3e01195b5496a6b8e447a9720a62a2c0079adc6ca93f60afee18579986e17c614da5179e1706a9317647db88aedd8f5069589d1b872e94849da6b0d66f9f2fab15953025e043f30c234fcf4a12805beb7c802d559c68f087742fc0cdbc66808073c7da45fae1d914afae2eddbb59682c0f3ff992db84fdd614774dc467a34c231119a788a9e57186e191fff0c1209520e5149b56848a7e5a8811d51048bfc15733df6fbefd6021525a05264e06ec4e9dfba1bab5bdd99867d52a5e5797c3db146d60fd39ec3103fd23f2827b9c1e66fb35614f36c86f6e20541af378e013e9f6ab406c18cafc3f51ce6dd6a17aeba5609c00b756c83fc6c78cecbbbe08cd270cf4f68afddaab892696fcb140664348fd4baa8bdfb1a5c6cdbe50cf32bfcfcbecc028da55b29f7946badef7b9826d636b0d373c2b955eadfc08c35dc455560f41882066f79b93c3aa8057af7f5af915a52f7ade8b542c74242c9a5d305c06b45af1ff17b96833945abe132511ba621276cba0883e38338769a3a537632deadc619c95cace7a1b6ca610d357cf75fea5d2682b4e7045b3a456530c0a6dac38b531d47f0029c2bb7681821b02182d83b19a5b0c99f99d26e72e1dc3fcbdb256d046f334ccd4a87807432546741eecd2909d4a96d42ec12859208bde2cd96e1e88577f2c1850764cf556b3546dd3b8249e2798c91ab68abd9eacd2ae0ce188ab067e72c40569a3b7eecd6708dbcf374b9fa2a6a0260fb096a0fb1b75d0af9296ee471611ba76511f2f50e7a414b39beb1c1d8f64988b37c02a1dd350a1e40f4a2d8bc24f29f1c03286ee80a759b4357b042d424cf4cbae474d89b633815751fa2343a648c623220ad5586bd61c67a30ec6bbf5de5bc0f8d8e3826305acabf336c3501bd34eaf44d174fda18f3dd630bd4b45ba39b141fd1e900a4cd1a9c75e95a9bb7798513eb448cfc79612462cfdf81421c201d4ac82b342faa152d8be8ebe143552254284eb763b86cc4ca1b8171a72df76fcc79859a65e2bca731adbb23905a1a6f22f8e0442af4ac28bceedf9f33f6d6c1a82acdaf4978d788864b683798bd20708780826ac1ff8a208ec03cdc748f2102d89c3433c1fc3f7b5506383026ffd03a3ea1240b483c4fdade16ccdf98223a8655882e5cf4f736beb2cf4c785d1b76deb7d63776721f88ba9f22cdfb4aab98c79a5e23196fa13db4c5552815c77f913dd4acf67377de4867783e7aaaaf76efe221877d8e8d893b93b08dc276eeb96e4c0340e60622fae616acf3f195691d097580ee40df2dd8dc0ff43832c4ffec37621214cd5c0c91051fc50f4b0644ad9264623b55b286cfc61f352a223b2531610e9bb4ce0270e010dc6649320a124dfd5ea638ac862dfef3bf3afcf92e38c1f7541bb41b3c64c6eff123280da680b6ddcf5626541a8990246dcf97b16af3513ec7c344558517629987aa0923a4503d6de90f2152f0dda2dbc9eb6ae6a9e1e3c26dd02224b4a8f450a6bc43d4613afaa83e7c2bb3a99e51fa32a775f8b4641015fc0b5decfdb15f2d7c9bed52965bd7a80789208111603f4a6889b7ac7d6332d8d91e349aa1054511ca70b8cae110f2ea949dcfb661822995a5727268e98e21d80b8a869970839c047cdfea4b7438c6afb8d5b6bde9a7ff2ff035ede7936e2641fc149cf1694e15e251ab378fe306d31106aeccf94234a8f53e353a2fed3b7f111ec7945b03080d8c27e5b05a0fa6e58e47caaa425c3b97116aa7267d9e40140a32489b86c3d60816e69d9e07cde3946492683a86043c0894098d99126741383062e2426be01703f248cf9e7733ac0f715c128c7089b4c277c71393f405e7a660c2125ed8b5a84966a6e46ddb8ed7d8538fe755bc8997649b8153786665bc556aca365c6fde9d4a79b72086152cab3bd1bd26d90c367688e8b4c70425ea547c472f870b8a4210ea60d829c694200d8535b07553685b9d44c166d1a9e9f0e1e12c2935c2daff9ed20374bc3e51010bc9a72d93b8e38d68b95ab64c2c63a990aea5678e0d2d2f0830bace1202e8313f07eedc5b38b6610a8bcaa8a