00000440)={r2, r3+30000000}) creat(&(0x7f0000000380)='./bus\x00', 0x0) r4 = open(&(0x7f00000003c0)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r4, 0x0) truncate(&(0x7f0000000080)='./bus\x00', 0x8b3e) readv(r4, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0x1000}], 0x3b6) mbind(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) [ 196.438877] audit: type=1804 audit(1573248711.702:105): pid=9396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir168815105/syzkaller.KPpoFW/19/file0/file0/bus" dev="ramfs" ino=36756 res=1 21:31:51 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0xe, &(0x7f0000000040)=ANY=[@ANYBLOB="b702000003000000bfa300000000000007a4f0ff0000002000000000000000ff2d64050000000000650404000100004004000028ebd2d7e585bfdd00000400006a32affb3972b8b1d80eb9bb51a8b6bf0a00fe00000000850000001a000000b7000000000008009500f10104000000487591731cba12c07d57d9527a1e89a4530f92304f242b416ad5eeefc0e9c60ebab10000bf9fb4dde984510c82dc2b9381b731100d0682fd0a0c4906b29e22fe2d1dee18f6d43cc62f120b44fad138a640"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x687}, 0x48) [ 196.555902] audit: type=1400 audit(1573248711.742:106): avc: denied { map } for pid=9368 comm="syz-executor.2" path="/root/syzkaller-testdir168815105/syzkaller.KPpoFW/19/file0/file0/bus" dev="ramfs" ino=36756 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:ramfs_t:s0 tclass=file permissive=1 [ 196.691142] audit: type=1804 audit(1573248711.892:107): pid=9436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir168815105/syzkaller.KPpoFW/20/file0/bus" dev="ramfs" ino=37567 res=1 [ 196.720120] protocol 88fb is buggy, dev hsr_slave_0 [ 196.725206] protocol 88fb is buggy, dev hsr_slave_1 [ 196.725273] protocol 88fb is buggy, dev hsr_slave_0 [ 196.735399] protocol 88fb is buggy, dev hsr_slave_1 21:31:52 executing program 4: r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000200)='/dev/loop#\x00', 0x0, 0x4182) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup3(r3, r2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) memfd_create(&(0x7f0000000240)='.^\x00', 0x0) sendfile(r0, r0, 0x0, 0x6) sendfile(r1, r1, 0x0, 0x24000058) 21:31:52 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socket$caif_seqpacket(0x25, 0x5, 0x3) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xfffffffffffffc1b) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="66b8008000000f23c00f21f8663501000a000f23f82e360f2205f20f1a0d0f0134ba4000ed0f78c7d15200a800ba610066b89ebf000066ef0fc7b30000", 0xffffffffffffff8b}], 0x1eb, 0x12, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfefd, 0x40, 0x0, 0xfffffffffffffdd4) write$P9_RLERROR(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="120100000708a4a37afb99181dc944125124b2e18f5c126eb3ce076c60bdd9aaec91a4069991c31205d077b27828010e76a5cda35e93b8d2ac2fb97b6056ac14e8f566d06578f01701605e854c189da5346ffb8df64e1f87a2e64b76465df2e7ccef45cd942d2c070fd063c3f9562aae059f8ec9f0a316d4e119f85cdaddffe00d170c1448f5bbaa45a8c0d099dc788ea20bfaeb40426364eeef0e6e504d3f62fbcecb4d284fee"], 0x5) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:31:52 executing program 4: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480), 0x5}, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0) getrandom(0x0, 0x0, 0x3) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r3, 0x660c) listxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)=""/84, 0x54) sendto$inet(r2, 0x0, 0x0, 0x200007fa, &(0x7f0000000140)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) ioctl$TCXONC(r0, 0x540a, 0x4) fanotify_mark(r1, 0x48, 0x31, r1, &(0x7f0000000040)='./file0\x00') r4 = semget$private(0x0, 0x0, 0x0) semctl$GETPID(r4, 0x1, 0xb, 0x0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000200)='sit0\x00', 0x10) r5 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x105084) r6 = socket$caif_seqpacket(0x25, 0x5, 0x4) accept4(r6, &(0x7f00000003c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000440)=0x80, 0x180c00) r7 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00'/15, 0x0) pwritev(r7, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a3", 0x1}], 0x1, 0x81003) ioctl$LOOP_CHANGE_FD(r5, 0x4c00, r7) syz_open_dev$sndpcmp(&(0x7f0000000380)='/dev/snd/pcmC#D#p\x00', 0x6, 0x0) sendfile(r2, r5, 0x0, 0x102000002) ioctl$KVM_GET_CLOCK(r1, 0x8030ae7c, &(0x7f0000000000)) r8 = dup(0xffffffffffffffff) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r8, 0x29, 0xd3, &(0x7f0000000240)={{0xa, 0x4e24, 0xc22b, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x3}, {0xa, 0x4e21, 0x7, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x6}, 0x1, [0x80000000, 0x96, 0x7, 0x80000000, 0x9, 0x200, 0x5, 0x52f]}, 0x5c) 21:31:52 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0xc8102, 0x0) fsetxattr$trusted_overlay_nlink(r1, &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f0000000100)={'L+', 0xaa}, 0x28, 0x3) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:31:52 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r1, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r1, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\n\x00!!\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_emit_ethernet(0x0, &(0x7f0000000100)=ANY=[], 0x0) 21:31:52 executing program 1: accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x6, 0x4) recvmmsg(r1, &(0x7f0000002c40)=[{{&(0x7f0000002480)=@hci, 0x80, &(0x7f0000001340)=[{&(0x7f0000002500)=""/209, 0xd1}, {&(0x7f0000002600)=""/66, 0x42}], 0x2, &(0x7f0000002680), 0xffffff23}, 0x5}, {{0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f00000026c0)=""/205, 0xcd}, {&(0x7f00000027c0)=""/200, 0xc8}, {&(0x7f00000028c0)=""/215, 0xd7}, {&(0x7f00000029c0)=""/21, 0x15}, {&(0x7f0000002a00)=""/107, 0x3a}, {&(0x7f0000002a80)=""/166, 0xa6}, {&(0x7f0000002b40)=""/16, 0x10}, {&(0x7f0000002b80)=""/53, 0x35}], 0x8}, 0x98}], 0x2, 0x0, 0x0) r2 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x400000) ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000240)=0x80000001) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x8000000000) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x2000000000000, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x20, 0x0, 0xfffffffffffffffc, 0x19719, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f00000001c0), 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x1000000000010, 0xffffffffffffffff, 0x2) mkdir(&(0x7f0000001380)='./file0\x00', 0x1) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = socket$inet(0x2, 0x2000080001, 0x84) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) r6 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f0000000100)=0x2000000000000074, 0x4) r7 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x2) write$vnet(r7, 0x0, 0x0) ioctl$int_in(r7, 0x800000c004500a, &(0x7f0000000040)=0x10000000006) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000001300)='/dev/ubi_ctrl\x00', 0x400080, 0x0) write$vnet(0xffffffffffffffff, 0x0, 0x0) ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000040)=0x10000000006) r8 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm-control\x00', 0x200000, 0x0) write$UHID_INPUT(r8, &(0x7f00000002c0)={0x8, "b13e1c20d1764d052a4289a71186ca1abfa7f39eb694f4602948f6585c2842ac42cb2f94b098e98f28cd6128dab4a71d544e96e01e3a9a3548ee5f554c06d963346edb9d133e86fdd31c21e9aaffeb52f7cd63297b1fd0db1845e12bda3ce00f0cca0e6ac9c42a61e687c24c0553b408359c86c7bfd7a30944ac327f982b011258e85ee00f050c38e73199d07b72b225a96ab0fb5a9ea944a233e46cd4c25aaa0fe04bd9b3203f61a06c8f094563ffa0078e50248ce1acebc03c75069eb1cb20ebbe30ec063f9ebc45290dc4f8b56ebb08d32e4df04785fd385029f766a0b96db6a1b6615de63393fe97082c076a7170d2b1c06ce0627d6acae850c2b95f38b079a352f27bf6f5460078b8e597c1d3bdb5cf9e73f42eec5aea224ab44b94e18e812864faeaf770ba7471f99b07d41d573d1d4c3833fb4410ea36d710bfa66ccdb14a1927a678f873b023e82c341a43704adb37242a67b2a46d02ab7aee23cf3030a2f3dd58eece667b6e9393ee8d36649e37e83b1c73c0ef65b4df6173c1c25324fbb9afa1361dc4275f152deb03d7138a688eb9dc66e7845ce1be5647bf740b0e1dd038120ef1e3e1cf420cf8b723bef771376e433935e4f9096a10c4a969aceaac4791c41f365b274dab49bddf51b22a24c05ceaedcbf45febc927e98f410d38247d7679cee7b0d3041eaebd7821924ad31e7c5137bf87ce1ec537a981779f0a4c57bbbb5c641cfd02e1e3904f48b0be96fc9851b6bc8c4260168eea9d9d111e2777f78a9021d5eb0166e39410bf279656770263ca2fb7ac0e30d5e168f8cf4bc5665d057da939b770568e41d0fcec5d6aac0bf4ae66fb099b786cdce7f6a9bc00b83d8ed72440a9724d4ef8af71c7efbc31397930cdcb99d30502ecbcc7ddb9161ade16a1badbd7ea3c6c65b387b46234c4660c816506a2f76264bba07ecb685532116bd971464b58e3ea0a29c2fa1d49d9c6308806db01326e9a1b6bbb556f6479b29f48718e211d75f08d0fb477ad8dae5aeaad7e176b2c5ae331ef78212e9dd7e506549dc74ffd940dc91d74aee2fa7f28855919c163f443804e2a072ad8add2be84df87e414afcab0f8e6f67d3ebb1778a6798d50233da09d29b95c0da97304b7a025e50a7c89e614c63bc69477bfe0e5ae2c468332d134f9e22b19eb2f01c8e8d5148b9b980f8b9aa0cab9ba89aafe16d6a8cf9cb5ae659d8fba88e2841f3d6ac0c44dd9f03787d357fe31a4f551e247bfb73b1f2aa1e208c36aa90dcfc4da8877967c05fe951716ec2293d79c6083e79061bbe18150e2af1d889bb4e87c7735b0e7b88a3109a906d1bd4bf9b98c2462420ecc4e9f3a274a6678bc56e9aa7f3d64677141f874f35d00d04a1dc83126ccd69a0221305a3a5418ec24e163b165c1e4533c38f3d213de4012aece68ed11e2f42325d6da5eef78ee985f81a7991e3d1ff69188059c292779579418ef81177fa94b43cdd0fbf92d31f0fb592a864ddc98ddd5b49ece865e7c7a6c873169d0eea46c1a44f645b1cfa40849ffb9f5355ab396dc1a875180f17103be63be4e7d1920949c59ba5d47341c176ac307e165b9733ac5cd9e9691f5ecd76b467881b78f217d50903a06c57270f4104fd26d496dd7e08c27209185761882923f6447c73d53a74e28132e6bf97ee4f2df9d03be88653a9a7251d8df247f1a75f91f95886ce317e3c125aa7686eec86708fa72c9b33a664e76c0ed891ff9d840ac121ae3f96d32330a14fd76df19c7ae0434e2103d6e9175da0b6cc7a007a0a18615271771434959de305636cf7fbfdd16239bff7dbc656a702ebd48f9a2b1937cca80604ec525d292bb7337459235ad047c6933b6c81bd966ea60ec863de568a9e6d8e0378916f441e0f8b2b74df49b9b24094fd643413469428a537aed19b72bf9381ebab4cd57400ecad1cf1b792e9610910d02f9a779b009840e3f1a1395a87f1e590c33018be80a3f34bbaf49e415ba7d3858b40788cd19211b8cad3789870fb252f8991d64bff9558a67a2316ec2402c2f9c52de42e6389fc90bc4379f7b899b1a943035d64f20b7766edf08fdfa185d00493031f0d3f9ad7dce841f725c5adcba896a76857918a2f54c8aa2e50f71eda35b8fea3732a02c146201ad9f4b65b7caa09e2a73f72aee1ce428a35489038d5cc859fbd48be8da5d088ccab897a248fe418b89b409ab5507af725f077d264abec5b53667ca06aed03815dd537535a3360a50ca3d09c025b5057362c7cb5a4b99c58ac64fe813f4d7f2cafbc3048835ec43fa68170ec7310342134c9b5ec417763db145555cdd37f24b27b0911d172710b74d3c754aac02b24030166cbf2eccfaf1e909b629b7919db1351cd0167e8b6bddc5ce4b7e13cbf0c095f636427d440d058e7637eb117947fc6a60942d10bd455030ee38fc447fd3e6232efba65def558dcff60274e6b2ad62464b4f767bcfec22c681c12bdabf1fedc3946f45c9a34a9169f79ea60a9d190dcf1ce14957382af602dd134b610b269247f38c3d4e233f2fda399dc4cf09139cff9e9c731f8bf940df3cbdf9355f604bd0f3d3b20a6cfc39a7d9ff74f734750187b30c1a970a432bf7e9417cc87d8dea00c4e1885845e1a59bc6a5487687c5bca514e9dcf372bcdc0fe4a47f3e4ac456b1a812e69f88b2a8a964d946cc102ba6f3a7c965df24653c6384d810cf157c8581d4b40e874aded8d227a25fab9889f02698bf52980f048408de4a96226949eba5d1b7f41fce61ae1ff9388e096646ddda4c222f7b9bffc1d3e5b645b6e248637698f6a5be1dc03ff7aa9f418153beeef9b9d67ac5b6fc888e5adf0db41a6d5cac2b600af3b428a1294f4fdb4cf64ccc254c1c7ef71b9be3afceb797fc9504bc3f3dde217687d47cd445c44bea2b16eacae76f16d868b77065b189bd7c4678f3a5fc99b4d020d42972d010b7a6b22de46b434f2d8ec4f567af2d531817ec81ffa36cc27d073a66d2152f1be2a8dce08e98a00f473f22e680cf0ebdcf37936cee60f99eec69503a15d8e36f8d599b535021693fb52f9dc93e315d6e849bd4bf9d05fb25f0b09de91b73ca4edfbfa04d9262d449eab2be542ea30f316384609efc52ed641a9e32d48e4a57c65e8bfa5c13e769d5402a0b125c17360800bf0da8592a75abe647f1d9b1072942947da82e701308b60ecdcfd40d7b6cf44b443493ef0466790547c0a8e5914484969e52cba3787c41df965f91ed7074cd62a63db7e1c35b8f9ac30521295ae7b9c81143926f1dd36aefdfbcd7056b0d4209cabe113a18c58ecc062df687666725707029a8be3ef5721484bd429bab33fceb76c6a0f079da8819d0d9565f5e4ed45eb531f9501b85b619b5323169b0297b7cedcf6f288225dd5e6a7f52c1b96cd38dd94b2f6b8cfc6dbd7862901a5295dca5ecbae72344f41c4a222bd6711831d265b910d547501116bcfbf3c9e104b446175c4c8a4e56445ca22f9363f0f54858a8eb4a1c43103bca578c5b0ee372efd705a950510dbbfa4f74c8ddb4bbc1f07dd410ebb39c01f4da8a0bad2d3d35df3a12a9fa2daf44c8163d59aba8a7351ecc9fe4cd25b987dba700e73d7174307161adf70db0e7a802d7c9ec1b912ee58b0a35c2c6f40f112d70ab5aa708071379280c9ffbceaf0a4ec45c89ac0bf3ef40538302b685e24574da8bde8654e99eff66c9ad5e6beafa0e48e1c293c53d955980346cbc052d15e5d1f3baed388dfaa72ca089af06ae757466a704b93a0ff13cb5c722f0b872432a4fd4513ed56825b13ddd4d8c02eb624c8358199f52679421ab0e1792869f6b4aea523a1079b3138f1ef761c6df102096eff43ddb23ee668b9cc5161433feb318903b58387c3dae2833a8c770e7c6e27c31a1fca07377fbb07f11911be6192f7518a8d089b89826e48b28f5c8a00784bef9b2f68c90838eb2c9fcaeda4bb76782510082c977a7ecdd5743e9da8f088a3b67a25cfb25db4a709b6cbf5425e7efa8c2e472464606d9ccd2fc0f73cd1d51a5aa19d9caba10be2147f8e1ad763ba45693f9f078b0716cf588142be847ca67dc132c5782fed12b7d95c55a9bcfdfb85cb48698a45621cc2f1c85559617ece7def71486290b0cf8e987e8788e1a13f17e3f24b93ed2009ebe42e3bea9571f98b39b787c107dcada3a36fa1fe93736e74ec34af80a182cf0adf2846577f1d474c9ff1b4b8a2cfe6a2d445029ca77088b9c84be63655d48cbc5f61b18d7cda0d141f2db6bc3c479aa6ca19638e2c37da38768eb8820e5679345d2abe8033318eb952e297e17dacaaee3df7ef1d6cd554e9b1b453c44e3d4e030e25c5f9ed094100f6d9b1dc5dab371436ab252cc4d7fdf8fe4b7f36ab71f2bbe3878217b151664c3b9ae970e473ae164d77f294ca8ad58634ea446880e8327fc7af2a088e39508443a601eaa00742a7d0ad459dcac24a60edcfa6ac9f72f428c2b8dd30b8278e28f25a1a129d23cacd765de4c4aa52819578951bb8e311e8621f627e3463e2562b6dbc8d1c431c240f1424599438b9c94723f79ffd1fa1bc94104e4598bd43244302f86ddbe47ad8671e25f406aa507ba45bdba09841827a697cece002f79ec7cf14488789d754f84818d180bd04a11cb2115441a402bea2be749ef233bcd26ca27df828ada877a893e54ea3e6ea29e62d6e7693af7cbee59ccdb4045d0e6eeec3d8f59205f324a5f7cf5f871929c83ada04bc5d3990288dca5eb312339933ffb1031e05866e1b2d0aad0ca940795458b7d6c8a3750a76e1e6c8ccd48ca542d6c51164431d70c9d35f0f828cdec404a175a44bc2a9651ec5281c0f3aee9e4375f0eb139f58fa4419fddf9ebe2f8f37121a57397e7e830ac097ed375521a68f7cdc471621b769fef40cd19d8d55a82e27bf5b0cc4182359db7c9066e2ee10df279a89e96fcfea225995f065f7f286b8c8ef9b6c82a34df14dda2f737f557578ce5b15944e3149110102d80465c1b436b6bbb16fdc64a9d130ec7644bc162f0e2c5669a9254970a062561e269d85b72b4748d71d88ca20778287bc3b9613043166862f133f366f6361b9e1d040bbcd9728a70fcf3be7ea8fe0f55980ed03f336ec49f7cb6899813acf47d3b2413e7b637b764fcb9003ece75f8a255b9cdc71f80dbbaa7eaa2111b5551feeb7ea31620a2c88897538915abedcd184d57c79d81505985f561820449c330bc3412bffb68c4c743c5a5a3acafcf00d7561a66f70e5835da530ba62f221211e1fefdc1fbc8c05b1b68b7eb2afac6ebbbc0b961b8ef8b27b555ce7641f6601ac19d5f4adb06b40155a2085ff32de5b2c5edd96a01a14d1bb49b58f1fd718bec428043819b8070e46f0215d2153318320754638d9b40a5214784e7c1f80dde05500cfe8e4dff855504e099634fb3d44829453cf4ac8db7e5a4144f96d4508de90ada04240637fd5b261cfbb80c8d9ccdea6c1d3485a85663cff9749133002c7f9c6ea4de1b50fe90dae397f6b5833e943e6c5f60e10d805e97e6869488b857b44d8c94276f668257c223e2e26dff75222d3f304f8a040ce058e1b7b3bc5f0b69c310beea64212ef0a54bc9fb858c25681cee574c532b64d4f8241e0b855f7f79d0a1ea22fc3d9ad5a1658b5c4d9d417e9eae47c81628341172609a8ef8c72fb6e4e48da6a10207e56b727f65c82d49e2dbb44b492e1265c2b28f98980334ccc3abb0cfd15d73c2f38f4c824022aa7a0ac0b7d35eea934d3455d21e8c710474e54bdf29be107ebc00", 