7d44d57639810e5b3a53f70207d0f6d7dafe4df642b6233a64523e98d43a03cb4a82648c915329187b0b0645721adbd5d98bce6bb49898a21897ab39bb3180a1ed06207ba1bf677a63696929642285919d9a05615d49d929d38f5f1afdd222873f1d99d640e1e0d11e08ee169c49fde11459d0752e50407fabee506b39b09a1a3dd9c144fcf2d6e44039221508655beaa611ee71b9a24c1f18a77f96ec2b7484ed2f1087dea0295027b5e2398101092bdeba87527c1665751dafb67e5ecb44c430f707504d0f305d39908104feeeb7daaa60b23eb8a1fa954e96b79509904abe9b4f3b61120c5b38b7fb694ed9536f5a49ec3be8038b52e87101e8e6f52984386bf804c6417e00d11f5dabba71b563a6171b55e4a4d2caeb56906c299b62282e0e59873003c36ecba3fb5a68591c07f27001d5e0f79ce0748449a58648612e2aa452c2b0dfd469e2712f2c8c97e05c442aeb369dbcb22a443a078cb3a8b805d9348c6dbd627f26427f93cfefe3c0508d8cd018082f355e8b7533dca787b2f46058ee4dd1c5d174da28082bc0eca82a73fabab7fa8b46195a9ca08cf2ae48fe358bcc960204bfc07035c6b8efc600a87e7c6059e18ef471421730512e510d72426b2f08f1b888478b5298fa4b14c9399b91f9d474e5760db5b90239f74eb703ff6110bc77855555506c4c809c4ca502532ffe09ff1e3deeb8c97b62d1dd549fef9c988173bc7683d3a12532f79cf2bc10a1bdf8ed199c8566079517800688228e44a62973f767762709068a5949d2bdfc031e6a43ca86acaa59dcd1d60df480cab8aa9ad0db4e05c157574a2881f5424e592776b32fbd9a1d6dd74fd549326ac988f061702ebb1d549831099494af9fe0d78282a07385a99aa4ae2ca419f79b9b0fe16ca96b485dd9967b794eb26388ddec2759f27a5e738d61c341d6f27d4a077a2b2659b9e2b08cc405d9e11523da9bcf813de34bdde9a40f94e1a6c1f887e79c1636aac36fc58f5b0546fd784eee869c3ba4375208f7f379a2f4340baed36775533ec167bc6a5deedb17325caa91aa014f926629c1746e07dbd36cb7c139ff723075e8af479e167ebbb4e3d2d6807eaa23fb0d8a11eb917367a391c2d1b6ed07a90e45fc59f9bf0698aa166ebe62cceef6d4d215e20cb4cdc09b93f99481494b4e8f8c4025bf5495c32bbb397d5edab6f492ae6c3e3686c3304e3f52163dbe366dfdb831309ea97b0991b18aace871e4eee50642e9a673f5045aa506bccd9e3a5eb28673d2514d860f0675c021fa0bacd5d254364bcce2233c01b1afd09e2d20bed829c6d440f4bc9e5fd9c74eb164f2b0c8d31bd426fa8450c972a92afd0f283d4e905272105937cf74c577127614c7a42e55e021fb3ab337accea07cbf3774ea1d6a08d6d32ffb9573e0dc2612de122d4dba17811706fe6bcdb57b5ae02d6697519725fa31ba34b0cb997d603fa65fdc2204dd1099a546dfea05f14528ebadb325a395d1ad4e3a7da2c85afc6d48d6dc1df3cbfa0fb2c1308fe8cd62adc3dd9b7e5a376b4269014e5cd8390be7b137453dadca3ede88c00894f90fd95cfb7348684f24f001d7bc0637db220e26df6c3f5b0754c6a6a64e8299a849ad3b2d280e52dc7dc900bf7a8f6da477b4b8d0bca4a28d1d107cab2a67e5147a40fcb2a637b6ada24c1d14396d6483a6f22ef754977207e760f1b", 0x1000, 0x3f}, {&(0x7f0000001500)="55420e79e3938cf2b9de55e22490bc491aaedb2160c0cc4f764639ecd02bd85f6245d89ae4e0b91b63c866f22294aab5ecedc97c88c6444f33d7c665e263d9d094876f79cd80ddb0cd84ce2e945e6bfae948a9d650f9e414f16678d820547cbcc9686e574929fe4ba8dcd6254dfdbb52741ea77bc9dc516f12eb1be773e63d29c05ad85a02647ee8dd862ec936f1cbf136001982babc95a34d4bb14a972fb69e1bd3ddce5584", 0xa6, 