0xa943708f26830065}, 0xe61) r9 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x2) write$vnet(r9, 0x0, 0x0) ioctl$int_in(r9, 0x5421, &(0x7f0000001400)=0x10000000005) write$UHID_INPUT(r9, &(0x7f00000002c0)={0x8, "b13e1c20d1764d052a4289a71186ca1abfa7f39eb694f4602948f6585c2842ac42cb2f94b098e98f28cd6128dab4a71d544e96e01e3a9a3548ee5f554c06d963346edb9d133e86fdd31c21e9aaffeb52f7cd63297b1fd0db1845e12bda3ce00f0cca0e6ac9c42a61e687c24c0553b408359c86c7bfd7a30944ac327f982b011258e85ee00f050c38e73199d07b72b225a96ab0fb5a9ea944a233e46cd4c25aaa0fe04bd9b3203f61a06c8f094563ffa0078e50248ce1acebc03c75069eb1cb20ebbe30ec063f9ebc45290dc4f8b56ebb08d32e4df04785fd385029f766a0b96db6a1b6615de63393fe97082c076a7170d2b1c06ce0627d6acae850c2b95f38b079a352f27bf6f5460078b8e597c1d3bdb5cf9e73f42eec5aea224ab44b94e18e812864faeaf770ba7471f99b07d41d573d1d4c3833fb4410ea36d710bfa66ccdb14a1927a678f873b023e82c341a43704adb37242a67b2a46d02ab7aee23cf3030a2f3dd58eece667b6e9393ee8d36649e37e83b1c73c0ef65b4df6173c1c25324fbb9afa1361dc4275f152deb03d7138a688eb9dc66e7845ce1be5647bf740b0e1dd038120ef1e3e1cf420cf8b723bef771376e433935e4f9096a10c4a969aceaac4791c41f365b274dab49bddf51b22a24c05ceaedcbf45febc927e98f410d38247d7679cee7b0d3041eaebd7821924ad31e7c5137bf87ce1ec537a981779f0a4c57bbbb5c641cfd02e1e3904f48b0be96fc9851b6bc8c4260168eea9d9d111e2777f78a9021d5eb0166e39410bf279656770263ca2fb7ac0e30d5e168f8cf4bc5665d057da939b770568e41d0fcec5d6aac0bf4ae66fb099b786cdce7f6a9bc00b83d8ed72440a9724d4ef8af71c7efbc31397930cdcb99d30502ecbcc7ddb9161ade16a1badbd7ea3c6c65b387b46234c4660c816506a2f76264bba07ecb685532116bd971464b58e3ea0a29c2fa1d49d9c6308806db01326e9a1b6bbb556f6479b29f48718e211d75f08d0fb477ad8dae5aeaad7e176b2c5ae331ef78212e9dd7e506549dc74ffd940dc91d74aee2fa7f28855919c163f443804e2a072ad8add2be84df87e414afcab0f8e6f67d3ebb1778a6798d50233da09d29b95c0da97304b7a025e50a7c89e614c63bc69477bfe0e5ae2c468332d134f9e22b19eb2f01c8e8d5148b9b980f8b9aa0cab9ba89aafe16d6a8cf9cb5ae659d8fba88e2841f3d6ac0c44dd9f03787d357fe31a4f551e247bfb73b1f2aa1e208c36aa90dcfc4da8877967c05fe951716ec2293d79c6083e79061bbe18150e2af1d889bb4e87c7735b0e7b88a3109a906d1bd4bf9b98c2462420ecc4e9f3a274a6678bc56e9aa7f3d64677141f874f35d00d04a1dc83126ccd69a0221305a3a5418ec24e163b165c1e4533c38f3d213de4012aece68ed11e2f42325d6da5eef78ee985f81a7991e3d1ff69188059c292779579418ef81177fa94b43cdd0fbf92d31f0fb592a864ddc98ddd5b49ece865e7c7a6c873169d0eea46c1a44f645b1cfa40849ffb9f5355ab396dc1a875180f17103be63be4e7d1920949c59ba5d47341c176ac307e165b9733ac5cd9e9691f5ecd76b467881b78f217d50903a06c57270f4104fd26d496dd7e08c27209185761882923f6447c73d53a74e28132e6bf97ee4f2df9d03be88653a9a7251d8df247f1a75f91f95886ce317e3c225aa7686eec86708fa72c9b33a664e76c0ed891ff9d840ac121ae3f96d32330a14fd76df19c7ae0434e2103d6e9175da0b6cc7a007a0a18615271771434959de305636cf7fbfdd16239bff7dbc656a702ebd48f9a2b1937cca80604ec525d292bb7337459235ad047c6933b6c81bd966ea60ec863de568a9e6d8e0378916f441e0f8b2b74df49b9b24094fd643413469428a537aed19b72bf9381ebab4cd57400ecad1cf1b792e9610910d02f9a779b009840e3f1a1395a87f1e590c33018be80a3f34bbaf49e415ba7d3858b40788cd19211b8cad3789870fb252f8991d64bff9558a67a2316ec2402c2f9c52de42e6389fc90bc4379f7b899b1a943035d64f20b7766edf08fdfa185d00493031f0d3f9ad7dce841f725c5adcba896a76857918a2f54c8aa2e50f71eda35b8fea3732a02c146201ad9f4b65b7caa09e2a73f72aee1ce428a35489038d5cc859fbd48be8da5d088ccab897a248fe418b89b409ab5507af725f077d264abec5b53667ca06aed03815dd537535a3360a50ca3d09c025b5057362c7cb5a4b99c58ac64fe813f4d7f2cafbc3048835ec43fa68170ec7310342134c9b5ec417763db145555cdd37f24b27b0911d172710b74d3c754aac02b24030166cbf2eccfaf1e909b629b7919db1351cd0167e8b6bddc5ce4b7e13cbf0c095f636427d440d058e7637eb117947fc6a60942d10bd455030ee38fc447fd3e6232efba65def558dcff60274e6b2ad62464b4f767bcfec22c681c12bdabf1fedc3946f45c9a34a9169f79ea60a9d190dcf1ce14957382af602dd134b610b269247f38c3d4e233f2fda399dc4cf09139cff9e9c731f8bf940df3cbdf9355f604bd0f3d3b20a6cfc39a7d9ff74f734750187b30c1a970a432bf7e9417cc87d8dea00c4e1885845e1a59bc6a5487687c5bca514e9dcf372bcdc0fe4a47f3e4ac456b1a812e69f88b2a8a964d946cc102ba6f3a7c965df24653c6384d810cf157c8581d4b40e874aded8d227a25fab9889f02698bf52980f048408de4a96226949eba5d1b7f41fce61ae1ff9388e096646ddda4c222f7b9bffc1d3e5b645b6e248637698f6a5be1dc03ff7aa9f418153beeef9b9d67ac5b6fc888e5adf0db41a6d5cac2b600af3b428a1294f4fdb4cf64ccc254c1c7ef71b9be3afceb797fc9504bc3f3dde217687d47cd445c44bea2b16eacae76f16d868b77065b189bd7c4678f3a5fc99b4d020d42972d010b7a6b22de46b434f2d8ec4f567af2d531817ec81ffa36cc27d073a66d2152f1be2a8dce08e98a00f473f22e680cf0ebdcf37936cee60f99eec69503a15d8e36f8d599b535021693fb52f9dc93e315d6e849bd4bf9d05fb25f0b09de91b73ca4edfbfa04d9262d449eab2be542ea30f316384609efc52ed641a9e32d48e4a57c65e8bfa5c13e769d5402a0b125c17360800bf0da8592a75abe647f1d9b1072942947da82e701308b60ecdcfd40d7b6cf44b443493ef0466790547c0a8e5914484969e52cba3787c41df965f91ed7074cd62a63db7e1c35b8f9ac30521295ae7b9c81143926f1dd36aefdfbcd7056b0d4209cabe113a18c58ecc062df687666725707029a8be3ef5721484bd429bab33fceb76c6a0f079da8819d0d9565f5e4ed45eb531f9501b85b619b5323169b0297b7cedcf6f288225dd5e6a7f52c1b96cd38dd94b2f6b8cfc6dbd7862901a5295dca5ecbae72344f41c4a222bd6711831d265b910d547501116bcfbf3c9e104b446175c4c8a4e56445ca22f9363f0f54858a8eb4a1c43103bca578c5b0ee372efd705a950510dbbfa4f74c8ddb4bbc1f07dd410ebb39c01f4da8a0bad2d3d35df3a12a9fa2daf44c8163d59aba8a7351ecc9fe4cd25b987dba700e73d7174307161adf70db0e7a802d7c9ec1b912ee58b0a35c2c6f40f112d70ab5aa708071379280c9ffbceaf0a4ec45c89ac0bf3ef40538302b685e24574da8bde8654e99eff66c9ad5e6beafa0e48e1c293c53d955980346cbc052d15e5d1f3baed388dfaa72ca089af06ae757466a704b93a0ff13cb5c722f0b872432a4fd4513ed56825b13ddd4d8c02eb624c8358199f52679421ab0e1792869f6b4aea523a1079b3138f1ef761c6df102096eff43ddb23ee668b9cc5161433feb318903b58387c3dae2833a8c770e7c6e27c31a1fca07377fbb07f11911be6192f7518a8d089b89826e48b28f5c8a00784bef9b2f68c90838eb2c9fcaeda4bb76782510082c977a7ecdd5743e9da8f088a3b67a25cfb25db4a709b6cbf5425e7efa8c2e472464606d9ccd2fc0f73cd1d51a5aa19d9caba10be2147f8e1ad763ba45693f9f078b0716cf588142be847ca67dc132c5782fed12b7d95c55a9bcfdfb85cb48698a45621cc2f1c85559617ece7def71486290b0cf8e987e8788e1a13f17e3f24b93ed2009ebe42e3bea9571f98b39b787c107dcada3a36fa1fe93736e74ec34af80a182cf0adf2846577f1d474c9ff1b4b8a2cfe6a2d445029ca77088b9c84be63655d48cbc5f61b18d7cda0d141f2db6bc3c479aa6ca19638e2c37da38768eb8820e5679345d2abe8033318eb952e297e17dacaaee3df7ef1d6cd554e9b1b453c44e3d4e030e25c5f9ed094100f6d9b1dc5dab371436ab252cc4d7fdf8fe4b7f36ab71f2bbe3878217b151664c3b9ae970e473ae164d77f294ca8ad58634ea446880e8327fc7af2a088e39508443a601eaa00742a7d0ad459dcac24a60edcfa6ac9f72f428c2b8dd30b8278e28f25a1a129d23cacd765de4c4aa52819578951bb8e311e8621f627e3463e2562b6dbc8d1c431c240f1424599438b9c94723f79ffd1fa1bc94104e4598bd43244302f86ddbe47ad8671e25f406aa507ba45bdba09841827a697cece002f79ec7cf14488789d754f84818d180bd04a11cb2115441a402bea2be749ef233bcd26ca27df828ada877a893e54ea3e6ea29e62d6e7693af7cbee59ccdb4045d0e6eeec3d8f59205f324a5f7cf5f871929c83ada04bc5d3990288dca5eb312339933ffb1031e05866e1b2d0aad0ca940795458b7d6c8a3750a76e1e6c8ccd48ca542d6c51164431d70c9d35f0f828cdec404a175a44bc2a9651ec5281c0f3aee9e4375f0eb139f58fa4419fddf9ebe2f8f37121a57397e7e830ac097ed375521a68f7cdc471621b769fef40cd19d8d55a82e27bf5b0cc4182359db7c9066e2ee10df279a89e96fcfea225995f065f7f286b8c8ef9b6c82a34df14dda2f737f557578ce5b15944e3149110102d80465c1b436b6bbb16fdc64a9d130ec7644bc162f0e2c5669a9254970a062561e269d85b72b4748d71d88ca20778287bc3b9613043166862f133f366f6361b9e1d040bbcd9728a70fcf3be7ea8fe0f55980ed03f336ec49f7cb6899813acf47d3b2413e7b637b764fcb9003ece75f8a255b9cdc71f80dbbaa7eaa2111b5551feeb7ea31620a2c88897538915abedcd184d57c79d81505985f561820449c330bc3412bffb68c4c743c5a5a3acafcf00d7561a66f70e5835da530ba62f221211e1fefdc1fbc8c05b1b68b7eb2afac6ebbbc0b961b8ef8b27b555ce7641f6601ac19d5f4adb06b40155a2085ff32de5b2c5edd96a01a14d1bb49b58f1fd718bec428043819b8070e46f0215d2153318320754638d9b40a5214784e7c1f80dde05500cfe8e4dff855504e099634fb3d44829453cf4ac8db7e5a4144f96d4508de90ada04240637fd5b261cfbb80c8d9ccdea6c1d3485a85663cff9749133002c7f9c6ea4de1b50fe90dae397f6b5833e943e6c5f60e10d805e97e6869488b857b44d8c94276f668257c223e2e26dff75222d3f304f8a040ce058e1b7b3bc5f0b69c310beea64212ef0a54bc9fb858c25681cee574c532b64d4f8241e0b855f7f79d0a1ea22fc3d9ad5a1658b5c4d9d417e9eae47c81628341172609a8ef8c72fb6e4e48da6a10207e56b727f65c82d49e2dbb44b492e1265c2b28f98980334ccc3abb0cfd15d73c2f38f4c824022aa7a0ac0b7d35eea934d3455d21e8c710474e54bdf29be107ebc00", 0x1000}, 0x1006) write$vnet(0xffffffffffffffff, 0x0, 0x0) ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000040)=0x10000000006) r10 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x2) write$vnet(r10, 0x0, 0x0) ioctl$int_in(r10, 0x800000c004500a, &(0x7f0000000040)=0x10000000006) r11 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x2) write$vnet(r11, 0x0, 0x0) ioctl$int_in(r11, 0x800000c004500a, &(0x7f0000000040)=0x10000000006) ioctl$sock_inet6_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f0000000440)={@remote, 0x4f}) sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) [ 197.119605] bond0: Enslaving bond_slave_1 as an active interface with an up link 21:31:52 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = syz_open_dev$mouse(&(0x7f00000003c0)='/dev/input/mouse#\x00', 0x7, 0x800) bind(r0, &(0x7f0000000500)=@ethernet={0x1, @local}, 0xfffffffffffffffd) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x60, 0x0) syz_genetlink_get_family_id$tipc2(0x0) mkdir(&(0x7f0000000700)='./file1\x00', 0x0) r1 = syz_open_dev$sndpcmp(0x0, 0x0, 0x20a0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000440)={0x0, 0xffffffffffffffff, 0x1}) r2 = creat(&(0x7f0000000000)='./file1/file0\x00', 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = accept(0xffffffffffffffff, &(0x7f0000000580)=@nfc_llcp, &(0x7f0000000400)=0x80) setsockopt$sock_int(r5, 0x1, 0x2d, &(0x7f0000000600)=0x79b, 0x4) dup(r4) mount$overlay(0x400000, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='overlay\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c4f7765726469723d2e2f66696c6553c0216bdc10f538723d2e2f66696c6531"]) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000008b80)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x0, 0x8}}, 0x20) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x0, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(r1, &(0x7f0000000240)={0x9, 0x108, 0xfa00, {r7, 0x6, "8c50ea", "22091776348289296e0944e6df42e9e96151d27ca824ed81cdacac10a1e7d19284f652ead7191beb58e9caf3366129e2222a76e235b399e9cf0d2a07fde86946117bd19349490dff76f9181438151cd10fc461e0ae7ce779a2035d8726846e9e431a411ab9bdce9a328022e7acd212c728986b1a9c93cb01bf928cc48fb0a4818d501b886eb6f63d7d44c02840708b79074b6d181e718ead1150740cca86d97fcb4c98a3595a64c3dc753c2349dfd09eaf7affa82da58029660fc76a9bd49c230798274255c80f6a97b290befa8bf2fe7e7c032b28d88bb514369383c8925d8c26c03ab7a2c98d60dbe9f77da55ff5ce835dcbcef9ccb83bc739b1b0de0ce8b0"}}, 0x110) ioctl$VIDIOC_QUERYCAP(r6, 0x80685600, &(0x7f0000000080)) chdir(&(0x7f0000000180)='./file0\x00') link(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='./file1\x00') 21:31:52 executing program 5: r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000240), 0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000002ddd380d00000000000000000000000000000b001ecaa68074ca0600e3d773a3e8a60ae0ced0e07e5142bb30d52d9352f5fa6471d0507027ba376ee1a93ec0de19686e96e326456c687744cf1f4862e2357720cadc73170101038928c1227348b0e82c8b24af2c58be37dde2f1631c6473fa356e2e00f411390152fa21a5af590b7c88d310fc14f4f08e61ae9c332a6629292d82abf1424cda7426c0a0a3000000000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/12], 0x3d0}, 0x1, 0x0, 0x0, 0x4008004}, 0x20000000) r2 = getpid() pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) perf_event_open(&(0x7f0000000580)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, r3, 0x0) r4 = shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) shmat(0x0, &(0x7f000000a000/0x4000)=nil, 0x4000) shmctl$SHM_UNLOCK(r4, 0xc) r5 = shmget(0x0, 0x3000, 0x40, &(0x7f0000ffa000/0x3000)=nil) shmctl$SHM_LOCK(r5, 0xb) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) connect$bt_l2cap(r6, &(0x7f0000000000)={0x1f, 0x0, {0x0, 0x2, 0x0, 0x0, 0x4}}, 0x32) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpgid(0x0) r7 = getpid() rt_tgsigqueueinfo(r7, r7, 0x0, &(0x7f0000000000)) r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280)='/dev/hwrng\x00', 0x240, 0x0) sendto$rose(r8, &(0x7f0000000340)="fc7465e7fcdc09d03a1a3a08ae3cce11f9b0ecd5194702eeba355c72fb9ab315792fa227a5bb1dd250f3603d0debb43eebf1bdb4a5e729d81948d77019ac8ccc491001215f856b690bed6474d98060c9af55296de1753d906e0498e8ed64ae39007d7293136d7bcabce352e3bcdfd77c4225dee64087383c6107bb5866e8dfbbf4cc", 0x82, 0x10, &(0x7f0000000400)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, 0x1, @default}, 0x1c) r9 = accept(r6, 0x0, &(0x7f0000000080)) setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f00000002c0)={0x8, @rand_addr, 0x4e23, 0x0, 'lblc\x00', 0x0, 0x1, 0x78}, 0x2c) fdatasync(r9) setsockopt$bt_hci_HCI_DATA_DIR(r9, 0x0, 0x1, &(0x7f00000000c0)=0xbc, 0x4) perf_event_open$cgroup(&(0x7f0000000140)={0x8, 0x70, 0x7f, 0x1, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x7, 0x4b37b34a}, 0x0, 0x0, 0x4, 0x4, 0x1, 0x0, 0x8059}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0) r10 = creat(&(0x7f0000000300)='./bus\x00', 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r11, 0x407, 0x0) write(r11, &(0x7f0000000340), 0x41395527) ioctl$EXT4_IOC_GROUP_ADD(r11, 0x40286608, 0x0) lseek(r10, 0x0, 0x3) 21:31:52 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x200000000d8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x3) r2 = dup2(r0, r1) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000000)={0x8, 0x1, 0x400, 0x2, 0xffff}, 0x14) [ 197.415796] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56621 sclass=netlink_route_socket pig=9476 comm=syz-executor.5 [ 197.455934] overlayfs: unrecognized mount option "lOwerdir=./fileSÀ!kÜõ8r=./file1" or missing value 21:31:52 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x4000000000802, 0x0) write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2) ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x0) dup3(r0, r1, 0x0) ioctl$UI_DEV_DESTROY(r1, 0x5502) getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f0000000200)={'HL\x00'}, &(0x7f0000000240)=0x1e) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x99, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0xaf439f6ccade9790}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x2) mremap(&(0x7f00007a1000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f00004f4000/0x4000)=nil) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 21:31:52 executing program 3: r0 = perf_event_open(&(0x7f0000000000)={0x1000000000000001, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x1000001e0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x1, 0x6}, 0x26862ca8cabb355c, 0x4000000000000, 0x8000, 0x2, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xffffffffffffffff, 