0x1}, {&(0x7f00000015c0)="048071f6e55f2511081853f6f980aacd8fb3e787a8547515e85bd3ee898f866bc7a1a13fce068ce7a8dde7016135749090df41f4c30f2a2dc65126e46131e81c92ba3a748e612ebd8c2e054779cc699e4b06555425fa348761a6cb86dbdfe55f4a40d294a5a73c144ad2dc38632fc1affe7462344215194675992c40dda23b0b70e5a6bd88893d56b202eddb7ee263fc0567b5a36f8a36c097110e3530733b50f8b304dc21b82dbc3c2922bc64af61de6550eeced24ed1f8568d600c3ebde90081a0f7feaec67176fcd432c574c7ddf0417509f44abf34e8fbdb0ac650f8dd49a1c760fe9cfc506b72d465a5b9dee37738c8356650727826d5", 0xf9, 0x2}], 0x10488, &(0x7f00000016c0)={[{@numtail='nonumtail=0'}, {@fat=@flush='flush'}, {@fat=@check_normal='check=normal'}, {@shortname_win95='shortname=win95'}, {@utf8no='utf8=0'}, {@numtail='nonumtail=0'}, {@utf8no='utf8=0'}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@measure='measure'}]}) 13:23:25 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765726469723d2e3a666b6c65302c776f726b6469723d2e2f66696c65b1"]) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0x8000, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000240)={0xa, 0x3, 0x7de9, 0xff, 'syz0\x00', 0x400}) rename(&(0x7f00000001c0)='./file0/file0/file0\x00', &(0x7f0000000200)='./file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') setsockopt(r0, 0x8000, 0x20, &(0x7f0000000380)="6d4997e00d2dc32336b75794594371e1ea1d8981697243d202a9895008c36dbeefd89edb4bd343289fa9e44b4e44108cd53b6af22b46ca7ae59f664094795d52b058cdeb52050d5732a867d678d7827bdfe60f5bbd2026d38c51e7c369822fe68ee7b764cffbdd1005ae403528f576e4a7e1b6e3d8456c99e208e67b92c1863793ec43835645aaaf0dcdf290b0905fe678a44a9d5884e2a5f07c9969e5edb598bf51b2fb9b5f9335ed17607197f32a4407a80b6630245f16", 0xb8) rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:25 executing program 0 (fault-call:3 fault-nth:3): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") unshare(0x8020000) clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) [ 282.900597][ T9543] overlayfs: unrecognized mount option "uppe"B)h=." or missing value [ 282.939394][ T9549] overlayfs: unrecognized mount option "uppe"B)h=." or missing value 13:23:25 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0, 0x100000}], 0x1, 0x0) close(r0) [ 282.981590][ T9552] overlayfs: failed to resolve './file': -2 13:23:25 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x400, 0x0, 0x0, 0x0, 0x0) [ 283.045332][ T9559] overlayfs: failed to resolve './file': -2 [ 283.046459][ T9554] FAULT_INJECTION: forcing a failure. [ 283.046459][ T9554] name failslab, interval 1, probability 0, space 0, times 0 [ 283.058684][ T9554] CPU: 0 PID: 9554 Comm: syz-executor0 Not tainted 5.0.0-rc2-next-20190116 #13 [ 283.073995][ T9554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.074001][ T9554] Call Trace: [ 283.074028][ T9554] dump_stack+0x1db/0x2d0 [ 283.074053][ T9554] ? dump_stack_print_info.cold+0x20/0x20 [ 283.074076][ T9554] ? prepare_creds+0xa4/0x510 [ 283.102066][ T9554] ? copy_creds+0x7b/0x6c0 [ 283.106512][ T9554] ? copy_process+0x114d/0x8740 [ 283.111475][ T9554] ? _do_fork+0x1a9/0x1170 [ 283.115904][ T9554] ? __x64_sys_clone+0xbf/0x150 [ 283.115924][ T9554] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 283.115948][ T9554] should_fail.cold+0xa/0x14 [ 283.116001][ T9554] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 283.116038][ T9554] ? ___might_sleep+0x1e7/0x310 [ 283.137318][ T9554] ? arch_local_save_flags+0x50/0x50 [ 283.137338][ T9554] ? check_preemption_disabled+0x48/0x290 [ 283.137363][ T9554] __should_failslab+0x121/0x190 [ 283.137385][ T9554] should_failslab+0x9/0x14 [ 283.147506][ T9554] __kmalloc+0x2dc/0x740 [ 283.147523][ T9554] ? refcount_dec_and_mutex_lock+0x90/0x90 [ 283.147566][ T9554] ? prepare_creds+0xa4/0x510 [ 283.159100][ T9563] overlayfs: unrecognized mount option "loweile0" or missing value [ 283.162706][ T9554] ? prepare_creds+0xa4/0x510 [ 283.162791][ T9554] ? security_prepare_creds+0x123/0x190 [ 283.162812][ T9554] security_prepare_creds+0x123/0x190 [ 283.189163][ T9563] overlayfs: unrecognized mount option "loweile0" or missing value [ 283.190030][ T9554] prepare_creds+0x3c4/0x510 [ 283.190047][ T9554] ? abort_creds+0x2c0/0x2c0 [ 283.190063][ T9554] ? copy_process+0xb3c/0x8740 [ 283.190079][ T9554] ? trace_hardirqs_off_caller+0x300/0x300 [ 283.190100][ T9554] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 283.234857][ T9554] ? check_preemption_disabled+0x48/0x290 [ 283.234881][ T9554] copy_creds+0x7b/0x6c0 [ 283.234903][ T9554] copy_process+0x114d/0x8740 [ 283.234919][ T9554] ? print_usage_bug+0xd0/0xd0 [ 283.234933][ T9554] ? __lock_acquire+0x572/0x4a10 [ 283.234957][ T9554] ? process_measurement+0x268/0x1be0 [ 283.244893][ T9554] ? print_usage_bug+0xd0/0xd0 [ 283.244914][ T9554] ? __lock_acquire+0x572/0x4a10 [ 283.244929][ T9554] ? __lock_acquire+0x572/0x4a10 [ 283.244961][ T9554] ? __cleanup_sighand+0x70/0x70 [ 283.244980][ T9554] ? mark_held_locks+0x100/0x100 [ 283.274376][ T9554] ? __lock_acquire+0x572/0x4a10 [ 283.274407][ T9554] ? mark_held_locks+0x100/0x100 [ 283.274428][ T9554] ? __might_fault+0x12b/0x1e0 [ 283.274443][ T9554] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.274457][ T9554] ? _parse_integer+0x139/0x190 [ 283.274476][ T9554] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 283.289252][ T9554] ? _kstrtoull+0x17d/0x250 [ 283.289271][ T9554] ? add_lock_to_list.isra.0+0x450/0x450 [ 283.289292][ T9554] ? lock_downgrade+0xbe0/0xbe0 [ 283.289327][ T9554] ? add_lock_to_list.isra.0+0x450/0x450 [ 283.312676][ T9572] overlayfs: unrecognized mount option "lowerdir̲|" or missing value [ 283.315042][ T9554] ? __check_object_size+0xa3/0x790 [ 283.315057][ T9554] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.315072][ T9554] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.315091][ T9554] ? check_preemption_disabled+0x48/0x290 [ 283.315108][ T9554] ? get_pid_task+0xd4/0x190 [ 283.315122][ T9554] ? find_held_lock+0x35/0x120 [ 283.315144][ T9554] ? get_pid_task+0xd4/0x190 [ 283.336048][ T9574] overlayfs: unrecognized