0x11, r1, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000140)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, 0x0, 0xfffffc96, 0x200007fe, &(0x7f0000000180)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) setsockopt$inet_opts(r3, 0x0, 0x12, &(0x7f00000001c0)="f64769413acb99f21f6365bee1f95f04b2e5704a3023237c408b52cae32a8d374f4fd079e612a1181bf5663f72e7902dc4fd565c2ed812a3de899c273b597800d4fda3538739a4c31f4b8f038b1c8b698418514825c76eb061e4026bcf52df29c77d47982d496ae9072eaf9ce13cf5b03dc9be4f2a222729b399727a00c0b0f9019636fc603ba2e5dd491ec965da59676a3d9e3ebe02697e6cf77aeee0c03038e471b9c2934cf63ba6bb84282ce384b3e7000f6e147e377a9d68d6bef5fdcee06182", 0xc2) sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0xfffffffffffffed7) [ 197.510132] protocol 88fb is buggy, dev hsr_slave_0 [ 197.515345] protocol 88fb is buggy, dev hsr_slave_1 [ 197.763458] input: syz1 as /devices/virtual/input/input7 21:31:53 executing program 4: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)) r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6100) r2 = open(&(0x7f0000001840)='./bus\x00', 0x0, 0x0) r3 = creat(&(0x7f0000000180)='./bus\x00', 0x0) ftruncate(r3, 0x8200) sendfile(r1, r2, 0x0, 0x8000fffffffa) 21:31:53 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) ioctl$ASHMEM_GET_PROT_MASK(r2, 0x7706, &(0x7f00000012c0)) sendmsg$nfc_llcp(r1, &(0x7f0000001280)={&(0x7f0000000080)={0x27, 0x1, 0x1, 0x6, 0x0, 0x9, "004a4971e4b5730a1271549cd5cb1c61d634b10b88cbcb34d6061acc96f17e8da2c5bc81ab8d210cad07cc16f47281365da6de11d6b5b5773c400e40cd4519", 0x1d}, 0x60, &(0x7f0000000100)=[{&(0x7f00000001c0)="d2b7520d618a9d5d34398fd2139ca3fc1a6063bd0ef2c93c0cbec2aca5870e8ccb23eaa05d22ab30f25ba3892569e39b1ef85dec49e5397e63bb613af11d83d5971f561af2788bc961ff73d2069f3d0504de201b0d88d36344d8d891567feb90f63b30f65db2205b707172530aab5b8884fffc341b5f248f856d100b6ab3eea3b8d444301e502d", 0x87}, {&(0x7f0000000280)="0bf41bf8d5d3bd077a17f29ac5fcf64bf9c012a7b83d1b5d73db58c592e0b6ebfc044333564c1fcf3579ecfb1b8a8daf6bc446ed212748359b46a505883c5f8d980282dc103dca4e129a2f163f88072c3b3f363725a41cb0a3104251951d62f165a9f99c274196063dc01cd9509d5a6a4ec63eeef2da127e1df7b1811f374dfbe09d923b78ee6c7233fc946152c3bd8445512f5d453143eaae32cb2c89c4591f4ccdcfcd59834e1e5e8feb5114a4e36bafd1218d33a7ac701fff2a0d4906b9b1cc14511c5c88c77e7d0cd8a3f80bf30f5bdac32cc1969f4a2aedf6071c73bc730a6ddf1b025d3b80c7d6d95064de2ae3f83e7e5b14fa8c29696dff48c174659ee73095a40bf551516f9214ebac6bb75a033efa4fce54f16eb5bb322b96ae18438770fe29f71cdb75b074cb286b2e0ffeec01690ed23bb82d29d3bd34f63b4434d4df5ed71a7fcd0d890835e5072159394c5b96d17bddb05738b935270a01c4f6ec7b9f1df7d62b2a63d160b5ad4ba3fdb3a25eefb68ad515b57c71bb5fd995090ed8801038685312c9666996379341606d353a6807955043a6e5081d2d1df7938a5f1dc54fc4bfe6af6bb476baaad1062719e3c43fdbb9acc53da0c206c91c1fabbd11eed24ca24c3759aad3b6509e9df925c81da42f40198bde9775002d4582e26f776629dbf7030738dfc04329317e1faff4eda7cd81262025f88480563ace6c1da761f632f3e915b25238c72430c7d8d94d187aa214a76c620ba0b50d6b2a2d09dd3755d332128ac343058edb86f0d4def0eab9ed580b6c0e26ec83dca08152f7adc497573bb5624533e2c47ca9553f3e934c7bd253113da85962ceba67642e68546ba438e42a6f2b54fb24014dbdb7fe23575b12339f06bb97f39563379f02f6d6b53cd6590a8fa2788d46ed8801cd55c6a138809dee596e6cf2d39621d962ef114ba5d1e462ddd6fb48a5344933d3c197426a6b7562f6f2bc4a931d9c36b020b50b05d6e2f76ce216f16060346ae6eaac04c9e4cbbf44e9dbca0b034c7f3b8b60410c10a174152040e939beb18ad311ccbd986dc5a536d36568849d497e4bee7d4e70f6ece0b50c760c2864c2e99f8eaada09a3a212e940c09c3e80d6fddb2af6aaa1412191b4450504aca91dc605f1369ecdf51d5c0080cb60784a4e915eb4f9f348f56e20e1455f8acbaebf98bfd053c1bf2380a522628ef4562a1a9185d5e39e41cc24c3a4529405ce86146aa328b822c096a69ae6a256eba93c44d42eb5281a743688e413d1e40221a56224a06b05a8f0f50483de4cd66fc88a225ce02b2ce021058e27f68e5373142dd06e35f9c18c2855291c1c13fd064a692b35af72df8e189595d83457a76995371b4fd90f0f6b95daec9773dd9d76caf56a424366fbe46c1cf79426ae7f125e4d64b9b475f367d65c5448591e3d6d0631513ceaf1d71b8257537511ea49201356a470972fb3bd292aa3b21d56cf7dd544836ea7b17c7d27acefda6c941376eddd1ecf22a3489adae15aad704bba0631f12bff357d57607ac5f82595df400e8aaac96d4152a1a1c1c91c8f45dac9e0e0057c2bb566324af3b30d9657759a551887f1f36bd3ed5d4156749125aff24a1339b0427480600df5f2a9305d2aa7e4c6302d19b31fa0e208cc42f4f339be68dec126b41c4d309c002caa66c9112f9beb72df629b7478a8b37416cbcf50f1222e7b91fed6896465c40c809947700e22079727e234d2ca3aa14c359b94cb4a3dcdcdd61d46b0c44c41efe57b39ec6be36453f737970a0833650a0a510292a153a87f27c6a8c5c19939babf311e5566e2a2506424fd81334187f7ba4a67ce34dd3db08d54914c3ab8930b210f9434472fde09af695954b54561f26c33c3475f1f7a395c5a5a83e454ab7b5670cdb034f3c4e27bff11023bf0cd406b2ef8fb48c5acd428145cbea01298ada9d19bbce6f244a3ee1cb960413bed96c6f6d61811d9d6ef84cd1d617d8f9e62e829d62ab39ef33000b633ab1f2e03134fa9b1288b202f14c18bcdac12e8d776ed233a52c489169e5ae5846f0ff0c080d1cdc9570586c6060365377e12ba74d837ba1d6355c0a843e635268eab24fc6ba6663b9e5bb75e4b6b56985dec3e702930486d78ce6ce22ff176884b59b5414573c3c7105b336e86afd863c4eb2938f33101df5606b58079ed5cbf6952e9ee62d7db441c5bb04ccd861397dc0f4cd71cd0eea20e38ca1459006664a0b8cf927fa295ed32aa1125484cf2cf54392262598692e24359bd6cdef211d04eebbbb1ffc4af8e0b1e3b24151e66f0e81ebd4821b67c19421b5c1b5044c0440f7bca3c3b60c7276b39bc37c71196cd36dd68e8dc71328be98efeb7f5bea77066fb5871f80f59749130e58f1f3036348b0b9af3fb38e588f23715caf88202dd6e4ed3b2f40532fe0332a58e93c9104bb7b903a3cd16294264ac1e0db8fa6f3825db5310e9695d6a10ae68fa59855ab5879ca017a59c0490e28222e78c651f75383ff40bb21e24822be1ad2e08e40dc4b9e759e2ebac3cd5f7ab47a64de84b4cdb6c9e9e4fbf0051d17834301277c4e524cf17f66ffb1f4c533e634774b0bbe56117b1980cb865baec4b0597ea76461728ecf9be78fadc8158160f641c80e4fdd8889f2d6caa89258396023c93a59bd791e724767031e205f4edc08c893a1ce8242aa6b5026b1d4a4e1f590ca9a5d60d7ec80ed55e4bf4fb6f9a18c6e6316aeb837c3e5a5410347aea090937134f192a55baa6d3c768dd09a984f4c70b1f41396f7bd9da5e2a31e0d1b8e4e9f20ddfc17e80e6815bc5a1eee4f676487daf83708cf3a69969c4ed42543d830d928518d0b6b57ab6f8133f871eaea199fa10b806d5b59fb4674f4e2d1b02b236a81732cb8821176bf8d6587647b4f74b88ed687cd3a9a8dab4b97593da7d714da9b220c95e95e176d60add64a791217717479e529149cc839dd536bda80a9dafb3ca4818d2a087dac95525de88582d358961ff9270de2e3e313bc2ecdd8c849514f4e3a8e801c1925e6e8adf2b38177b2af06505297ad6864d4c75ff61a43a8d139cd1f9f87101c285f10e2c821834b20c0f0977c54e5b8e78f33826a680bf6112d901bf24a6de98e1e6f278d3a775e72a241f6715106ca69777f7e828e5a90ae6711029582cc3fb90da4473fc2dd3352eb351ef3c48bd21e122ed0c28a12d3e5a147db94df5db830b9c4fd6d152f478cc39f67ecc0e2672c55188d1b8033ec1c9314443126fa99bec4cd7416531cdaab9abf5a01a5cd30b702bd45ca8ec438b1598392036d64c75f0defbd940f98b2a4819eb45a5b2a6cbe03375ed120f8b7afc72fd25ef3260721fa1661940caf22914d23f8058c6ac3af8edd850bf368636199626b87ac9c01aeb6e10b9982432d17e5f40bf15869f11525fc05b58606929f3eed589d4407145826d98c93ec4ebaf3ecf813310a90a0e7aebabfa7888b01f2953273164be0dd3885474913cb5e5dbe2f7d6d947c3d34b436a0c750fd6e4098dc5fbb04f3a86dcd77a7cebd6e872324502593453fee1c667ae259293553a7dda04c0cfb74b1e1b6dd61e5ca64167146fc4ff00368c502f943f163ae0da8a08c7e5644b3973e2eedba25b3156adcb49e00a6bb3bfec4a07c61e2ca9f9491bc0b7986c742100dd2ed1111ab9521f35c03a9908c613dd70b639dd204f17c4071daf60e9a1fb1f689ede20ba939cb4a9868bb578d3db8ee6c8c16ecf821cf2019b41469ec8a16f31a51051641f05b7820f238213fa6122a474d36002eb370a72dc849f299e54f6fd751b2fc467ed79d88071914167d3a1c40e1bb82a40d4db749f7986e854d39883d4639fc93453a5bd398128e5971092fd3f0f4b40521ec14bfad0c6a0beda095631bacd4a37ae26520ff9f2ca252b25c0d4284d7ade90107685cf17fc51a655c167b875daa7aac808478ce37b851e13d9960ea5fdc4dd66a37aed708423a61524311587b8eae255c2b52de74c7a5ca5197966d28a8317ffb8b1bbf034c3e083e7dbe20a9128d6cd7e49730887a8bdde22bf51bf1e435a7f5e8fd5b85355bbee617b5389b4f1a20c3cd357a5dfb5b022922ef066f17397da7672b8cff88b42842ad31499af34b3e99dba4637e7b824757ba2d0e5ad0d0c494297a75ca249d1ae979452ce3a43e5c234baf56fe5cf51fac1dda9901dd77679f4d4f26fb730993413e4af81d26a0ac6058871b907401a7fd27cc23bf0886bdadcd7cfa8e15f61d0ace9ad2005d8765192ca5a1085b5457a1aa8907a29a298185045fdcf7c9f669c6a4241c116b8a37cbfb454514a0cfbb0633b52636f53305be7329ab315df442be662eb8337397ac3428571c44acce77960679c21fdc7c1c65e4f7a29989cb4e382f1f4e3be616c8932fdb4152588c2c2494e8a079d257e114a594e34d83ff4dbfa8f95701cc584c294ce54d4b889e10b1df5bb6ac394cb2d1504b9bcf1182992106ed04c9747206224567d2383b8778d8cf0f14142a87eceaa5453b2ab09b901a44cb4eb9eff2d41097d30b022b6274264d172721e5207ede0e31bdf10e0efb999a0fe6424b98b1fff808a6b4292bf80fcd4527f03ef5d0c6147cf0f81a9b04c24e3cd265af63fede9ff5ae3a2438105447f4aaf0b3ce3e82d176983afdaac43f036d855e1171c7098c2d63f364f402aab85fb6c01ea94171b393b3da51da47e84c7db1c98c3f9ed94695b804b2572426af5ad2cd556fbc5bd124b128224d53dab1a35e659abee13d55842454ec4c175b7ab3e6ec14e72e30f0114b066cbdd832a02c365af48ed8758d63dcabaf652cd7209359235f92b273c813fd8f85f9e063d337c7354a5ea8de242eb06364ebe420c77405bd0af47d813df47b1e6643b5e696efb826a1975fd181d5dda5b68e8dcc1f50cd22ef97f8bd1df358406dea488beb85b2763c15e43c03789fa95c00281e88a06efd7bb940192b74f83f68517e953106d02b4b6d9fac6a77eb7c7a51e2beef5c87a33663f8185915cfd2d74f1199a974e84f3f1ff17a323864e5300d56e2199c7f52c589011458b318d70d083530e5a07ced70cb19aa08cf2427dbf9c77fb4602cca4039dd5c564113ce0acf61e2b1715b2054ca78e8f1722d0c7c89ff0e53c955f88f2c33e58d327bee4b4602cb8f96c552764ca329763535ebd627c41be7d6633b8dfa3d5b9f38a53aafe21382f5d8c6dccafbc6eacae4589a4dfd9ff6ed955793b156c49dd5d6b83a2eb314033005affbd3d387ad6c8f46d39a92785adf37698a7e82abf57675136194f44e26b57662898b3bb135926b3ed0de8e9c17d79221fbc2fee73477af47b12be5312efb9d79e37f81eb9580fdbd33b6e13a3da4452b0aa3385834f195a2ac081a7c278a2e0677a61a849ffb6417fb354b656eb0d0a6cd6fadedffbbe02972e42ba6e0e1ffdebafb7789091cff773202f507f2860da0abd341812e16f9c74eb2e0cc15ac96d5dc3e3f086d41f47b47f62b23b9e75c721efe835d5a5f99bd2aa740b8f26be917676a5625c012e135e0e24de0bb1b3656e40bc7ce66bd3a1f87b62e100089a99fef6b1cd373e1474d6791c418c2edd8962c3c8757a80f8c0c8ad7a1c841aa3bfaf25292842a11fa2b9486360e9ec726f1c4d2f20477bea795b39172c5187705926e0956f839694310b2c6c1db6eba1ea9b22c3daf79599ffab4dabee26f4faed77c4a6bdd1b633802ac9d0005f893014a74d7ed13298a0c0c23776cd7c12d5c7bcc920309ea1adf4b693a85d68b785750e61faec7a28343a475d", 0x1000}], 0x2, &(0x7f0000000140)={0x28, 0x117, 0x3, "84b9985830c4a2f9150fd4a744b90a47e152eef93719a3"}, 0x28, 0x20}, 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 197.884909] bond0: Error: Device is in use and cannot be enslaved [ 197.894006] input: syz1 as /devices/virtual/input/input8 21:31:53 executing program 4: r0 = socket$inet(0x2, 0x2000080001, 0x84) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xbbb1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000180), 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, 0x0, 0x0) sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x4352}], 0x1}, 0x2000) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x4240a2a0) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000200)) socket$netlink(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000100)={@remote}, &(0x7f0000000140)=0x14) accept(0xffffffffffffffff, &(0x7f0000000380)=@hci, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000010000507000008000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002"], 0x3}}, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, 0x0, 0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700000800000000000000", @ANYBLOB="0000000000000000280012000c00", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x4}}, 0x0) accept$packet(0xffffffffffffffff, &(0x7f0000000580)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000005c0)=0x14) pipe(0x0) write(0xffffffffffffffff, &(0x7f0000000340)="460000002800070f3200000800367700fb", 0x11) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0x4240a2a0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1e, &(0x7f0000000600)={@initdev}, &(0x7f0000000640)=0x14) pipe(0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0xc) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000006c0)) r5 = socket$netlink(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000200)) sendmsg$nl_route(r5, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r6, &(0x7f0000000140)=ANY=[], 0x4240a2a0) accept$packet(r6, &(0x7f00000007c0), &(0x7f0000000800)=0x14) socket$netlink(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000840)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000880)=0x14) [ 197.925555] audit: type=1804 audit(1573248713.192:108): pid=9502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir270294397/syzkaller.1a7d7c/78/bus" dev="sda1" ino=16754 res=1 [ 198.020520] audit: type=1804 audit(1573248713.222:109): pid=9502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir270294397/syzkaller.1a7d7c/78/bus" dev="sda1" ino=16754 res=1 [ 198.075680] audit: type=1804 audit(1573248713.252:110): pid=9505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir270294397/syzkaller.1a7d7c/78/bus" dev="sda1" ino=16754 res=1 [ 198.128364] audit: type=1804 audit(1573248713.252:111): pid=9502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir270294397/syzkaller.1a7d7c/78/bus" dev="sda1" ino=16754 res=1 21:31:53 executing program 5: socket$inet_udp(0x2, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) semget(0x3, 0x4, 0x104) semctl$SEM_STAT(0x0, 0x758d788dc069ea1d, 0x12, &(0x7f0000000200)=""/44) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x20600) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000380)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, 0x0, 0x0) openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) r1 = socket(0x0, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) recvfrom$netrom(r1, &(0x7f00000001c0)=""/195, 0xfffffffffffffed4, 0x0, 0x0, 0x0) setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000200)={0x0, @empty, @remote}, 0xc) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440), 0x10) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYBLOB="ee941ea165bdea148b9c383e6d65b68d2d47af0c3de7c98aaa88fe41d2a77b8b9340cbdb2db3e7c4977a2bd6ed563c83225d93bf1f058753af02d3b0636753c3d2490ef1eb338901d1f61488e926915ddc73c5f725314cd1bf30a54400"/108], 0x0) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x11a303097927cabf, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, 0x0) connect$caif(r2, &(0x7f0000000000)=@rfm={0x25, 0x10001, "b21a3f96ae2cfc1fd6f1bf4e54f1da1b"}, 0x18) 21:31:53 executing program 2: mkdir(&(0x7f0000639000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000880)='./file0\x00', &(0x7f0000000380)='ramfs\x00', 0x10040, 0x0) r0 = creat(&(0x7f0000139000)='./file0/bus\x00', 0x0) fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1, 0x0, 0x0, 0x0, 0xffffffffffffffff}) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r3, r2) r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x20000, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000008c0)=ANY=[@ANYBLOB="6d616e676c6500000000000000000000000000000000000000000000000000001f00000006000000b0070000c80300006802200000000000b8040000c8030000e0060000e0060000e0060000e0060000e006000006000000", @ANYPTR=&(0x7f0000000040)=ANY=[@ANYBLOB='\x00'/96], @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000028026802000000000000000000000000000000000000000000000000380172740000000000000000000000000000000000000000000000000000000000000000910000000600000036eb00000404000000000000000000000000ffff00000000fe8000000000000000000000000000bb00000000000000000000ffffe0000002a8b6ba779b8391f72409a4c841b35dbdff010000000000000000000000000001fe800000000000000000000000000025ff01000000000000000000000000000100000000000000000000ffffac1414aaff020000000000000000000000000001000000000000000000000000000000000a3b4ccfedab7eddd479d6f718b0379ffe8000000000000000000000000000bb9ea2a0aa3ab541a7a1c7486355bd7eacfe8000000000000000000000000000bbff010000000000000000000000000001fe880000000000000000000000000101080000002800727066696c746572000000000000000000000000000000000000000000000400000000000000400052415445455354000000000000000000000000000000000000000000000073797a3100000000000000000000000000020000000000004000000000000000ff010000000000000000000000000001204356d97ade101d8b530977d5e92c190000000000000000000000ffffffff00000000ffff000000000000ffffffff0065727370616e30000000000000000000626f6e64300000000000000000000000000000000000000000ff000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000008400ff0a100000000000000000000000000000001801600100000000000000000000000000000000000000000000000028006d680000000000000000000000000000000000000000000000000000000009090000000000002800727066696c7465720000000000000000000000000000000000000000000035000000000000004800444e505400000000000000000000000000000000000000000000000000004d52917490499e0119972e1188b74ffa000000000000000000000000000000000a3607000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800f0000000000000000000000000000000000000000000000000002800434845434b53554d00000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800f0000000000000000000000000000000000000000000000000002800484c000000000000000000000000000000000000000000000000000000000101000000000000fe8000000000000000000000000000aafe8000000000000000000000000000bbfffffe0079ca05c7ffffff0000000000b87cfa3affffff007fffffffff000000767863616e31000000000000000000006272696467655f736c6176655f3000000000000000000000007f0000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000006200020240000000000000000000000000000000f00038010000000000000000000000000000000000000000000000002800727066696c7465720000000000000000000000000000000000000000000004000000000000004800534e50540000000000000000000000000000000000000000000000000000e0000002000000000000000000000000000000000000000000000000000000001d3b0101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x810) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r6 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') socket$tipc(0x1e, 0x2, 0x0) sendfile(r1, r6, 0x0, 0x80000001) r7 = syz_open_dev$sndmidi(&(0x7f00000000c0)='/dev/snd/midiC#D#\x00', 0x8, 0x80000) fcntl$setown(r7, 0x8, 0xffffffffffffffff) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r8, 0x407, 0x0) write(r8, &(0x7f0000000340), 0x41395527) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r8, 0x84, 0x7c, &(0x7f0000000180)={0x0, 0x8000, 0x3}, &(0x7f00000001c0)=0x8) [ 198.219971] overlayfs: unrecognized mount option "lOwerdir=./fileSÀ!kÜõ8r=./file1" or missing value 21:31:53 executing program 1: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$loop(&(0x7f0000000280)='/dev/loop#\x00', 0x0, 0x100082) setuid(0x0) r0 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb) lsetxattr$security_smack_entry(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0)='security.SMACK64MMAP\x00', &(0x7f0000000200)='/proc/capi/capi20ncci\x00', 0x16, 0x2) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x80, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) keyctl$get_persistent(0x16, 0x0, r0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) renameat2(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x5) setsockopt$inet6_MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, 0x0, 0x0) setsockopt$netlink_NETLINK_RX_RING(0xffffffffffffffff, 0x10e, 0x6, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="2c0000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="5242ace00000000108001b80000000000400190088db01f52ff211f27cb5e4168ecac7a0065ff7c61522e6eb9be641ee016707687e74fe17e8f9e42c8b79d3263cb163211ef0d7ac089e1f7ef2e192da94a6d246c5e051a20bb54c9735bdafbacd1714f27b5e1b2a1d90ea9b69f8755adcffa1a8725cfcb1e3524c37878125a82950a1e270d80b08529c15e1e95bf49fd0552bbde392513dedc0a4b01dbe8cdf132c9124eed07d0862d881de93820169ce0e4d0d608c0782d50b42bf703177c28bbdcdaeb2d18af2dec7d16e03"], 0x2c}}, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0}, &(0x7f00000002c0)=0xc) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, &(0x7f0000000380)={{0x3, 0x1, 0x8, 0x433, '\x00', 0x7}, 0x4, 0x100, 0x4691, r6, 0x5, 0x2400000, 'syz0\x00', &(0x7f0000000300)=['syz', 'md5sumposix_acl_access}vmnet1:]eth0$vmnet0wlan1!ppp0@em1&\x00', '\x00', 'security.SMACK64MMAP\x00', 'security.SMACK64MMAP\x00'], 0x68, [], [0xffff, 0x20, 0x2, 0x2]}) [ 198.309266] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=9523 comm=syz-executor.2 21:31:53 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000015000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000040)="baa000ec3e3e3e0f2b75ee65f30f008f6300a6aff4660f3a62227d0f20e06635000040000f22e0260f0350000f01cf", 0x2f}], 0x1, 0x0, 0x0, 0x49f) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000300)={0x1, 0x0, @pic={0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0xc}}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$RTC_AIE_ON(r2, 0x7001) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000100)={'nlmon\t\x00\x7f\xed\xb1[\xe5\xa3\xcd\xb6\x00'}) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0xa4a03, 0x0) ioctl$VIDIOC_DECODER_CMD(r4, 0xc0485660, &(0x7f0000000280)={0x0, 0x2, @stop_pts=0x5}) fcntl$getownex(r3, 0x10, &(0x7f0000000480)) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r6 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000400)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000340), 0x41395527) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r7, 0x6, 0x14, &(0x7f0000000440)=0x1, 0x4) ioctl$TIOCCBRK(r6, 0x5428) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = dup2(r8, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000001c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 21:31:53 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x2000000000000074, 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sendto$inet(r3, &(0x7f00000004c0)="3232ce2774e7a3797748648df71c7b4542839e347be25844e42ad67454cd5e140e0ab73493d6b6921681e5536dbc0f309747cc199a7f9a20d01e04d55fb1c26504e3e4738aac76780b5d2363a6dc4d10fe9adc2b363abf6981a31f6a58ef2103e7a145b11649eac6d4cc29a315faf899c2e35d08b1974199c08bf4798207b78d8dd89e727382318265acc85a4444869dfc22ba7fd79b455635a715fa1e705070e2857ef21a3076cdfc2c29b26547360add94ef9c349ae62f54e7a90e1aae762a11b2cc6bd720034fac5d7b4d7b2b21fb00e065e2897bbae188d8e2d64440631be6954181dc886fc38b2bcc6099494235ad09fae4a5fd0f27060a17bc854718a7a252", 0x102, 0xc1, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1da9, 0x4) sendto$inet(r0, &(0x7f0000000180)="20268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a7511bf746bec66ba5c0fe3ac47b61db6b4c41bd1a5259e62506cda287b857aac", 0x8293, 0x4000002, 0x0, 0x27) 21:31:53 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$kcm(0xa, 0x522000000003, 0x11) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x9}, 0x20) sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nl=@unspec={0x0, 0xffffff7f00000000, 0x7e4c, 0x80fe}, 0xfd3d, &(0x7f00000001c0), 0x12f}, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x69, 0x80000) ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0xc028ae92, &(0x7f00000000c0)={0x3, 0xf4}) 21:31:53 executing program 1: r0 = socket$inet6(0xa, 0x400000000001, 0x0) close(r0) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r4 = dup(r3) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) ioctl$TIOCGICOUNT(r5, 0x545d, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc) ftruncate(r2, 0x200004) sendfile(r0, r2, 0x0, 0x80001d00c0d0) 21:31:54 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000001380)="6653070000053c07bc3376003639405cb4aed12f0000000000ae47a825d8", 0x1e}], 0x4, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001540)={&(0x7f0000000000)=@ax25={{0x3, @bcast}, [@rose, @null, @null, @rose, @bcast, @remote, @null, @default]}, 0x80, &(0x7f0000001480)=[{&(0x7f0000000100)=""/66, 0x42}, {&(0x7f0000000180)=""/240, 0xf0}, {&(0x7f0000000280)=""/102, 0x66}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/106, 0x6a}, {&(0x7f00000013c0)=""/179, 0xb3}], 0x6, &(0x7f0000000080)=""/12, 0xc}, 0x100) sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd4f}, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x5, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 21:31:54 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x0, 0x4}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f00ff00e000000100004e2600089078"], 0x0) [ 198.749544] kvm: pic: non byte read [ 198.757972] picdev_write: 2039 callbacks suppressed [ 198.757976] kvm: pic: non byte write [ 198.787282] kvm: pic: single mode not supported [ 198.787449] kvm: pic: non byte read [ 198.807559] kvm: pic: non byte write [ 198.812288] kvm: pic: non byte read [ 198.816122] kvm: pic: non byte write [ 198.820830] kvm: pic: non byte read [ 198.825156] kvm: pic: non byte write [ 198.838371] kvm: pic: non byte read [ 198.843898] kvm: pic: non byte write [ 198.849653] kvm: pic: non byte read [ 198.853873] kvm: pic: non byte write 21:31:54 executing program 4: r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/avc/cache_stats\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) sendmsg$nl_netfilter(r0, &(0x7f0000000240)={0x0, 0xfffffd5a, &(0x7f0000001600)={&(0x7f0000000440)=ANY=[@ANYBLOB="c602000000005531a60500009ff97f0f6737580000007e4b21488f62467009ff34fe240eee2d8c17a76400a1cbc5e4b04dfae35812dbeadab778b3ec499b4ef72bb8d69150e0f83822d5322b6f995f2fe0d3a43f8e892735634f1aae44ff6b40ba9c1396c2acc2a10b5fb1d622cfd03cb676b3924f8edc198273a37cc737db27b831827f9546657863868d7786400049b7a99225262ff520dd9ad9a9b6d95a39b54462eca5258c5ddfd25930ffcdc3860800000000000000f7ca38aee45e1a22e92c0f0e38c17966b1dec3c07fd68efbe2b7223e6149a931855475232ec3571608c0bed95e6a27557056d277b331e3d54bce2e09cd3f0473e77bfa6fe4ab0f46500d4030bfbf5a1c9d36c589ede827288e32cac158a192154438fd93e4fdb9ec11b20758c6a153c362715caaa97629464ce91c", @ANYPTR64=&(0x7f00000001c0)=ANY=[@ANYPTR64, @ANYRESDEC=r1, @ANYRESHEX, @ANYRESHEX=r5, @ANYRES64, @ANYRES64=0x0]], 0x13b}, 0x1, 0x0, 0x0, 0x4000}, 0x0) getpeername$inet6(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000140)=0xfffffffffffffe0a) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x898fd13755b449c, &(0x7f0000000100)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0xff66, 0x400}], 0x5, 0x0) 21:31:54 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000280)={&(0x7f0000000040)='./file0\x00', r3}, 0x10) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000340)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$packet_int(r1, 0x107, 0x16, &(0x7f0000000080), &(0x7f00000000c0)=0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000240)=@req3={0x1, 0xfffffffd, 0x0, 0x10001, 0x8, 0x1, 0x3f}, 0x1c) setsockopt$packet_int(r2, 0x107, 0x13, &(0x7f0000000100)=0x6e, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) setsockopt$RDS_GET_MR(r4, 0x114, 0x2, &(0x7f0000000300)={{&(0x7f0000000540)=""/148, 0x94}, &(0x7f00000002c0), 0xa0}, 0x20) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00') ioctl$VIDIOC_S_SELECTION(r2, 0xc040565f, &(0x7f00000003c0)={0x7, 0x302, 0x4, {0xfffff000, 0x2d, 0x7bffffff, 0x6}}) sendmsg$TIPC_CMD_SHOW_STATS(r1, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x3}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0xb8595ae0564e9e84, r5, 0x10, 0x70bd2b, 0x25df9bff, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x5000}, 0x806c104) syz_emit_ethernet(0x32, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c0000000000009078004e2600089078268a0a1adc652d8fafbeab87439a4af4801bbc273845708ef7a410ed453b64b76afa88535dfe557588d425d013dac8619fc9606c56b68fbd4e5956dac34bb481ab455d544c5661ed7d01a4cc52138fdf0b59f46ca64d888c5be728f4bc68b794e468738b833cf2641ce436e8368c06747b5808d6ccf0bc80d6059fee44eed9cd3612989a3854fbaba5727f57de4a81d7b2b3242bdf0023c2a1aa626c5cf313687d03faff9f630de9976eb16acf2d9524dce6f42ed03d200e59067c50bf1c3dda31d44d852a5eb6e18b738de4b2"], 0x0) [ 198.863704] kvm: pic: non byte read [ 198.867517] kvm: pic: non byte write [ 198.874593] kvm: pic: non byte read [ 198.881202] kvm: pic: non byte write [ 198.909070] kvm: pic: non byte read [ 198.913896] kvm: pic: non byte write [ 198.920487] kvm: pic: non byte read [ 198.925876] kvm: pic: non byte write 21:31:54 executing program 2: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000000), 0x0, 0x0) syz_mount_image$reiserfs(&(0x7f0000000040)='reiserfs\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0xffffffffffffff89, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYRESOCT]) sendmmsg$nfc_llcp(r1, &(0x7f0000002a80)=[{&(0x7f00000000c0)={0x27, 0x0, 0x2, 0x7, 0x7, 0x1, "b871259c819d1c9ad31536af02250455fbe8f7e4895cb34f6b92915b3fead0a290cce0ea0211c38c1253aeb895f6b86dbb58f6d54bbff1825f8bad606293b5", 0x3}, 0x60, &(0x7f0000000480)=[{&(0x7f0000000140)="78b98a3cc78ad385cecfbd82c4eb0d663817d4d7e3e72dfcd747927daf8a63b73682e2ca7b045999caadcc16e0fb8812c80e71dece959a1a741d761787c3ba3282cca523abb92329098c3bbf7eda45891a285bfa3bd49d9cb8", 0x59}, {&(0x7f0000000000)="5de7e7462f6a6dae425a7a11aba94ebc76bc39be5a782250e8eb8481700682308897bcc2baa88c7a2792c8", 0x2b}, {&(0x7f00000001c0)="2975de07c9a4347f075787ed79970b52a9e4d19aceb3", 0x16}, {&(0x7f0000000200)="d878626982daf55d1d4710860a9452dae517a9702e172f753898db0eb3836fb5632921eae48089c803705ecd151117c7f7c8d4536db52e00311be74bf4b73b37b74d5a977208bd9a1a90ff83d04f2bff4217018732bc48398d54225a681aa80a8e82ccc6b1ca227f10b0b91c478cc54388e988ebc4056ed63eb127345d5aa20d870dbfdeb2c3324a45210a0c40fa501181606ca0944b6037", 0x98}, {&(0x7f00000002c0)="f4ccd385c5be30be025806eee09f6fe06ca24798cb687d58ad03bbc609ce694c0421baa5aa70033399fa07974174b07b9acc017aa9eddc53f5bef2cc1c99dba62db881fc11bbaf629cb2016e1fb6f9890e60275dfb", 0x55}, {&(0x7f0000000400)="c9185488bb4fca554a0dbb3f73f33620749ae9ca664f045f94593bb6b67952f243b4472878e0ec12b22ffb84d9a2bd5ceb23f8e70b72a70c6d2d2864dc22898aa6684e9698edac17bcc96e5e9082a12a1a6837f49327f31e98619bfc50835b26b520ca", 0x63}], 0x6, &(0x7f0000000500)={0x58, 0x104, 0x1, "c7040e77c77a22d2f28c5a346d607bb31e4e63ce65f6954660bc414ce2c12b7fce11487854da68cf0d661e2dfd32d968f7c1ef7650459df3daa002f9680c697836b75f85cebf"}, 0x58, 0x40002}, {&(0x7f0000000580)={0x27, 0x0, 0x0, 0x5, 0xff, 0x7, "15f0ff1332d04ee44525f135ecbf6cbfe3fd9563b9f5c6f3dbe0514a7d11cf7786a67ab3bb902dcc80a71ee88cd2a49048392910de65351739afc7d3bc2c5f", 0x37}, 0x60, &(0x7f0000000340)=[{&(0x7f0000000600)="03ef5e96e5ef9d26d00da81dd4c18e41de5c297a17940964ce27d5b5df03b45103767f770c77f476bbf14876b5176f1ac125bae0d964c1c2d2f3ca34d5c9e6c4a89015289ac316491d688928dee91fb6f51b3eedff12fde1a610cae9d18a9c9e03ceed966966f41475cd5813da8affd33bc6767886f54f1a011d5a65b48034006acaad106ad59d76aaef2ef9aa246aff6974a8bf5b14e6db22d3308cc92ff0f74db397d270430bcbaac7a99f5abe1adf16e3eaa9b7fbf5eed30dde46178b4d35e4f3a38cdf36fb0b542d215f65", 