mount option "lowerdir̲|" or missing value [ 283.336349][ T9554] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.402591][ T9554] ? add_lock_to_list.isra.0+0x450/0x450 [ 283.408253][ T9554] ? kasan_check_read+0x11/0x20 [ 283.413128][ T9554] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 283.419127][ T9554] ? rcu_read_unlock_special+0x380/0x380 [ 283.424776][ T9554] ? __f_unlock_pos+0x19/0x20 [ 283.429458][ T9554] ? find_held_lock+0x35/0x120 [ 283.434227][ T9554] ? __f_unlock_pos+0x19/0x20 [ 283.438920][ T9554] ? proc_fail_nth_write+0xa0/0x220 13:23:25 executing program 4: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000500)={{{@in6=@ipv4={[], [], @broadcast}, @in=@multicast2}}, {{@in6=@remote}, 0x0, @in=@empty}}, &(0x7f0000000240)=0xe8) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) statfs(&(0x7f0000000040)='./file0/file1/file0\x00', &(0x7f0000000600)=""/205) ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000480)={0xf11, 0xffff}) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765696c65302c776f726b6469723d2e2f66696c6531765c70eaa21b55f423315d8cd102a08c9dd98607ff17036af0ed83a838d4e3554c147e861d376dc974638fffbf269fb77d91fe83734f760c9ddbf749cb70af48872a1152210dca13848e8a091d9bbfd14518ab9b8c1acf44abac"]) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') ioctl$UI_SET_FFBIT(0xffffffffffffffff, 0x4004556b, 0x70) rename(&(0x7f0000000200)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') prctl$PR_GET_FP_MODE(0x2e) 13:23:25 executing program 1: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') syz_mount_image$bfs(&(0x7f0000000180)='bfs\x00', &(0x7f00000001c0)='./file0/file1/file0\x00', 0x5b53902d, 0x4, &(0x7f0000000440)=[{&(0x7f0000000200)="6d7dacb8ce3a1a0de94f42868041c91220101b76ff7b7ccd5275dd", 0x1b, 0x5}, {&(0x7f0000000240)="4678d911", 0x4, 0x7}, {&(0x7f0000000380)="4df21b78bf6e8f760d4616cd0011dd2fc574e21a763cf46edf75c0e4980513bfa13f49d225efb7cda7d4e42fac3bc27aab0a854e248f29b00f8c706fa37aee2cff0f06a0650fe1df0d175e59bab560cd8c0b9e0d2de0f10ec29e90b6c20a06c0dbe1a3", 0x63, 0xffff}, {&(0x7f0000000400)="020cb48d366a23aeebca3faf50a95480819a857a", 0x14, 0x10001}], 0x800000, 0x0) rename(&(0x7f0000000040)='./file0/file0/file0\x00', &(0x7f0000000140)='./file0/file1/file0\x00') 13:23:25 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f776572646972e7e4ccb27c82abb72c776f726b6469723d2e2f66696c6531"]) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:25 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000880)='/proc/capi/capi20\x00', 0x41, 0x0) ioctl$SG_GET_TIMEOUT(r0, 0x2202, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f0000000140)='./file0/file0\x00', 0x40, 0x7, &(0x7f0000000780)=[{&(0x7f0000000180)="9a03b56b7afbdf3e418e4dc70e9c63523fe64e0ac6d792ce324da73abc732678f784615dbe9dca3af4b78dd7fc0748ebfef3f8c40fdb164c1f0700be4d31e3152ac1b094ea6d44f10af988753030220a64fcec97e3a6449d67dd9f", 0x5b, 