0xcd}], 0x1, &(0x7f0000000700)={0x20, 0x7d201ea40336a6ac, 0x80000001, '\x00'/12}, 0xfffffce3, 0x40}, {&(0x7f0000000740)={0x27, 0x1, 0x0, 0x3, 0xac, 0x3, "232af4dfcb4831111d18c5f685d11aa4667e6958fe3ac7d6cd3f837730bc69ec37e4b5abef202fddc4551b0ea981ad27bb2a79f0b98e0986d6c87918ec62cb", 0xa}, 0x60, &(0x7f0000000a40)=[{&(0x7f00000007c0)="0c5a14430751658584167eb1dde42ce9957bb41a3c72bb09a07a14e77c9d1aaae810a7ea2035462a162ee971adf9e8ff6ff0eb6f0ee03b22e12e067236574091087c4e3f5a1c198e68b6a3c70df6a96acada8c2c278f38c41286085b0d010b11207f830f255a44e829d2119b0e4e952ec9dedc49f15006df6715f70b11b1c728b0e2a887c8f6e39201c658c1cbb3d5fd8b2950de48bfc0e27c1828386a6a29886dde6e12d210", 0xa6}, {&(0x7f0000000880)="90b971a1068c839288763988f8b59f78c5244fc0a544e59a29cfa03bc45651efacc5d9a8f2c30679388cf2500ee84674f0e6aca4b98e696c31c0f41014c7e4e466c96a19dfb70d7b80f5bf19d7879e7da6ada7d52236c02459dd246703681bde690bed92e48354a9c1ac18b986c971fd788c3aa2265be1000595763ff653946e613de6db46d1ef74ced4507a365de1ee2c", 0x91}, {&(0x7f0000000940)="3621c6e88ea6e08b4ccd3a34de10ad820041121ca51b510d47b282f45cca1995650a83f4caadc7f39e07bfba61a10a796866c092547feddad36aafbec749bc8a3d47405234dd45be990f61f34df01ade423e9157a1d9f63a5fc953d60c92028975522fbba60866c2336878dd7107fc4649b14013bb145206759d3d108c9c0e9fc265f22a24194071a89c49ddcb4e54dc3b31f6f1397d72233c746d4776931cdbd1ebf8047904783aeabc47f8fa1e1845af9816a74e928eb8d5b5588a23368012584d4d4ec84981b5d652b75f13718cf9dfdb0f444783d20332", 0xd9}], 0x3, &(0x7f0000000a80)={0x50, 0x1, 0xffffffff, "1571b7c19048cab810b1d3e3c5ce38e94b212f17827132b759f484c87f1730f84e4133c56767c4f4f11fc699ed622e9980ce8f972de153491f7cf7a74d6c31"}, 0x50, 0x50}, {&(0x7f0000000b00)={0x27, 0x1, 0x1, 0x4, 0x9, 0xff, "3da4eb26f9bbf18ffac027711fd3460ea5e0341254ee310979d39ff932df1d0a47d330f5faf87bfee5cd15fd515ad1bf97cb3aad4a5ec7102128aa5c34f02e", 0x22}, 0x60, &(0x7f0000001d00)=[{&(0x7f0000000b80)="a463e1d89ac0", 0x6}, {&(0x7f0000000bc0)="ce75339f385ecf", 0x7}, {&(0x7f0000000c00)="2155584d38fbcc3860203388836f3706f51561649f16ae47e84495d7879edcdfd5c501d1796a76ca7c836332313dc5753913e8bf965a843b46f2d52ac3a61e2fd6850390245afe35812f765cc9403d4ff68e2dfa60e913fce93a9cd138ac9243000cef1226c8d2430e156bca135686bd464052018337aa", 0x77}, {&(0x7f0000000c80)="41dc04004c510f1849a1a86ce5caaf26adb0cf5aa34fa5951f24e08d43160977b424647983871ea58ab9d68002ebad55ae122dd7392545d81e2f38f434f0d0a0a74328b231f0eb29f7ee7cc4d6e28ed493680503b6d4e8b80fc7cefdb9b2dca0f0467d6412ed253f84a50d18fa1d8e59deb3e7a4754363ae4c2ca4a1d87a514feeb4a34435bb83b190fba5315aa482c6a2c1d322e18a1e2abb1a81a173a9a9681c7ad235af4bc2096867da3d54bed48552349aec910604ef05727916b45396cbd73f6d6234b7afb6850cfb0bc7cbb2d90eb1fbaf9f23a9dbfe3d7ae0a1f6309f48bc0b6256e49e891de5cf16419e201fbbaf2986f9e00b498da4e9797f315780a164aaef65cb05ca125634cfd1d67219bd24f4ba9e45614e2ebb5969fc2d9567365e84b21f71888ee04153f810b549c1d0a9a92df99ab717f3cbec9be76ab0a246ced8c6c49c54df58edbecf2115441abf233bcf009d21d44b9a614afb70559c7d912a54a3b57dcda2497676a5f38026bd98da90b3e22664dfa7c60b99d8c5c7509326245ba6800799722660926874127660d3778b436063e6a24f9363641e55659bf4b33febd2f25ab114791c728f777d1acc2c066fe28d4415b2390565e0fc30af698b1b620d73fb97ea001a12286c2bdde4d1440c516ffbee13ca80fb6bea37de62ca26c17801283638471902176428cb2b43694bf9ffeebdfb7e5d2ae3b5f7434d0566cfa50d1b070f5f44fcb5bab2d2a26f659edfed89a9b0b80b17c9474380cb13ea74cb64df5215589f7d5c0bc3009fc1021600b588402a67f4f9f0e69209553b70f9a6a62a1a93bfdef57f1c6c59245e840adca7e0dc246845b90385f6c32387200fb66a76f4064614ab96024d4cebcda4484a9df183d7ba8daf6b354b22125d18d287b01db528c9f7462d73d97d6b604aa07e9f37d2665a5163091c559e130467766c585262672676f239b1be6a9fab8827a3e1b928afce2bf91280bdfb7ede192cae6732522dac5693bebeb01854dece7e10599f9f38c27b6c621621cf22198cc7bee16ba1206d6f03c10dac0b00435445eb341ba9d8acf1c36a33defa01db8e2b556267c8fa503c31af35e9912fdf0c6abfab80941dc3b3dac78dfa2035d726145564f985b47784bdf1d7f93f306a36934fcaa25a33b64fd01da4c8cf63f5a5a09f1d9b57566c051518ac95bb8f4f1b7c43344b139313f13575218117498a2a89d4eefd15acf53fb7d2c0aaea7ec1cd825ee425cf5e0374aa13cd61d1ff0b3e2cd62bde457be76fd6703bdff44f0bf7cfe97b7b0a500f33a7e87342b1442ffc9f80d78cf5a18770957dc83f906e13a2884bb8f2b3ac6397cb8fb642e8bf426006f4452b2f9f55c2ac1fcf18988c32c040908e0ef95dc6841b5b0f52d63daf854f86aacbc600cb2bef7fd877f546ad5ded2ba584bb3484d28d5827a9a0bf3f2e263746e63023f41e813ae84daa27074a71b99977190100b51d2de0e5531c4b4119ddba426a9538d6db46f36adef179e3788351530c503573efa829b65b09572caf957801dba14cb866344670f412cd419fa08eda96d6b497e9ca0fefe3c1f51fc18a5e3b5a73d70fa6ef28f32386ae2909765e98adcdb70d08ff154175fe693699e63d373b28fd80d1b6d7ce009301213ee25f6c08ac70e05fbd02443430c0059e7613950fc92f05b3c455cd6710c83ad84660b3b15ee641731b738c63188e2358f3c1adf9fac10e2dcedc022eb6638baba3e6c802e92c042de26bf22af6a40448f1ad4436c2550db28f348cbd37875003efbd7c3120512e340bd4778afaad23c9457d07ece2aa760b3e1792484b4767d208f16f96fe4fed3001f8e3cc884133f9d8ececa5c6589374dbdef83932ebca51727d5a7b2d11a538f267c28df77e41a259eff2737abf3835fd5434b69f5d9c17e4b022d9879210239a124071cfa1f997020756d5e712e5471eb4a11fc2ce5fde6d0af3591e26b1d633e94829faadc27e6e70e44c255275fee0f85471e035fc866389986af177cd9d757ea631f639a2c15c7db7c375b285f80c52bdd3844c3c48d2c1272823ba647bd4456c16f13a510fc744755fa69e9d1334c55e0b25e510813d19900bfc6f6b22fa2fae0239f48f62d7812b44ea59037468c1604135ee73edc36db79546f6fdf526d1e6d0ed3326d0db7bb31db991e7abfd4b65e59d9c356f823831b44f797605c28100518bac4d5c1733200eebc1fc0c0019906ffe4982c387e7e5496c4b73ef832eb535e9b73b50fb3e445a4658002411695c083a546c6d47deaa27f84d4d915da7f5f3f6cd83d45ecae045cda5144a0be7bd68791a13b2317a2058d59d3013270407bd6a03e73d98af748992f402f8ca9ec83aa2de2546d0c17d348199421d2796535dc80ce491fe646439b7aadd02e4e673b9fe38d9424f37148d770c9b5008fb367fc8a30dc7a70e1c9a00326154a3c769f3c51b43c86e5ff24317b4a79d28753b5c745b7ef7bf7554b9097c4022f9c83041045a3372c1438ad7b4cab9c077adf690013b8cea01597c81c44ca9c14bf438f799280c6d318e2c1103fa05021f89af7e74c1f528302f312c755ea644e2c4b0b6b51658f142e0360a3aefefde78f244871303927371cc1ea89f79fd022410ececbc3abb2a0d776f65ac748d0cf988f456b65e1eb1ea4fca8cd16e588ba8eff0403b5da08bc5cd61df94bbd61542efb446aaac13ec9e1d1fe7b069110bf11f3e39a935545abbf32ba19a372cf45f8c2bbfb9e4817f35c235f7f4b9ce40725c4df2bb6524c942203eecccc7ce77152458425af7cfdb4aa60dfca05c53ba04a91af84d28817ad19b673ac1b109953eecf063a0879ab23853ac18968db288957de71b9170e1e28157df4630d61ab6a19ffa277ba61c8ff07907008a3ac3c51335807bdc3e835fab2882a03b28c77d06b70b2a32ea38d4b1a7eed3b0a10d39c87e94d46485423341c13b2d9be180a17390c7e9ab457830726e2420633d6458a0d833797587f056e02961659e9c6f24d40ae1da20e30b96a6c09429f693208a585e6e92f3ebcda1e91c031a0547741a0da9417bed89bab8bfe6db4ca190c7d72fd35fb2902c709bd384678b322459953aa65528f1e4864f98ff4d71fa9b5c3d5ebc9565142551c95de0e92d44414a2be7675043c03f39829423660c91e012da5fd28dd15c6daa00556bfee399d06f7bbf0c6785fb35661a2a4524fa2fc3a9d33306279342c6ce6a73b6872db1d8aada1ee9dbb0287602e047e59197f00ed9fe9d1458f95f54e96bc704067e0c258acbc049b4491eea052b6dc8c382d29c7d6a456faad04576b3a633a3eb0688573f36af03db0830e37d02a8967a44aadb047a6aa4d2cb44dfb73a74fd46d9eb1dfedb05966835b40171f1af5daa25b1485dba180d017a022c503c25d3d29823fb96401407dde353e914fdd11b487979ac8c57dfbd5ff692467afc98f6f0163c906f40c9735a73b522a0e167f22c060430267da626921262ac0e93c70864fae687a855c652134bc433d73c18286cbb9c9dcdf31bd8a88ba160caff50f503fbc768f654c91319377e705a481d7452af4dabdc619bfd4610ba5090210e55e7bf315bb809605fc5e078c345032da8ae7ce780181d376cdb96154c3f450185d15d5fbf86ee23f556b3f12f2f3311d400a7db60e08f75db410271a065d6c6d5028533dc32bb5736d34b58df28ecfae0bb81933bdfd4b4961f6d7912c5fe5a88dcaa1bc492a51964cb4d71606ea7b37bfdd014aee211108511457338611d1a32fde54e78c56471233733653b0002e413a6833a31355ebea9dc4168961c56be0c48e45bfa4d00e8a6a70b3b0b76ec6bbd165454a1e80f18fdedcffaa678800ac857cba27354fb878800b3f56d43b4545c315b8d061200b435e4073691d4c0581c43720311b8db9c5d5495145b198ae52b41a48c8f3f252828c6a964ee0c2ecc840085d3a6401607f02537f440a028215bc7e15a8e9916c6f5c5da05c98ca3e416d6f3bd31ab008487af9cd64ecfd3686791633e7199e5c0b1c7b3219b30859f10b79a774bdc9f9bdc603d37d7bb901cebcf3148ddb065c17eca1611264a9ba2810d6c5a3e15febd904647e37cf20ce4eb1fccb9f4c32fb9725e2ba25bcc35acbafa0af69e7aa35ac5cf302f7864cee5ddb4d082cbe30bd41cf37daa19e234a5cf192edb7968e4629ab20c24e698c4ec3850f2c06074b7a4ba71ebeaf346eaeab1970271527ceda68033a2d16c9828deb5ee0813002e6d08890303df46aa688727f4555624472608911837f04b8ea5dca096bc1e8f689798fc53e6db8e58b280d6427e34fbcf0998839c7ccc04d07320f98b05b5fa23e73d9a0287e403d467318556ad6902e36068d940890ddc05a5cc50d272908b25c7d92d1350fda14e1fc86b6258cc34c662f9d9e845247be44efaf1bf044553ac779ce1ed1b8dc7f8c9e503ab018d01e610c5875f42d9562a774450fef5ed735b4d6a99265c9323c1f492b6497f8c3fe2e7241026505bd18fdd0aad61d56bd62eef7e9cc740d0954f2ba4e862e8acb4863a41a8674b5dd205dc146151ad6abb4d1d7b81072c1fe9e5f24cc8e36bb752058e1c7008e34b599bf965e882acb053648d73b7c5a6da3289b25adc9b3c81d9659f9040bd693ee0488e7c2eab2f878b8306d0e5d281cd0ca14db22484f2b76b8f503e40078ff2527bc370972a961f1d0ae707855396224485db3c78c52e790af5ab6f3d4df7f527b729c363e0e3b47b0398954ce0771ae19d5ec20fc3d5834866c1242dc228ac162b334b0a0fefe80b59ef8bc0834c3330a9b0d3fa7693aa856ab367c219e15c2ef01a25ace5058f2717ac058b61640c66fa0e8e1a43bc279874e0d41a35fdaa63f72a5b231a87f02524a298ebc447eb8b572eedc147d9204775c9ccdedaff178b256c167419abc55c1a48b90cbe7972a86da85e22ceaceb7fb90badc2c8eaa812f6c9de6c959c5f7a81bf017b9caa3f178f47b45ff3784b2bf7bf5342e8f51f3f016e900fac1e0764e53abc84bd67822015ee5e965d86a9ef70e5a082f1f76765d18e85021644522b23330bb02bf282383c667407999ce99c0bb0683a272502bb6d63902a80d82ea777fd3572402d3e9f903f51b8b83708fba20c29ae84d1c2a98779ff58cce164ece0ffbe78149eb704c8ac098d8844eab715f272273c4f5104a4caaa5e002c8dce6da74e694afee53095229f7b5a4e087387808645146f41120cc65e608dd4474c604d0de86b339ef982c095be7ce6bcb6881e7c8031e8c3cfd95120adc58c2dcdbe12abb9fa67c710550a70c176a7acac6de0cf184e98d09c1fb2f85c17bb1f46cd24a4d41e5c0e6a06887f27eb21db4261a6cf27cbf77ccef599f415355e4f791a755c1b83b88a6f6aa656f3f759d38d9e26e224d01b3a87fc2a4fb043c741f70ceb67a7af11e04d581d56696ece9757ba40a41394774b1d32a24ef6b34af04d297f682de102588c6ec83f2b6601b29446083df2dc7f0d862e0d6efce740c38b0172f1fc2f52de63f6399e844b834df33c1f3fc60806f033c738433424a762f59e1c77c6be5f94d6dfe0426f8c79378279dde59b613f269c5a5985805f0ec90c0b1dcd67bc2f50df70ced52235111cad0e857ad010174ac92ccecaa5ad64f216a614deffcd64186c80ac4c96407012978125d4c59b5696b82a7ab755c705cec459726b317c5bffcaaaadcd3c183e549426a23fdad1c9c0059462ab9aafdb4600e5f992946fb682d4fde35a3cee56a6c542e75436", 0x1000}, {&(0x7f0000001c80)="afdb811a709ebdb6edd65733a09d42c3a7305a4d1d5c2e47fb02baad30925723d616368aec05ce481916bcbb40bed38fdb65e602416ffe75e70d7dc2502300415afafed8", 0x44}], 0x5, &(0x7f0000001d80)={0xa0, 0x0, 0x387, "a3cb8290303371a2f5e3f397b8aff17c3cb5c89daf712748cf6bb88a3e2d993c40ddd00d436da606579febc11a01396f0bc348bb20ae80ae5025c89fdeb6dcab113eb867096c1935cb51387fd9d8596f27a2039afdfdadccfd8e6ec81b1375365b53e9981b0708183b1a4f1f68bd362b0a4cc3cd3e7f3fcf8f1ec380872bdacaf511a4d0795644dfb880a0be"}, 0xa0, 0x4000000}, {&(0x7f0000001e40)={0x27, 0x1, 0x1, 0x0, 0x6, 0x6, "174b6a23cea56f81396ddfe35a28b765d97c751420a68ecb8da0c2295f965d750ee110aabfe6e386373ba285745afc37a0be77905c69984509ae70ac0051f1", 0x3c}, 0x60, &(0x7f00000022c0)=[{&(0x7f0000001ec0)="e69c4ec43de693c4873d1fd849a4f4d4e410cd48e5aa8360f56ab1cb5b64e204a871cfe833f427c05b6ded0e3438a1434d88ca799b72c4fb4f67b7bea12ca4d6260cc34aa8f97e7bf30bdf0a32fba316e2cf11f8f37225518d3a1cec9206955ffbe34cb96a7ffb4c8dba2480defa7ae3f5489e799a97c6fa50b85c246af15ee91de185604b55206edc8573124775aff19eddda66", 0x94}, {&(0x7f0000001f80)="2d0d993a5b039bc15838ee108fcecf8d728238e3fd614828959f070872b3d191dbb3a48aacb23ca5349ad71372a20b97e610c39539d7ecdc383789902765cfa42d109bb65f815f944da5568b0a300d5155e2f5a4527a523db90f9f68cf96eb8d4684ba77b19fb4e04e5d4c2d", 0x6c}, {&(0x7f0000002000)="8dfb0ad25cf251c4a1db3c16f79be29915dabf8af7cd09dbfc17abfb475734eb79cc790b266c0b1a3872df0e57d12aa2f39da768ebaf5f5839e39d4787a265e5e02a931d6a45bafc8a44fa9b9967152b8aaeaf64add4ee26925bc6d44b4dadbc0fd4c2b482ec574b90d48d951f8c973a8d3eb933c17b1fcabb94e52fb8a93ce252e6a8d066ac4a33903ca0f98d979e03", 0x90}, {&(0x7f00000020c0)="f5ba3f647ff489c9f84d02082fde692abb6538ea7263dd6bae246ce3b867a87a8a511f18b1679152d53212bf779fcf5bf3731acb76bc2c6075a1098446db103d54a34eba77ab4a44c8929f82752f2fe2f2cf41098fce57906a80ac33b178e42401571f15f785c41535bdfaf05f07b1ab5ba818003d968de7189871acdadcf81ed977cc738a3280be973fae00bc168aefdf318599967cbe410a92a4cd42cd897739f209f34255daf753685308cb616b2d04d284f56906a98f9e997872ab03dc2f51ce91a3d19071e04860d64ea9ef12ebce3df679e3fa776c931c", 0xda}, {&(0x7f00000021c0)="1d043f7380de503a4f39455c7e5281bffbe9aca742f6b3c10d081dafa8541b01dea14d608f07d8ef0ab749644436911d", 0x30}, {&(0x7f0000002200)="b900ec3b0796d658dbf041752e806ca347a8f83e7fd25fc0b7688fecde04f4639e0a301992945cd9f04fcda98571f087b717de0b29", 0x35}, {&(0x7f0000002240)="e5d5ed5ea4b4b895b167eac36969", 0xe}, {&(0x7f0000002280)="2fbee3eea23dc81c4ed3dccbe70745a0fa4f7cc023fa1c07feb9683e8d24cc", 0x1f}], 0x8, &(0x7f0000002340)={0x78, 0x21c, 0xa9, "fb8b3b7c43c0ecbbb4124fb850c2690a4fbfa47ea4e92726a53fb2e42ee32214cd15c3b21e97af7f1c8b6d5c30fc647a6023ff3e9611e525a5b67138d5b764f6bdb95b0900a60eae8b431f5645accd87d8e343706383ae9de29c46d276faa673b3eb511c"}, 0x78}, {&(0x7f00000023c0)={0x27, 0x1, 0x0, 0x1, 0x7f, 0x6, "71bfb7a6490363340452e3cb5a611ccc2e14e28eef13ce635daba4299dfe8503422125340043cf535ff4e044ffc9791dbe2825192afad427798c919a8bb0fc", 0x3e}, 0x60, &(0x7f0000002900)=[{&(0x7f0000002440)="9c7c74f01bce8fae50f0cb6ab7f33242752137edc157cdf92e54384640a952b66a0dde07e3699d856e26176ad0cfe0fafe3067e86b5196aec950d4d111d2d1a706050f815754fd415f02ccc6649b07329cee4119aed4cc19f5e64841b385738d957a49742b03bcb0d73ba065e1f51199375a135e4647bc41cebdb6afcf639e7c8f2e6636e5f8c5e72658b7aa88c66b64c686e4ff87ee728ece6835dc4f343cb00658b894eafb74cf036ed3cd4d63a382b0f0367357e08aa7241b4b0b54973449ea1dc4b93dd85bc28d494a1a94d4154db3ba1a03", 0xd4}, {&(0x7f0000002540)="fd51d908d20d45d0f1c8d521ce1b8a42b5a103843a930898bc7333c5bec563c9656b1bcdeb08dd452834e5b68c8e9db97a50f63d521d53b06518d20e916fcb0349af3d2bd3018e4b0d32b797666d2efb15a12693b8189f69091ff9f9bc0cd8cd3b909e3fa9ff2da8d149ccdaed595bd94ec6a85bfd31ece0b77df363b43610eaaea849c53630aec326615ad230bcec9de967c9c31428bbca1487e4f609982620c3af90a4dff206c12f41a8269499019df24929125c2000", 0xb7}, {&(0x7f0000002600)="caaaaaf6d1b37a", 0x7}, {&(0x7f0000002640)="086df2d0ba236b0589e8ae1418cd804d63", 0x11}, {&(0x7f0000002680)="09c6c90ad72c997a915a70cb03cab2dd03a6af2fcd853c062f5e965421c2b88df2034627c45f4b87e706ad9f8fc7625ced30f62a7d87ffcb9a9997ac7eccb4b984dc19f293ccb19aa7", 0x49}, {&(0x7f0000002700)="0de7c25035ea1b283a1b68b561bc0d69ba90b42dea7a421fb2b8ff5c712099faa18621a5943072332a5e9ddfe5d79e50f9375e39f036d0b51c69af4f2049a169620c78944a4d1ec373d9ca00f255bb9914d178b93a6bd47cd659731dc7b328bbf76432c07c34f1e37f82c6be3a9f73b37d2962f13948994794888ae5cb3ea00f03bd7b72352165ebd97335ab8ee9c6fb74aed200bf60a89091e530af67431dfb232ef2a7cd9f174c02fef412127dc73c75a374246da96585b35db5c70aff16c200e834fede830f3e35dae84a52cdfbd5adf9dc4b155eb90d7515427ed4ec1445238461351c20697c0cbc2532ad3fbe57275533c7237414f5b26cfa", 0xfb}, {&(0x7f0000002800)="ce74fb", 0x3}, {&(0x7f0000002840)="bfdc95aedc8e41809e1669fa49718a450025208f7f1aa510d97d0718bd51c5fd17073ffb5c8b13c2eaba6ab48f769b6e594e4a768359169a30bfe0705e3f074f01c5589fd0a6ab65f024cedbfc6ba534077d13dd88d6a3306c0d23a6a2f116a1ed202261", 0x64}, {&(0x7f00000028c0)="ed6dbdf07bd84a1597d84e4283524a860f6d78", 0x13}], 0x9, &(0x7f00000029c0)={0x98, 0x119, 0x1, "f1d15828a32784912e1b22f8b140713c2d2970faa157a3498c3b96eaedbe7e760f9e1b2c0f0ea924c103cb8312e8a3ba5c43fd6c24669b86c77b95419ffa9e2fd3c32bebbcb34886c27918d65bfaacf9e371dac8b3ba0b8dbe844da776b235c7feff7166234cfc3ce7cb1373de70a02c2350c7c41926edeb8e799ede6080125b1b5032346dfc"}, 0x98, 0x44040}], 0x6, 0x24000054) 21:31:54 executing program 2: pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000200)="66b896b800000f23d80f21f86635800000f00f23f8f4f30f09b871000f00d80f20c06635000000800f22c00f01d1260f01c2f30f016b1d660ff8bc0610b8f4000f00d8", 0x43}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, 0x0, 0xffffffffffffff78, 0x0, 0x0, 0xfffffffffffffd9c) lremovexattr(&(0x7f0000000000)='./file0\x00', 0x0) getsockopt$inet_IP_IPSEC_POLICY(r6, 0x0, 0x10, &(0x7f00000000c0)={{}, {{}, 0x0, @in=@multicast1}}, &(0x7f00000003c0)=0xf) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r7, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r7, 0x29, 0xd2, &(0x7f0000000440)={{0xa, 0x4e23, 0x1, @remote, 0xde0}, {0xa, 0x4e22, 0x0, @mcast1}, 0x0, [0xf84, 0x101, 0x7, 0x4, 0x8, 0x0, 0x633ba518, 0x6]}, 0x5c) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000300)={0x23, 0x33, 0xa, 0x1, 0x5, 0x6, 0x1, 0xca}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r8, 0x407, 0x0) pipe(&(0x7f00000004c0)={0xffffffffffffffff}) vmsplice(r9, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r10, 0x407, 0x0) write(r10, &(0x7f0000000340), 0x41395527) ioctl$KVM_SET_NR_MMU_PAGES(r10, 0xae44, 0x4) ioctl$TIOCSSOFTCAR(r9, 0x541a, &(0x7f0000000340)=0x3) write(r8, &(0x7f0000000340), 0x41395527) bind$bt_l2cap(r8, &(0x7f00000002c0)={0x1f, 0x100, {0xff, 0x3, 0x2, 0x6, 0x2, 0xf8}, 0x4, 0x40}, 0xe) 21:31:54 executing program 3: r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video1\x00', 0x2, 0x0) mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, &(0x7f0000c87000/0x2000)=nil) mmap(&(0x7f000037a000/0x2000)=nil, 0x2000, 0x2000000, 0x12, r0, 0x29ed2000) r1 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x20011, r1, 0x0) r2 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x4000, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1e, 0x1}) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000000)) 21:31:54 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000180)="66b9800000c00f326635008000000f30baf80c66b88879da8a66efbafc0c66ed660f3881ba80a866b9160b00000f3266b93806000066b85400000066ba000000000f302a150f3804969aef0f01c20f84c600bad104b80098ef", 0x59}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x74, 0x0, 0xffffff87) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) ioctl$TIOCSISO7816(r3, 0xc0285443, &(0x7f0000000040)={0x3f, 0x7a, 0x10000, 0x401, 0x2}) mount(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0) arch_prctl$ARCH_GET_CPUID(0x1011) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 199.389266] audit: type=1400 audit(1573248714.652:112): avc: denied { map } for pid=9583 comm="syz-executor.3" path="/dev/video1" dev="devtmpfs" ino=15521 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:v4l_device_t:s0 tclass=chr_file permissive=1 [ 199.415079] audit: type=1400 audit(1573248714.652:113): avc: denied { map } for pid=9583 comm="syz-executor.3" path="/dev/sg0" dev="devtmpfs" ino=15579 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:scsi_generic_device_t:s0 tclass=chr_file permissive=1 21:31:54 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000200)='/d\x83v/loop#\x00', 0x0, 0x382) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = memfd_create(&(0x7f0000000100)='t\bnu\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8c\x00', 0x0) pwritev(r3, &(0x7f0000000340)=[{&(0x7f0000000140)='!', 0x1}], 0x1, 0x81805) ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r3) sendfile(r0, r0, 0x0, 0x24000000) close(0xffffffffffffffff) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x5}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000240)={r6, @in6={{0xa, 0x4e20, 0x4b, @remote, 0x5}}, 0x2, 0x3000, 0xb7, 0xe04, 0x20}, 0x98) 21:31:55 executing program 4: r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ftruncate(r0, 0x8200) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/fib_triestat\x00') recvmmsg(0xffffffffffffffff, &(0x7f00000036c0)=[{{0x0, 0x0, &(0x7f0000001c00)}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) sched_setaffinity(0x0, 0xffad, &(0x7f0000000c40)=0x5) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) chown(&(0x7f00000001c0)='./file0\x00', r3, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="000001000000000000000400000000000000080000000000", @ANYRES32=r4, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=r4, @ANYBLOB="100006000000000020000000000000"], 0x34, 0x0) chdir(&(0x7f0000000340)='./file0\x00') symlink(&(0x7f0000000800)='./file0/file0\x00', &(0x7f00000007c0)='./file0\x00') clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) lstat(&(0x7f0000000600)='./file0/file0\x00', 0x0) preadv(r1, &(0x7f00000017c0), 0x1be, 0x0) r5 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000000180)='befs\x00', 0x8, &(0x7f0000000240)='system.posix_acl_access\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) r7 = dup2(r6, r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r8, r9) setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x1a, &(0x7f0000000380)={0x6, &(0x7f00000002c0)=[{0x7f, 0x2, 0xe3, 0x1f}, {0x2, 0xff, 0x4, 0x1ff}, {0x0, 0x0, 0x7, 0x1}, {0x1, 0xf6, 0x3f, 0x8}, {0x40, 0x4, 0x28}, {0xcd5b}]}, 0x10) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x40010, r5, 0x0) r10 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0) r11 = socket$inet_sctp(0x2, 0x5, 0x84) r12 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r12, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r11, 0x84, 0x14, &(0x7f0000000040)={r13}, 0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r10, 0x84, 0xa, &(0x7f00000003c0)={0x62, 0x4, 0x4, 0x1, 0x7735, 0x4, 0x0, 0x10000, r13}, &(0x7f0000000400)=0x20) mlock(&(0x7f0000006000/0x4000)=nil, 0x4000) 21:31:55 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000000)=0xfffffffd, 0x236) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000100)={0x5, 0x9}) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) socketpair(0x18, 0x1, 0xa, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_sctp(0x2, 0x5, 0x84) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x14, &(0x7f0000000040)={r5}, 0x8) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f00000000c0)={r5, 0xfffb}, 0x8) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a91001c0000221e00e475787f000001e000000100004e2600089078"], 0x0) 21:31:55 executing program 4: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="480000001000450776a3f31e1303604f000000002ef89bd85347e7c736d2db61db8c082b28a0d3ac49621428589066eb698cba5d79180aeb08df1e1b8afc729d462e7e6068ebd9ba7a4cef8df451e9c49ba98b6e2ef2dbc3668ca591b4c92d667cecdb97e1f97ed82898e891e4aa7ccb75c15874e27630f7177cbce316a1edaf46302c236d73d2da5dc4f0712452808670787ea993ca266e3aade74c57d499ca97efc660824b21abeb1cf97d4b2c9205d14f144bdef290ee918161cc04da3a133f30f338f27ed31b2477aa651bf3921d43a843b9e43b25820d117d7c6a6deb30d40c39b697cbd4382760246200922fa8487e6885f0a00853dc87a56d553d423db17d9292a4a5878d69775c26b6128084000000000000000000000000000000cc578ab0ed22236560324b155284b5f07a58cdeda2bd0acb63215e4da2cafa20f78496489759c2cc28bc036dc574d1bbfd0d3f449d860bb31dc989f953309999992490fb192b17f100f98800"/378, @ANYRES32, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x5}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32, @ANYBLOB="00000000ffffffff0000000008000100736671004800020000000000000000000000000000000000000000000000000000000000000000000000000077000000000000000000000000000000000000000000000000000000000000f3"], 0x74}}, 0x0) 21:31:57 executing program 5: r0 = memfd_create(&(0x7f0000000340)='-B\xd5NI\xc5j\xbappp\xf0\b\x84\xa2m\x00:)\x00\xbb\x8d\xac\xacva}knh#\xcb)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8bCc\xad\x89\x9ck\xde\xc5\xe96\xddU\xa9=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93?\x88Q\xf7\xd6\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xab\xb6\xa5$4\xd6\xfe7\x0f\xe7\xd9$\xce \xabN\xae\xc9\xbd\xd3g@\xe1\'s\x0e\x90\xf2\xcdr\xb8(', 0x0) write(r0, &(0x7f0000000240)="b1", 0x1) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x80010, r1, 0x7c995000) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_GET_REMOTE_MNG(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x702, 0x70bd2a, 0x25dfdbff, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r4 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x6) ioctl$sock_inet_SIOCSIFPFLAGS(r4, 0x800448d2, &(0x7f0000000000)={'\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}) 21:31:57 executing program 2: accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002c40)=[{{&(0x7f0000002480)=@hci, 0x80, &(0x7f0000001340)=[{&(0x7f0000002500)=""/209, 0xd1}, {&(0x7f0000002600)=""/66, 0x42}], 0x2, &(0x7f0000002680), 0xffffff23}, 0x5}, {{0x0, 0x0, &(0x7f0000002bc0)=[{&(0x7f00000026c0)=""/205, 0xcd}, {&(0x7f00000027c0)=""/200, 0xc8}, {&(0x7f00000028c0)=""/215, 0xd7}, {&(0x7f00000029c0)=""/21, 0x15}, {&(0x7f0000002a00)=""/107, 0x3a}, {&(0x7f0000002a80)=""/166, 0xa6}, {&(0x7f0000002b40)=""/16, 0x10}, {&(0x7f0000002b80)=""/53, 0x35}], 0x8}, 0x98}], 0x2, 0x0, 0x0) r2 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x400000) ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000240)=0x80000001) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x2000000000000, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffc, 0x18219, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f00000013c0), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x3}, 0x0, 0x10, 0xffffffffffffffff, 0x2) mkdir(&(0x7f0000001380)='./file0\x00', 0x1) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f0000000100)=0x2000000000000074, 0x4) r5 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x40) write$vnet(r5, 0x0, 0x0) ioctl$int_in(r5, 0x800000c004500a, &(0x7f0000000040)=0x10000000006) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000001300)='/dev/ubi_ctrl\x00', 0x400080, 0x0) write$vnet(0xffffffffffffffff, 0x0, 0x0) ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f00000001c0)=0x10000000007) r6 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm-control\x00', 0x200000, 0x0) write$UHID_INPUT(r6, &(0x7f00000002c0)={0x8, "b13e1c20d1764d052a4289a71186ca1abfa7f39eb694f4602948f6585c2842ac42cb2f94b098e98f28cd6128dab4a71d544e96e01e3a9a3548ee5f554c06d963346edb9d133e86fdd31c21e9aaffeb52f7cd63297b1fd0db1845e12bda3ce00f0cca0e6ac9c42a61e687c24c0553b408359c86c7bfd7a30944ac327f982b011258e85ee00f050c38e73199d07b72b225a96ab0fb5a9ea944a233e46cd4c25aaa0fe04bd9b3203f61a06c8f094563ffa0078e50248ce1acebc03c75069eb1cb20ebbe30ec063f9ebc45290dc4f8b56ebb08d32e4df04785fd385029f766a0b96db6a1b6615de63393fe97082c076a7170d2b1c06ce0627d6acae850c2b95f38b079a352f27bf6f5460078b8e597c1d3bdb5cf9e73f42eec5aea224ab44b94e18e812864faeaf770ba7471f99b07d41d573d1d4c3833fb4410ea36d710bfa66ccdb14a1927a678f873b023e82c341a43704adb37242a67b2a46d02ab7aee23cf3030a2f3dd58eece667b6e9393ee8d36649e37e83b1c73c0ef65b4df6173c1c25324fbb9afa1361dc4275f152deb03d7138a688eb9dc66e7845ce1be5647bf740b0e1dd038120ef1e3e1cf420cf8b723bef771376e433935e4f9096a10c4a969aceaac4791c41f365b274dab49bddf51b22a24c05ceaedcbf45febc927e98f410d38247d7679cee7b0d3041eaebd7821924ad31e7c5137bf87ce1ec537a981779f0a4c57bbbb5c641cfd02e1e3904f48b0be96fc9851b6bc8c4260168eea9d9d111e2777f78a9021d5eb0166e39410bf279656770263ca2fb7ac0e30d5e168f8cf4bc5665d057da939b770568e41d0fcec5d6aac0bf4ae66fb099b786cdce7f6a9bc00b83d8ed72440a9724d4ef8af71c7efbc31397930cdcb99d30502ecbcc7ddb9161ade16a1badbd7ea3c6c65b387b46234c4660c816506a2f76264bba07ecb685532116bd971464b58e3ea0a29c2fa1d49d9c6308806db01326e9a1b6bbb556f6479b29f48718e211d75f08d0fb477ad8dae5aeaad7e176b2c5ae331ef78212e9dd7e506549dc74ffd940dc91d74aee2fa7f28855919c163f443804e2a072ad8add2be84df87e414afcab0f8e6f67d3ebb1778a6798d50233da09d29b95c0da97304b7a025e50a7c89e614c63bc69477bfe0e5ae2c468332d134f9e22b19eb2f01c8e8d5148b9b980f8b9aa0cab9ba89aafe16d6a8cf9cb5ae659d8fba88e2841f3d6ac0c44dd9f03787d357fe31a4f551e247bfb73b1f2aa1e208c36aa90dcfc4da8877967c05fe951716ec2293d79c6083e79061bbe18150e2af1d889bb4e87c7735b0e7b88a3109a906d1bd4bf9b98c2462420ecc4e9f3a274a6678bc56e9aa7f3d64677141f874f35d00d04a1dc83126ccd69a0221305a3a5418ec24e163b165c1e4533c38f3d213de4012aece68ed11e2f42325d6da5eef78ee985f81a7991e3d1ff69188059c292779579418ef81177fa94b43cdd0fbf92d31f0fb592a864ddc98ddd5b49ece865e7c7a6c873169d0eea46c1a44f645b1cfa40849ffb9f5355ab396dc1a875180f17103be63be4e7d1920949c59ba5d47341c176ac307e165b9733ac5cd9e9691f5ecd76b467881b78f217d50903a06c57270f4104fd26d496dd7e08c27209185761882923f6447c73d53a74e28132e6bf97ee4f2df9d03be88653a9a7251d8df247f1a75f91f95886ce317e3c125aa7686eec86708fa72c9b33a664e76c0ed891ff9d840ac121ae3f96d32330a14fd76df19c7ae0434e2103d6e9175da0b6cc7a007a0a18615271771434959de305636cf7fbfdd16239bff7dbc656a702ebd48f9a2b1937cca80604ec525d292bb7337459235ad047c6933b6c81bd966ea60ec863de568a9e6d8e0378916f441e0f8b2b74df49b9b24094fd643413469428a537aed19b72bf9381ebab4cd57400ecad1cf1b792e9610910d02f9a779b009840e3f1a1395a87f1e590c33018be80a3f34bbaf49e415ba7d3858b40788cd19211b8cad3789870fb252f8991d64bff9558a67a2316ec2402c2f9c52de42e6389fc90bc4379f7b899b1a943035d64f20b7766edf08fdfa185d00493031f0d3f9ad7dce841f725c5adcba896a76857918a2f54c8aa2e50f71eda35b8fea3732a02c146201ad9f4b65b7caa09e2a73f72aee1ce428a35489038d5cc859fbd48be8da5d088ccab897a248fe418b89b409ab5507af725f077d264abec5b53667ca06aed03815dd537535a3360a50ca3d09c025b5057362c7cb5a4b99c58ac64fe813f4d7f2cafbc3048835ec43fa68170ec7310342134c9b5ec417763db145555cdd37f24b27b0911d172710b74d3c754aac02b24030166cbf2eccfaf1e909b629b7919db1351cd0167e8b6bddc5ce4b7e13cbf0c095f636427d440d058e7637eb117947fc6a60942d10bd455030ee38fc447fd3e6232efba65def558dcff60274e6b2ad62464b4f767bcfec22c681c12bdabf1fedc3946f45c9a34a9169f79ea60a9d190dcf1ce14957382af602dd134b610b269247f38c3d4e233f2fda399dc4cf09139cff9e9c731f8bf940df3cbdf9355f604bd0f3d3b20a6cfc39a7d9ff74f734750187b30c1a970a432bf7e9417cc87d8dea00c4e1885845e1a59bc6a5487687c5bca514e9dcf372bcdc0fe4a47f3e4ac456b1a812e69f88b2a8a964d946cc102ba6f3a7c965df24653c6384d810cf157c8581d4b40e874aded8d227a25fab9889f02698bf52980f048408de4a96226949eba5d1b7f41fce61ae1ff9388e096646ddda4c222f7b9bffc1d3e5b645b6e248637698f6a5be1dc03ff7aa9f418153beeef9b9d67ac5b6fc888e5adf0db41a6d5cac2b600af3b428a1294f4fdb4cf64ccc254c1c7ef71b9be3afceb797fc9504bc3f3dde217687d47cd445c44bea2b16eacae76f16d868b77065b189bd7c4678f3a5fc99b4d020d42972d010b7a6b22de46b434f2d8ec4f567af2d531817ec81ffa36cc27d073a66d2152f1be2a8dce08e98a00f473f22e680cf0ebdcf37936cee60f99eec69503a15d8e36f8d599b535021693fb52f9dc93e315d6e849bd4bf9d05fb25f0b09de91b73ca4edfbfa04d9262d449eab2be542