0x5}, {&(0x7f0000000380)="3b7e462d9ae023c51dcdcf74c2114f75c1d96f75c1063ff0136dbad28563675c16b400d7bd9f74833e8a4df778ec7d1aaa145b3385bcbf96327fecc7a6ce776d66d2b41cfd58253d4a7e988dad22e782bbd026f696e6213e344f0f4a1b14400ada003314647124e00c691e57c7835497b5290ce6a345ebc8851450670cbf7de614", 0x81, 0x7f}, {&(0x7f0000000200)="4d6685fdeb36189219dfec4e5cdb428ef78e55cd62c2", 0x16, 0x8}, {&(0x7f0000000500)="b151ebc60e868577f0f8d99dd787b140e11beaa195a4636a43513ff8497fcba215a2f44e3afa44b0654ed5c04e9c8a61946f0a68fa8dbc3a75ff96a00624e1bdce5088e85e830522f5d434227477618dc9cbce8edcccaf2434409743806b49af4f33ce931431855e6bae933185d6b9aeca5f05679dfa4eb0e9a1b3275e77ad5a64e807c6380595c7f78b4ade0a75e20f5897a78092f5f63e0e86349052b11a1f89d571af24bd711235", 0xa9, 0x8}, {&(0x7f0000000440)="115df4ac64d8baa9eab27298f1c849edffcb1c97204a2fb515d48e979ff57b1e714b4e1e8e0e2aa9b085350a1d5c5f274c5a30132421bd06c04126e5b47b7c51e7fcf3b9855c2b3f9d24f67d623b4b132a3f", 0x52, 0x5}, {&(0x7f00000005c0)="34e74ba73bfb2adebc90e9b0d7f6b122a266a5a0e388e1bdce7457f34ebd6695a718ffd5200fe2997c86d751d81237637465923d8498e60471be04dbdc64fa5c215578303e15a13138ee24cbba1e08d8614f3002b3b8f0db91da6bf12e0c96733f076ed64e9d965789ef42b98d2909bfc96d31fcc0cb713ca15b0db088f941a9aeb08e3dab96b55a223538aa4d3057788c75b822fc80dc98cdc8d8a39c5af32aa569da", 0xa3, 0x2}, {&(0x7f0000000680)="690ac3d4f34eb37a42a0c2fffd70df2c696f7527306bc322e85af7083a016c86ef1c83b18cccc9d466553e69ff5cfb9945967b8c4553c5e0698fd91cf559cc46f7baf2982a6d92f642e20ca1ba9b65948066a844adfa6d4bec14495d8947794e4c5d7f526393a467fcaf1960db3647dae8b0342b8e674caf4c49e5cf5066d21edb63b2cba47b53ae4237a6474eb3afc9ec5d4fc4494ff68d447e8ce1742892694d5aa83e260f606fb2d707e7c7f21dfefdab50310e00b1ff27b7b3f39a0bc6326f1055994fe8b33851eea1f0b3394cd82a3cfd3d8f579589bbce87215fe0470a559b6cc26e403f4fb7b31f686505e20b93bcaf6f262cadafea2f848a49a8", 0xfe}], 0x80, &(0x7f0000000240)={[{@dots='dots'}, {@dots='dots'}, {@dots='dots'}], [{@smackfsdef={'smackfsdef'}}]}) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x80000, &(0x7f00000002c0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYRESDEC, @ANYRESHEX, @ANYRES32]]) rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00') rename(&(0x7f0000000080)='./file0/file1/file0\x00', &(0x7f0000000340)='./file0/file0\x00') 13:23:26 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup3(r0, r0, 0x80000) ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f0000000000)={0x5, {0x1, 0xbf86, 0x317, 0x4, 0x5, 0x2}}) ioctl(r0, 0x1000008912, &(0x7f0000000140)="0adc1f023c123f3188a070") clone(0x1006210f, 0x0, 0x0, 0x0, 0x0) 13:23:26 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r1, &(0x7f0000b1d000)=[{0x0, 0x2000000}], 0x1, 0x0) close(r0) [ 283.444130][ T9554] ? lock_downgrade+0xbe0/0xbe0 [ 283.449011][ T9554] ? vfs_write+0x2f0/0x580 [ 283.453487][ T9554] ? kasan_check_write+0x14/0x20 [ 283.458433][ T9554] ? __mutex_unlock_slowpath+0x195/0x870 [ 283.464086][ T9554] _do_fork+0x1a9/0x1170 [ 283.468344][ T9554] ? fork_idle+0x1d0/0x1d0 [ 283.472819][ T9554] ? __sb_end_write+0xd9/0x110 [ 283.477590][ T9554] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 283.483828][ T9554] ? fput+0x128/0x1a0 [ 283.483846][ T9554] ? do_syscall_64+0x8c/0x800 [ 283.483862][ T9554] ? do_syscall_64+0x8c/0x800 [ 283.483877][ T9554] ? lockdep_hardirqs_on+0x415/0x5d0 [ 283.483894][ T9554] ? trace_hardirqs_on+0xbd/0x310 [ 283.483907][ T9554] ? __ia32_sys_read+0xb0/0xb0 [ 283.483931][ T9554] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 283.492566][ T9554] ? trace_hardirqs_off_caller+0x300/0x300 [ 283.492589][ T9554] __x64_sys_clone+0xbf/0x150 [ 283.492609][ T9554] do_syscall_64+0x1a3/0x800 [ 283.492630][ T9554] ? syscall_return_slowpath+0x5f0/0x5f0 [ 283.539101][ T9554] ? prepare_exit_to_usermode+0x232/0x3b0 [ 283.544821][ T9554] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 283.550353][ T9554] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 283.556231][ T9554] RIP: 0033:0x457ec9 [ 283.560118][ T9554] Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 283.579717][ T9554] RSP: 002b:00007ff25af18c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 283.588109][ T9554] RAX: ffffffffffffffda RBX: 00007ff25af18c90 RCX: 0000000000457ec9 [ 283.596076][ T9554] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000001006210f [ 283.604072][ T9554] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 [ 283.612049][ T9554] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff25af196d4 [ 283.620000][ T9554] R13: 00000000004be2a0 R14: 00000000004ce760 R15: 0000000000000004 [ 283.632021][ T9558] FAT-fs (loop5): Unrecognized mount option "defcontext=root" or missing value [ 283.674212][ C0] ------------[ cut here ]------------ [ 283.679958][ C0] AppArmor WARN cred_label: ((!blob)): [ 283.680233][ C0] WARNING: CPU: 0 PID: 9 at security/apparmor/include/cred.h:30 apparmor_cred_free+0x12f/0x1a0 [ 283.683589][ T9586] kobject: 'loop4' (000000000ffc0f14): kobject_uevent_env [ 283.685825][ C0] Kernel panic - not syncing: panic_on_warn set ... [ 283.685840][ C0] CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 5.0.0-rc2-next-20190116 #13 [ 283.685864][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.685869][ C0] Call Trace: [ 283.685888][ C0] dump_stack+0x1db/0x2d0 [ 283.685907][ C0] ? dump_stack_print_info.cold+0x20/0x20 [ 283.685928][ C0] ? apparmor_cred_free+0xc0/0x1a0 [ 283.685944][ C0] panic+0x2cb/0x65c [ 283.685959][ C0] ? add_taint.cold+0x16/0x16 [ 283.685976][ C0] ? apparmor_cred_free+0x12f/0x1a0 [ 283.685990][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.686003][ C0] ? __probe_kernel_read+0x1f4/0x250 [ 283.686019][ C0] ? __warn.cold+0x5/0x48 [ 283.686033][ C0] ? __warn+0xe8/0x1d0 [ 283.686060][ C0] ? apparmor_cred_free+0x12f/0x1a0 [ 283.707635][ T9586] kobject: 'loop4' (000000000ffc0f14): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 283.710174][ C0] __warn.cold+0x20/0x48 [ 