ea30f316384609efc52ed641a9e32d48e4a57c65e8bfa5c13e769d5402a0b125c17360800bf0da8592a75abe647f1d9b1072942947da82e701308b60ecdcfd40d7b6cf44b443493ef0466790547c0a8e5914484969e52cba3787c41df965f91ed7074cd62a63db7e1c35b8f9ac30521295ae7b9c81143926f1dd36aefdfbcd7056b0d4209cabe113a18c58ecc062df687666725707029a8be3ef5721484bd429bab33fceb76c6a0f079da8819d0d9565f5e4ed45eb531f9501b85b619b5323169b0297b7cedcf6f288225dd5e6a7f52c1b96cd38dd94b2f6b8cfc6dbd7862901a5295dca5ecbae72344f41c4a222bd6711831d265b910d547501116bcfbf3c9e104b446175c4c8a4e56445ca22f9363f0f54858a8eb4a1c43103bca578c5b0ee372efd705a950510dbbfa4f74c8ddb4bbc1f07dd410ebb39c01f4da8a0bad2d3d35df3a12a9fa2daf44c8163d59aba8a7351ecc9fe4cd25b987dba700e73d7174307161adf70db0e7a802d7c9ec1b912ee58b0a35c2c6f40f112d70ab5aa708071379280c9ffbceaf0a4ec45c89ac0bf3ef40538302b685e24574da8bde8654e99eff66c9ad5e6beafa0e48e1c293c53d955980346cbc052d15e5d1f3baed388dfaa72ca089af06ae757466a704b93a0ff13cb5c722f0b872432a4fd4513ed56825b13ddd4d8c02eb624c8358199f52679421ab0e1792869f6b4aea523a1079b3138f1ef761c6df102096eff43ddb23ee668b9cc5161433feb318903b58387c3dae2833a8c770e7c6e27c31a1fca07377fbb07f11911be6192f7518a8d089b89826e48b28f5c8a00784bef9b2f68c90838eb2c9fcaeda4bb76782510082c977a7ecdd5743e9da8f088a3b67a25cfb25db4a709b6cbf5425e7efa8c2e472464606d9ccd2fc0f73cd1d51a5aa19d9caba10be2147f8e1ad763ba45693f9f078b0716cf588142be847ca67dc132c5782fed12b7d95c55a9bcfdfb85cb48698a45621cc2f1c85559617ece7def71486290b0cf8e987e8788e1a13f17e3f24b93ed2009ebe42e3bea9571f98b39b787c107dcada3a36fa1fe93736e74ec34af80a182cf0adf2846577f1d474c9ff1b4b8a2cfe6a2d445029ca77088b9c84be63655d48cbc5f61b18d7cda0d141f2db6bc3c479aa6ca19638e2c37da38768eb8820e5679345d2abe8033318eb952e297e17dacaaee3df7ef1d6cd554e9b1b453c44e3d4e030e25c5f9ed094100f6d9b1dc5dab371436ab252cc4d7fdf8fe4b7f36ab71f2bbe3878217b151664c3b9ae970e473ae164d77f294ca8ad58634ea446880e8327fc7af2a088e39508443a601eaa00742a7d0ad459dcac24a60edcfa6ac9f72f428c2b8dd30b8278e28f25a1a129d23cacd765de4c4aa52819578951bb8e311e8621f627e3463e2562b6dbc8d1c431c240f1424599438b9c94723f79ffd1fa1bc94104e4598bd43244302f86ddbe47ad8671e25f406aa507ba45bdba09841827a697cece002f79ec7cf14488789d754f84818d180bd04a11cb2115441a402bea2be749ef233bcd26ca27df828ada877a893e54ea3e6ea29e62d6e7693af7cbee59ccdb4045d0e6eeec3d8f59205f324a5f7cf5f871929c83ada04bc5d3990288dca5eb312339933ffb1031e05866e1b2d0aad0ca940795458b7d6c8a3750a76e1e6c8ccd48ca542d6c51164431d70c9d35f0f828cdec404a175a44bc2a9651ec5281c0f3aee9e4375f0eb139f58fa4419fddf9ebe2f8f37121a57397e7e830ac097ed375521a68f7cdc471621b769fef40cd19d8d55a82e27bf5b0cc4182359db7c9066e2ee10df279a89e96fcfea225995f065f7f286b8c8ef9b6c82a34df14dda2f737f557578ce5b15944e3149110102d80465c1b436b6bbb16fdc64a9d130ec7644bc162f0e2c5669a9254970a062561e269d85b72b4748d71d88ca20778287bc3b9613043166862f133f366f6361b9e1d040bbcd9728a70fcf3be7ea8fe0f55980ed03f336ec49f7cb6899813acf47d3b2413e7b637b764fcb9003ece75f8a255b9cdc71f80dbbaa7eaa2111b5551feeb7ea31620a2c88897538915abedcd184d57c79d81505985f561820449c330bc3412bffb68c4c743c5a5a3acafcf00d7561a66f70e5835da530ba62f221211e1fefdc1fbc8c05b1b68b7eb2afac6ebbbc0b961b8ef8b27b555ce7641f6601ac19d5f4adb06b40155a2085ff32de5b2c5edd96a01a14d1bb49b58f1fd718bec428043819b8070e46f0215d2153318320754638d9b40a5214784e7c1f80dde05500cfe8e4dff855504e099634fb3d44829453cf4ac8db7e5a4144f96d4508de90ada04240637fd5b261cfbb80c8d9ccdea6c1d3485a85663cff9749133002c7f9c6ea4de1b50fe90dae397f6b5833e943e6c5f60e10d805e97e6869488b857b44d8c94276f668257c223e2e26dff75222d3f304f8a040ce058e1b7b3bc5f0b69c310beea64212ef0a54bc9fb858c25681cee574c532b64d4f8241e0b855f7f79d0a1ea22fc3d9ad5a1658b5c4d9d417e9eae47c81628341172609a8ef8c72fb6e4e48da6a10207e56b727f65c82d49e2dbb44b492e1265c2b28f98980334ccc3abb0cfd15d73c2f38f4c824022aa7a0ac0b7d35eea934d3455d21e8c710474e54bdf29be107ebc00", 0xa943708f26830065}, 0xe61) r7 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/\x85sp#\x00', 0x5, 0x400042) write$vnet(r7, 0x0, 0x0) write$UHID_INPUT(r7, &(0x7f00000002c0)={0x8, "b13e1c20d1764d052a4289a71186ca1abfa7f39eb694f4602948f6585c2842ac42cb2f94b098e98f28cd6128dab4a71d544e96e01e3a9a3548ee5f554c06d963346edb9d133e86fdd31c21e9aaffeb52f7cd63297b1fd0db1845e12bda3ce00f0cca0e6ac9c42a61e687c24c0553b408359c86c7bfd7a30944ac327f982b011258e85ee00f050c38e73199d07b72b225a96ab0fb5a9ea944a233e46cd4c25aaa0fe04bd9b3203f61a06c8f094563ffa0078e50248ce1acebc03c75069eb1cb20ebbe30ec063f9ebc45290dc4f8b56ebb08d32e4df04785fd385029f766a0b96db6a1b6615de63393fe97082c076a7170d2b1c06ce0627d6acae850c2b95f38b079a352f27bf6f5460078b8e597c1d3bdb5cf9e73f42eec5aea224ab44b94e18e812864faeaf770ba7471f99b07d41d573d1d4c3833fb4410ea36d710bfa66ccdb14a1927a678f873b023e82c341a43704adb37242a67b2a46d02ab7aee23cf3030a2f3dd58eece667b6e9393ee8d36649e37e83b1c73c0ef65b4df6173c1c25324fbb9afa1361dc4275f152deb03d7138a688eb9dc66e7845ce1be5647bf740b0e1dd038120ef1e3e1cf420cf8b723bef771376e433935e4f9096a10c4a969aceaac4791c41f365b274dab49bddf51b22a24c05ceaedcbf45febc927e98f410d38247d7679cee7b0d3041eaebd7821924ad31e7c5137bf87ce1ec537a981779f0a4c57bbbb5c641cfd02e1e3904f48b0be96fc9851b6bc8c4260168eea9d9d111e2777f78a9021d5eb0166e39410bf279656770263ca2fb7ac0e30d5e168f8cf4bc5665d057da939b770568e41d0fcec5d6aac0bf4ae66fb099b786cdce7f6a9bc00b83d8ed72440a9724d4ef8af71c7efbc31397930cdcb99d30502ecbcc7ddb9161ade16a1badbd7ea3c6c65b387b46234c4660c816506a2f76264bba07ecb685532116bd971464b58e3ea0a29c2fa1d49d9c6308806db01326e9a1b6bbb556f6479b29f48718e211d75f08d0fb477ad8dae5aeaad7e176b2c5ae331ef78212e9dd7e506549dc74ffd940dc91d74aee2fa7f28855919c163f443804e2a072ad8add2be84df87e414afcab0f8e6f67d3ebb1778a6798d50233da09d29b95c0da97304b7a025e50a7c89e614c63bc69477bfe0e5ae2c468332d134f9e22b19eb2f01c8e8d5148b9b980f8b9aa0cab9ba89aafe16d6a8cf9cb5ae659d8fba88e2841f3d6ac0c44dd9f03787d357fe31a4f551e247bfb73b1f2aa1e208c36aa90dcfc4da8877967c05fe951716ec2293d79c6083e79061bbe18150e2af1d889bb4e87c7735b0e7b88a3109a906d1bd4bf9b98c2462420ecc4e9f3a274a6678bc56e9aa7f3d64677141f874f35d00d04a1dc83126ccd69a0221305a3a5418ec24e163b165c1e4533c38f3d213de4012aece68ed11e2f42325d6da5eef78ee985f81a7991e3d1ff69188059c292779579418ef81177fa94b43cdd0fbf92d31f0fb592a864ddc98ddd5b49ece865e7c7a6c873169d0eea46c1a44f645b1cfa40849ffb9f5355ab396dc1a875180f17103be63be4e7d1920949c59ba5d47341c176ac307e165b9733ac5cd9e9691f5ecd76b467881b78f217d50903a06c57270f4104fd26d496dd7e08c27209185761882923f6447c73d53a74e28132e6bf97ee4f2df9d03be88653a9a7251d8df247f1a75f91f95886ce317e3c225aa7686eec86708fa72c9b33a664e76c0ed891ff9d840ac121ae3f96d32330a14fd76df19c7ae0434e2103d6e9175da0b6cc7a007a0a18615271771434959de305636cf7fbfdd16239bff7dbc656a702ebd48f9a2b1937cca80604ec525d292bb7337459235ad047c6933b6c81bd966ea60ec863de568a9e6d8e0378916f441e0f8b2b74df49b9b24094fd643413469428a537aed19b72bf9381ebab4cd57400ecad1cf1b792e9610910d02f9a779b009840e3f1a1395a87f1e590c33018be80a3f34bbaf49e415ba7d3858b40788cd19211b8cad3789870fb252f8991d64bff9558a67a2316ec2402c2f9c52de42e6389fc90bc4379f7b899b1a943035d64f20b7766edf08fdfa185d00493031f0d3f9ad7dce841f725c5adcba896a76857918a2f54c8aa2e50f71eda35b8fea3732a02c146201ad9f4b65b7caa09e2a73f72aee1ce428a35489038d5cc859fbd48be8da5d088ccab897a248fe418b89b409ab5507af725f077d264abec5b53667ca06aed03815dd537535a3360a50ca3d09c025b5057362c7cb5a4b99c58ac64fe813f4d7f2cafbc3048835ec43fa68170ec7310342134c9b5ec417763db145555cdd37f24b27b0911d172710b74d3c754aac02b24030166cbf2eccfaf1e909b629b7919db1351cd0167e8b6bddc5ce4b7e13cbf0c095f636427d440d058e7637eb117947fc6a60942d10bd455030ee38fc447fd3e6232efba65def558dcff60274e6b2ad62464b4f767bcfec22c681c12bdabf1fedc3946f45c9a34a9169f79ea60a9d190dcf1ce14957382af602dd134b610b269247f38c3d4e233f2fda399dc4cf09139cff9e9c731f8bf940df3cbdf9355f604bd0f3d3b20a6cfc39a7d9ff74f734750187b30c1a970a432bf7e9417cc87d8dea00c4e1885845e1a59bc6a5487687c5bca514e9dcf372bcdc0fe4a47f3e4ac456b1a812e69f88b2a8a964d946cc102ba6f3a7c965df24653c6384d810cf157c8581d4b40e874aded8d227a25fab9889f02698bf52980f048408de4a96226949eba5d1b7f41fce61ae1ff9388e096646ddda4c222f7b9bffc1d3e5b645b6e248637698f6a5be1dc03ff7aa9f418153beeef9b9d67ac5b6fc888e5adf0db41a6d5cac2b600af3b428a1294f4fdb4cf64ccc254c1c7ef71b9be3afceb797fc9504bc3f3dde217687d47cd445c44bea2b16eacae76f16d868b77065b189bd7c4678f3a5fc99b4d020d42972d010b7a6b22de46b434f2d8ec4f567af2d531817ec81ffa36cc27d073a66d2152f1be2a8dce08e98a00f473f22e680cf0ebdcf37936cee60f99eec69503a15d8e36f8d599b535021693fb52f9dc93e315d6e849bd4bf9d05fb25f0b09de91b73ca4edfbfa04d9262d449eab2be542ea30f316384609efc52ed641a9e32d48e4a57c65e8bfa5c13e769d5402a0b125c17360800bf0da8592a75abe647f1d9b1072942947da82e701308b60ecdcfd40d7b6cf44b443493ef0466790547c0a8e5914484969e52cba3787c41df965f91ed7074cd62a63db7e1c35b8f9ac30521295ae7b9c81143926f1dd36aefdfbcd7056b0d4209cabe113a18c58ecc062df687666725707029a8be3ef5721484bd429bab33fceb76c6a0f079da8819d0d9565f5e4ed45eb531f9501b85b619b5323169b0297b7cedcf6f288225dd5e6a7f52c1b96cd38dd94b2f6b8cfc6dbd7862901a5295dca5ecbae72344f41c4a222bd6711831d265b910d547501116bcfbf3c9e104b446175c4c8a4e56445ca22f9363f0f54858a8eb4a1c43103bca578c5b0ee372efd705a950510dbbfa4f74c8ddb4bbc1f07dd410ebb39c01f4da8a0bad2d3d35df3a12a9fa2daf44c8163d59aba8a7351ecc9fe4cd25b987dba700e73d7174307161adf70db0e7a802d7c9ec1b912ee58b0a35c2c6f40f112d70ab5aa708071379280c9ffbceaf0a4ec45c89ac0bf3ef40538302b685e24574da8bde8654e99eff66c9ad5e6beafa0e48e1c293c53d955980346cbc052d15e5d1f3baed388dfaa72ca089af06ae757466a704b93a0ff13cb5c722f0b872432a4fd4513ed56825b13ddd4d8c02eb624c8358199f52679421ab0e1792869f6b4aea523a1079b3138f1ef761c6df102096eff43ddb23ee668b9cc5161433feb318903b58387c3dae2833a8c770e7c6e27c31a1fca07377fbb07f11911be6192f7518a8d089b89826e48b28f5c8a00784bef9b2f68c90838eb2c9fcaeda4bb76782510082c977a7ecdd5743e9da8f088a3b67a25cfb25db4a709b6cbf5425e7efa8c2e472464606d9ccd2fc0f73cd1d51a5aa19d9caba10be2147f8e1ad763ba45693f9f078b0716cf588142be847ca67dc132c5782fed12b7d95c55a9bcfdfb85cb48698a45621cc2f1c85559617ece7def71486290b0cf8e987e8788e1a13f17e3f24b93ed2009ebe42e3bea9571f98b39b787c107dcada3a36fa1fe93736e74ec34af80a182cf0adf2846577f1d474c9ff1b4b8a2cfe6a2d445029ca77088b9c84be63655d48cbc5f61b18d7cda0d141f2db6bc3c479aa6ca19638e2c37da38768eb8820e5679345d2abe8033318eb952e297e17dacaaee3df7ef1d6cd554e9b1b453c44e3d4e030e25c5f9ed094100f6d9b1dc5dab371436ab252cc4d7fdf8fe4b7f36ab71f2bbe3878217b151664c3b9ae970e473ae164d77f294ca8ad58634ea446880e8327fc7af2a088e39508443a601eaa00742a7d0ad459dcac24a60edcfa6ac9f72f428c2b8dd30b8278e28f25a1a129d23cacd765de4c4aa52819578951bb8e311e8621f627e3463e2562b6dbc8d1c431c240f1424599438b9c94723f79ffd1fa1bc94104e4598bd43244302f86ddbe47ad8671e25f406aa507ba45bdba09841827a697cece002f79ec7cf14488789d754f84818d180bd04a11cb2115441a402bea2be749ef233bcd26ca27df828ada877a893e54ea3e6ea29e62d6e7693af7cbee59ccdb4045d0e6eeec3d8f59205f324a5f7cf5f871929c83ada04bc5d3990288dca5eb312339933ffb1031e05866e1b2d0aad0ca940795458b7d6c8a3750a76e1e6c8ccd48ca542d6c51164431d70c9d35f0f828cdec404a175a44bc2a9651ec5281c0f3aee9e4375f0eb139f58fa4419fddf9ebe2f8f37121a57397e7e830ac097ed375521a68f7cdc471621b769fef40cd19d8d55a82e27bf5b0cc4182359db7c9066e2ee10df279a89e96fcfea225995f065f7f286b8c8ef9b6c82a34df14dda2f737f557578ce5b15944e3149110102d80465c1b436b6bbb16fdc64a9d130ec7644bc162f0e2c5669a9254970a062561e269d85b72b4748d71d88ca20778287bc3b9613043166862f133f366f6361b9e1d040bbcd9728a70fcf3be7ea8fe0f55980ed03f336ec49f7cb6899813acf47d3b2413e7b637b764fcb9003ece75f8a255b9cdc71f80dbbaa7eaa2111b5551feeb7ea31620a2c88897538915abedcd184d57c79d81505985f561820449c330bc3412bffb68c4c743c5a5a3acafcf00d7561a66f70e5835da530ba62f221211e1fefdc1fbc8c05b1b68b7eb2afac6ebbbc0b961b8ef8b27b555ce7641f6601ac19d5f4adb06b40155a2085ff32de5b2c5edd96a01a14d1bb49b58f1fd718bec428043819b8070e46f0215d2153318320754638d9b40a5214784e7c1f80dde05500cfe8e4dff855504e099634fb3d44829453cf4ac8db7e5a4144f96d4508de90ada04240637fd5b261cfbb80c8d9ccdea6c1d3485a85663cff9749133002c7f9c6ea4de1b50fe90dae397f6b5833e943e6c5f60e10d805e97e6869488b857b44d8c94276f668257c223e2e26dff75222d3f304f8a040ce058e1b7b3bc5f0b69c310beea64212ef0a54bc9fb858c25681cee574c532b64d4f8241e0b855f7f79d0a1ea22fc3d9ad5a1658b5c4d9d417e9eae47c81628341172609a8ef8c72fb6e4e48da6a10207e56b727f65c82d49e2dbb44b492e1265c2b28f98980334ccc3abb0cfd15d73c2f38f4c824022aa7a0ac0b7d35eea934d3455d21e8c710474e54bdf29be107ebc00", 0x1000}, 0x1006) r8 = syz_open_dev$dspn(0x0, 0x1, 0x2) write$vnet(r8, 0x0, 0x0) ioctl$int_in(r8, 0x800000c004500a, &(0x7f0000000040)=0x10000000006) ioctl$int_in(0xffffffffffffffff, 0x800000c004500a, &(0x7f0000000040)=0x10000000006) r9 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x1, 0x2) write$vnet(r9, 0x0, 0x0) ioctl$int_in(r9, 0x800000c004500a, 0x0) ioctl$sock_inet6_SIOCSIFDSTADDR(r5, 0x8918, &(0x7f0000000440)={@remote, 0x4f}) sendto$inet(0xffffffffffffffff, &(0x7f0000000640)="3232ce2774e7a3797748648df71c7b4542839e347be35844e42ad67454cd5e140e0ab73493d6b6921681e5536dbc0f30", 0x30, 0x0, 0x0, 0x0) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, 0x0) 21:31:57 executing program 4: syz_emit_ethernet(0xae, &(0x7f0000000080)=ANY=[@ANYBLOB="0143c3ab8c767a193889030086dd6066605100783afffe88a000000000000000000000000001ff0200000001000007080042662f745f7d33ab03040000000000001803000005000001ff0100000000000000000000000000000000000000000000c2040000000005020000c20400000000c2040000000004016105020000c204001000000000000000000204010000000057c0a5371a1f21bbfc864faa0800e7df00"/174], 0x0) 21:31:57 executing program 3: r0 = open(&(0x7f00000001c0)='./file0\x00', 0x80040, 0x0) fcntl$setlease(r0, 0x400, 0x0) rt_sigprocmask(0x0, &(0x7f0000da1000)={0xfffffffffffffffe}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00000000c0)={0xfffffffffffffffd}, 0x0, 0x0, 0x8) truncate(&(0x7f0000000080)='./file0\x00', 0x0) r1 = socket(0x10, 0x3, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$VIDIOC_QUERYCAP(r2, 0x80685600, &(0x7f0000000000)) r3 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') sendfile(r1, r3, 0x0, 0x1000000000e6) 21:31:57 executing program 1: open(&(0x7f0000000100)='./file0\x00', 0x204c2, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x104026, &(0x7f0000000080)={[{@debug_want_extra_isize={'debug_want_extra_isize'}}]}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) listen(r0, 0x5c) 21:31:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x4}, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)={0x14, r3, 0xd01cb83f3faa9aff}, 0x14}}, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x6002121}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="b04725bd7000fedb8c3152aaae2ed4dbdf2501000000080004001b000000"], 0x24}, 0x1, 0x0, 0x0, 0xf7764c565d52a204}, 0x8) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:31:57 executing program 4: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000002180)=0xfc, 0x3c3) r2 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000340)=0x1c, 0x0) recvfrom$inet6(r2, &(0x7f00000003c0)=""/215, 0xd7, 0x10, &(0x7f00000004c0)={0xa, 0x4e21, 0xfb61, @loopback, 0x8}, 0x1c) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r4 = add_key$user(&(0x7f00000001c0)='user\x00', 0x0, &(0x7f0000000280)="e086803f3fefcb537b59b65105daafa659975b7a05b7dce0ad98699c285053c3e2bd48f363c4fa0ba003ab4f5af3b0f5b503c1e5ad12d60e18123288f8a27160734ae1e12e0824f9c2b2bf4b79ff0955c8f7d8cf2ad8249b29b85abc8b0d9100f051d1bb98630ca9", 0x68, 0x0) r5 