283.710189][ C0] ? apparmor_cred_free+0x12f/0x1a0 [ 283.710204][ C0] report_bug+0x263/0x2b0 [ 283.710338][ C0] do_error_trap+0x11b/0x200 [ 283.710373][ C0] do_invalid_op+0x37/0x50 [ 283.819035][ C0] ? apparmor_cred_free+0x12f/0x1a0 [ 283.824229][ C0] invalid_op+0x14/0x20 [ 283.828380][ C0] RIP: 0010:apparmor_cred_free+0x12f/0x1a0 [ 283.834175][ C0] Code: 7c 88 48 c7 c7 40 d2 7c 88 e8 ed 08 f2 fd 0f 0b eb a9 e8 f4 df 28 fe 48 c7 c6 00 e2 7c 88 48 c7 c7 40 d2 7c 88 e8 d1 08 f2 fd <0f> 0b 48 b8 00 00 00 00 00 fc ff df 80 38 00 75 4a 4c 8b 2c 25 00 [ 283.853873][ C0] RSP: 0018:ffff8880a947f970 EFLAGS: 00010286 [ 283.859932][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 283.867907][ C0] RDX: 0000000000000100 RSI: ffffffff81688726 RDI: 0000000000000006 [ 283.875869][ C0] RBP: ffff8880a947f990 R08: ffff8880a9466240 R09: 0000000000000000 [ 283.883846][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88809f96d700 [ 283.891815][ C0] R13: ffff88809f96d700 R14: ffff88809f96d788 R15: dffffc0000000000 [ 283.899881][ C0] ? vprintk_func+0x86/0x189 [ 283.904484][ C0] security_cred_free+0x4b/0xf0 [ 283.909336][ C0] put_cred_rcu+0x21f/0x6e0 [ 283.913837][ C0] ? get_task_cred+0x5e0/0x5e0 [ 283.918595][ C0] ? lock_release+0xc40/0xc40 [ 283.923277][ C0] ? kmem_freepages.isra.0+0x436/0x660 [ 283.928746][ C0] rcu_core+0xc4a/0x1680 [ 283.932981][ C0] ? do_raw_spin_trylock+0x270/0x270 [ 283.938267][ C0] ? rcu_fwd_progress_check+0xd0/0xd0 [ 283.943639][ C0] ? _raw_spin_unlock_irq+0x5e/0x90 [ 283.948835][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.955068][ C0] ? check_preemption_disabled+0x48/0x290 [ 283.960781][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.967030][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 283.973266][ C0] ? check_preemption_disabled+0x48/0x290 [ 283.978992][ C0] ? rcu_lockdep_current_cpu_online+0x1aa/0x220 [ 283.985226][ C0] ? rcu_pm_notify+0xd0/0xd0 [ 283.989819][ C0] __do_softirq+0x30b/0xb11 [ 283.994319][ C0] ? retint_kernel+0x2d/0x2d [ 283.998909][ C0] ? __irqentry_text_end+0x1f96d2/0x1f96d2 [ 284.004728][ C0] ? smpboot_thread_fn+0x6ab/0xa10 [ 284.009844][ C0] ? trace_hardirqs_on_caller+0x310/0x310 [ 284.015565][ C0] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 284.021799][ C0] ? check_preemption_disabled+0x48/0x290 [ 284.027515][ C0] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 284.033771][ C0] ? takeover_tasklets+0xa70/0xa70 [ 284.038891][ C0] run_ksoftirqd+0x8e/0x110 [ 284.043387][ C0] smpboot_thread_fn+0x6ab/0xa10 [ 284.048336][ C0] ? sort_range+0x30/0x30 [ 284.052655][ C0] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 284.058891][ C0] ? __kthread_parkme+0xfb/0x1b0 [ 284.063827][ C0] kthread+0x357/0x430 [ 284.067886][ C0] ? sort_range+0x30/0x30 [ 284.072209][ C0] ? kthread_stop+0x920/0x920 [ 284.076885][ C0] ret_from_fork+0x3a/0x50 [ 284.082579][ C0] Kernel Offset: disabled [ 284.086967][ C0] Rebooting in 86400 seconds..