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r6 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, r5) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f0000000040)='asymmetric\x00', 0x0) add_key$user(0x0, &(0x7f0000000600)={'syz', 0x1}, &(0x7f0000000640), 0x0, r6) keyctl$instantiate(0xc, r4, &(0x7f0000000500)=ANY=[@ANYBLOB="13563a44d5b14d8b354afdcd38757064797074667320747275737465643a2ff565762f7377726164696fe587c2"], 0x27, r6) syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000240)={0x7, 0x8}, 0x10) bind$packet(r0, &(0x7f0000000100)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendto$inet6(r0, &(0x7f0000000080)="030462006c00600000000000fff57b016d2763bd56373780398d537500e50602591f031ee616d5c0184374a7ffe4ec55e0654786a70100935ba514d40808efa000801600002fd08d49a47eff71bc4131fe4c1f99bf00a900000008d1843e770afd6e9ef5837dbd0000000053", 0x306c, 0x4000002, 0x0, 0x2ff) bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e23, 0x9, @rand_addr="4ed7bc2dabea8a8290cb28935983214f", 0x3}, 0x1c) 21:31:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req={0x101, 0x3ff, 0x2bc7, 0xff}, 0x10) syz_emit_ethernet(0x32, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaa2a9100360081000090787f000001e000000900004e2600089078c8beafbfcc2d3b2c9016bf8b58629681ab4c3119"], 0x0) [ 201.926867] kauditd_printk_skb: 1 callbacks suppressed [ 201.926877] audit: type=1400 audit(1573248717.182:115): avc: denied { map } for pid=9626 comm="syz-executor.5" path="pipe:[38250]" dev="pipefs" ino=38250 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=fifo_file permissive=1 21:31:57 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x4}, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)={0x14, r3, 0xd01cb83f3faa9aff}, 0x14}}, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x6002121}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="b04725bd7000fedb8c3152aaae2ed4dbdf2501000000080004001b000000"], 0x24}, 0x1, 0x0, 0x0, 0xf7764c565d52a204}, 0x8) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:31:57 executing program 4: sched_setattr(0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000015000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, &(0x7f0000000040)="baa000ec3e3e3e0f2b75ee65f30f008f6300a6aff4660f3a62227d0f20e06635000040000f22e0260f0350000f01cf", 0x2f}], 0x1, 0x0, 0x0, 0x238) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$nbd(0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) semget(0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c8]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000280)={0x0, 0xba8e}) ioctl$KVM_RUN(r2, 0xae80, 0x0) add_key$user(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$revoke(0x3, 0x0) r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fallocate(0xffffffffffffffff, 0x10, 0x0, 0x2000002) recvfrom$packet(r3, &(0x7f0000000100)=""/36, 0x24, 0x0, 0x0, 0x0) read$alg(r3, 0x0, 0x0) chmod(&(0x7f0000000080)='./file0\x00', 0x40) r4 = open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) write$UHID_INPUT(r4, &(0x7f0000000c80)={0x8, "5f5539ae7383df635d7eb9f00cde999ef4e1d4fbae589edcbcd64ae9781d89f20a7c347bd734db9d80a3e9ee0d0f04fe5305dacf9e656dc623d0d8abb05b81ebf7fa83533ebfe364612ee7d5571be6e3af5eccf0e26370ff66a26e95f4b7b1206b9d9a70fe612b356ec5074716b0e71eb9f60ac1c5e653c9a7de0de9a5f8c8047f77ece27201fc36e2ca04338864356e123b3b96be97afa5d6698e6f08a657f7ad07b42df05dfca83247581434b575e2d4419e52f1103e9e3ddc440a98f9caeace71f8affb3cfc62e4b428403787ff063d2923a50c0410f191c7923b77c51fea54cc7f2b8adcd2a5e1f53495c168736a160f28435b70f6e40df8523c2deaef8b70f13bc408d1d6eb05dbcae35f0c12cb00b8d589c0dda912acf9315852e1cbb85857f9421cd623fc5046448db22eec3c07358c4778c73a2495bf3452b18d8e904ed88ae250a99edb20b78fc923ccc841847a4f6d514320309afe2f0a075e50096c7a8cd4da2d88791d01a10cea10a97d32e8bb05a5e2bf52be5fffa3fb26953a0fadac598644cf0297d01d5c1ed9f2123ba789fa650b0d140a478903cc23a5b5c2a2a52f19bdd40039ac0291f648f1f991e272c52669f7843e73b3be22103fe0a88d5d405b9ecea5d602be0b5466d18d8a971b69a8e80e48621103a6bc6ee3a7b70b199005241779f22fa2cc159988eaf2d53c858ec06ab56acc232b587ffee3a5cb29f5641b2189fb1617d1a652e42511fe2e447a2636f18ceabc261126200193eb9f309f80aa204a93883bf6fb247ade866685f300295f8735e18d1d81365dbd2bddfa1779c59effed803bbe0a68302b1ab0f0d00892138ad24d52d653d92897bd28c2f031a77eae54ef3ce9a1fc44ea41763b2d780a454f68ea1a297302b4fa6664923a818040f5a74e0db3ff24e940e97d4abff40af2d36f7bceb8a0c5e90dbefbc8ba496f6e42f11ce11fb20655138f9387938abc3aa3a742f749a8695d972c537127519f654945bac96f0a2ef9d6b24f2226ae677684e3eb63041d6b5105777a8e6aa41ff11366448c0af1ddf5e3f2a1d828b4c9ede3809eab736c9035f2a7032ce38b699dfdc3e158e1ce62d325441e1b05a3ba5f663f20b0cb703cb2960aad298177881aa6b52bf4ae112c5d2bb691ac34b0723be7ddcfff0015e578475db1f062c5a50b54bbcba2f591eb4d6de66f386b0d5dd3975229ad25ae95d82266dfb9c1a6f497ef54b6ac5ee81edae16c47e89f9a435377dfac411db459559ce483921251745b8b94f69d4815b009ea86aedc5a75a516ff2afaff9a418f73c2cacbcdf45dd02ba962399f9b81e149635c2b4c0bda790a6d72fc243f6fbc73d0a0636db51c03d93b44b42c07f2269b465231f953e6a45dc549e9b5ef05443da7820cd667f5b0ff47a13f0a3df630a6f98f72e09978b829389d6a11afb0a7a0988822bb95fcb50399e51295f464662118646d2996da0fa710b082036820ae0a60828479bad4489061244b74179cfec74ab273551190c0eb2ca95be86391b8e469454796d04b29646b8aaae49889ffd84e83e33fb0cd7b10d778e72422f474911897dbd4548d9658e9af23cfff0ad4a7d750ab59e0f8988082ab7ac8d27eeab1c5809de6694aba8ee6ff1ba23d422f38dc026a77933cb0fc916d22131f7f736e35c881c5551f13a5037f65b9090372bb8e73bb9cd686715afef6b40ff275a978078c1e1c7db358285e5caee5c53cb4a7b446db91e5c0615342265edd9f09a72002aae56c7ad4269a0513569db514ee852724cdcccb72e8836fc270f7aa03e03e65f4572c2909e6fb1b557e89c3b505ba2f2b10b545513758abdbdc5b3e5ec1fe4d6bd5947b354058eccb79f10e971a85bdafa5aa27224acc734d884f9282ed033fc540defa3181d451713565d940879cd70a1d704b9a390de509351d5129bff18051b0c7ca196a78d3b8d0c8f384c79ad637b2e1770fecfc980960ef403cbc6bb284792cd169133f35aea028d9ffdc1668572dd197db86a26cb6fe1bb822bb76968ef2cd3c384704b75d0f17a50bcce054a400edd3b2f2abf72d2d8a679fdc94216d2d7d43ca1e60aeb5a313f8104f8ae54e75beb6c106cf080b9ecc9a1f91508b37d9ede25a1bede738c3a7f3501391a7b1863fe120ea26c4ff13f1de4588b150f3f2c12a9b9d92e6a8610c788c4d449a91416307a313536e1779bef88028d65a9398c5d1492b729d5f08e34e64fa07507f64297a1f9305a2d68169f653d5c107c9860ca0d822916eb357c646c229e792b1a5da56b35ab971bb82e41581e11f24f9c6b26c019dd2f2f89f2a82b74bd856ed7b46a2d9c07b2856bc39e9a28f271c5bb06db5bfa04d21e37e778b3e03071d25da8bbc91543fe8909603ba92e3455cb0edfe1dc040f12c169a97a5b8fb09f97acda29ab8491e7c9f81320b1a9de5773078557a6a0bdc5a1bfd2d953c47b3e5ccc70d76dc4ba10c297d7591e2c2150b8235de09714fedcf23aedb0ec9586e52f6af6c299256ad5a0a4ce22666be48592977dc5ff5c5eea529b81df4510016240b8fc8489bf59c899bb75481220554d0b9aebf1660cb72b01dfc3ffaac27dc1d36247e86339c6d99fc3ca8edf585fdb236ecdffda1b99819f873367ee5d8fde5d596517f895c9154deab01ca26008edbeadecfe33cae750ff044469a1b3b104b35af0c04a35a48aecf54dd8844b598432b81f67ce232ad46a247cad103274cd7c206d890008b149aaa3310f9794243cc5e04d4bd3e66a5b01ef67044412eba507a20399856cd26fb6233ebc064aa7b5ba94198bc05301dd74d6875b6d3b4731c2a11f0656767a3e6ba0a3d6951a7f9385ff99876891b8150ac5257756ef92a6c3854ccba8f13bca3cd3e66fdc93feefc44c3eba570970e0a6921f1eef24713ed5a174b8e52a0bc1bd3b420bdd0e521835289d29267fca4512caeaf64d1adeba2457864801d30d37e4eea965f8cfdb314f62307d8a12084a65da330f800862cae3876cdffe8c77d982ce9527b069628f0d796c0ec1c1b423ab6eb248e176a9b201d4de572f7901d8d88ae3dc6c3f196a4e3fb81552f16f7a7b7b3a242824b0618a855fc150fe8d484c80b3e1ea6c42f165dcfa7b0b292f9c7f27179d32260d4f472385a8818f7d76133030cf1256153b4162c8c3a3629c01e9b8cb5a30b3d0068d7f0e3727d8159739386511746fad1cfcc98c7af05b489876432957c6d59c51f12ebb62acac90311e6b00cea58b355db5a36718dfb8140d23e64e41ef9d33969cae75ea3ef8f14ad8c9b2d0c8bd7bf4366b091b5992ffbd71800495c0484cbee4b5fffaede0808cdcfa2409227e6b96dd82481d6d00bfff72c29f860b7fa4fa9c3634d9a2e4f7a8ef240c997b749e0562514d5c2c5d66da75149dea37b1cbb347fa0df5be2b9a5ddf20a6d47936b3b55cedc64453e69413a89c8a9eaeda00fccc96281b4f29db0f3e45fa098c77ffe3c0488529ecfa801cdf7fe8a23f6a3aa04acaf4e300c44e6d873f43b9fd4b13cbed2411c97378e07c7a6799d272d36ac8964233130947ed88f727915fa58a4812ceacd6cc6a52bc7fcba5e57543e93d293d5a428c73b194f33ba752b0ebeb0262423e7a8f490707a220857f44e191304cffb93cfc75b217ca306292549c8742fe3aa62a464d40c666115015201c0fef3e9555615f91c3d15b6e1556a9b04febc2ae7e3d689ca5f58b51f2717ae8c5153f2c2a4df11ea8cafcc369327c2a0a6f7946daf09be323d59e4b0e42ebcdeca373a6d70a3286382f1405b7107af899da00dbd52324657870bd18ca26f3ef47e0e81cd335c827512e88f24202836e7a1b505f0d03a23d577430d971458a11ff42e36b2d2883b664d402eb7497a90ba1f94829b6d9c6b4c4f7e9dc49882520a6fd2590cb8b41328541b9076e43f6019c3da9084e57960478c268f4215bb98455fbd2981e7e37caf7aaf9008f87cfe196da930637c55da5a34e142a433494e6f92a5985d7e6fc0ec68d2ad25144919af6dc81afc88cd05f01b401730bccc3086c9dd06d38ed522e52e7ffae7671898fb91cec0821c061aaea6c47ae877d2d7f5ca1ecf159e0ea152ce713f652c116f62e12cad293331db922a5fed311ab22096d90fc17ccc53f84d46eae680def0b9949e0d9debff263d575e590941a5ce0b33548beb6dbc01104f6054da73cc349625adece6a54e092d8d740915b91d81df30374a78693d6b69724f05354d61ac0febff4a544b88954d11d3f4927895edf6ad755313227ac87f24f12d70a831df16bd45c4a03570fdf27d698fa5581fce2d002890a3f2059a6bfdf77f0aeee3ad8318449bc1b2d486b225b148a78e921c73a2c37256dfb1ad611e410d5436e0d31d00ab5177da7915a74ef3307927c23c764f5cf62c3e2db86284c9abb39045b625d507f5c8d440557b4dad2a39593fbb572cce25a364aae44134fdd97ef0148690881bee42b6bd929f12cdf07996597a2a8366b12841f8fb8dfc0ece651756637b95c6bdb92320302805b4a700e7d3dfb0b8878862f400f8437a6c153b5fab40d30af07e73cf4345cb6fa81574018a7bc0e8789fae8b8560f4b93d413fa8e0e0218527ccb82873fc9da6cc34b6197c1d8bd9223ab7c4efb1f8cf021450037f4576934d83116655c120062fc3b912176fd395ccc792d492f2730465f8b4c68155b6ceb52e80742d2970e24004171f4685cd78467a4e943a0fecff66dffff10922d69236460dc37c1df9b19dded1ecb932dd8dd2045d2f8e8d3dfb6a83a65d6623553a2aed7a12b78effeeaa58eec84cdefc84923177afb7bd04f6fc3d3332d63ed5c5d6fe8820b9853e7615407eb23962f5232db44bc0267e7f07e47b158de0732a974b80aeb00ffeeca83d26fe21e487ea4472cd9048f942155784af8f68006cdb4286480a7ffa1ba6e93fe7fdb33283359d28bf9311dee59899e0e77aa113fadda21526c8e2bd60f21e182b735a5b0177fb95e948857c6c4ae391b2b4950a35b129e7bf25b7eb2c0857290c55f5d28b78ca1f39f0cd676610805b0a378647ae958182b26de1ddbf80e80d7ab1d2476086ed192e98bee0969bc0e8765278cb5570ccc29ac6d7298821bff4f85895deffcf4ce54a69878cfb41eade0d8703cbcff02352733ace2d800ba68b0fdcc52b94247ecacddf80ad228cf76eb547d276d0f6402054e34c3569e2b53ea3cbc54e49e099372cde3acd1ba47f836a765f855763a175a58ec4d6cecc72375da2d8c956c2868e77bfdb697182b554f0b743d7095cf13a3ba1d19e7590c281bd09ce235898a9682aacb5633b4fa4c3bdd71139c20c518b6a7651a47df7658a5a7ed41b3e7e43543d68c1dd4a5d01ec7e42cabdd6963db84f0d69b5a471ff8b929a8774baee39b14ab325af2ea7756c656c0135a59568499208341333d6b896cf0cc10108970e20313df241d179bd2a4d2392b269e6aeb9d2570bba7e3c67f49e90cf95562f93077a5fb588225724d444fcd8da55921dcff7b0be49ac0171ae98209e729f65bcebe447ccc0a185719f3fd55d1ae263daac4a420da91d05cdfc85d48e5743483dbb6fe81e5c216948953d95d5e725db17df44f05a57c6cc425e55572f9163e536a6d2d51d5213c937f6ddba08fc1f90ec73088a766a685f2c0d43b80422d48eef23b2ea588ea26b8dffb4f0df0cf91d6ea8f14a663ba2b165e4427010742fe63905d62b9dcf2385dce09fe75e4746d5c9c402ee77bfc9f39a28eb9f2751a81b090a499706accafbf5ae1afa9af350fd7481bb", 0xf05}, 0x1006) socket$inet6(0xa, 0x0, 0x0) 21:31:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000080)={0x7fff, 0xa}, 0x298) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000000100)={0x0, 0x3, 0x5c8b, &(0x7f00000000c0)=0x3}) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000001000000787f000001e000000100004e3b00089078adffce1ed00a15ab284e6331549c247a63bab9fbebf684b1a566fcae59107e88bf63cbabed1d58abc01d683d5586d1d0a85ae274104e8094ac55da26f80668fb185bf60f99011632acf72ed172685302b9f1fef56569f24752ee50be2949"], 0x0) [ 202.024532] audit: type=1400 audit(1573248717.182:116): avc: denied { execute } for pid=9626 comm="syz-executor.5" path="pipe:[38250]" dev="pipefs" ino=38250 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=fifo_file permissive=1 [ 202.060528] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=9649 comm=syz-executor.3 21:31:57 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x4}, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)={0x14, r3, 0xd01cb83f3faa9aff}, 0x14}}, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x6002121}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="b04725bd7000fedb8c3152aaae2ed4dbdf2501000000080004001b000000"], 0x24}, 0x1, 0x0, 0x0, 0xf7764c565d52a204}, 0x8) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:31:57 executing program 5: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/hash_stats\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00') sendmsg$FOU_CMD_DEL(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80802000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x34, r2, 0x300, 0x70bd2b, 0x25dfdbfd, {}, [@FOU_ATTR_PEER_PORT={0x8, 0xa, 0x4e24}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @broadcast}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e20}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x62}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x4040010) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sfeatures}) 21:31:57 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x4}, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)={0x14, r3, 0xd01cb83f3faa9aff}, 0x14}}, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x6002121}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="b04725bd7000fedb8c3152aaae2ed4dbdf2501000000080004001b000000"], 0x24}, 0x1, 0x0, 0x0, 0xf7764c565d52a204}, 0x8) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:31:57 executing program 4: r0 = socket$unix(0x1, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet6_dccp(0xa, 0x6, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup2(r2, r1) r3 = dup(r2) getsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000380)=@assoc_value={0x0, 0x200}, &(0x7f0000000400)=0x8) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f00000005c0)={r4, @in={{0x2, 0x4e21, @local}}}, 0x84) bind$unix(r0, &(0x7f00000006c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x29) connect$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) ioctl$KDMKTONE(r5, 0x4b30, 0x7) ioctl$VIDIOC_S_AUDIO(0xffffffffffffffff, 0x40345622, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) dup2(0xffffffffffffffff, 0xffffffffffffffff) socket$netlink(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) r8 = getpid() sched_setattr(r8, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) ioctl$sock_SIOCSPGRP(r5, 0x8902, &(0x7f0000000000)=r8) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="380000001000050700"/20, @ANYRES32=0x0, @ANYBLOB="030000002124e18040ee0300f4babbaa457c5a285b9800000000000000fc00"/41, @ANYRES32=r9], 0x38}}, 0x0) [ 202.640115] net_ratelimit: 15 callbacks suppressed [ 202.640120] protocol 88fb is buggy, dev hsr_slave_0 [ 202.650180] protocol 88fb is buggy, dev hsr_slave_1 [ 202.650256] protocol 88fb is buggy, dev hsr_slave_0 [ 202.660290] protocol 88fb is buggy, dev hsr_slave_1 [ 202.674594] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12297 sclass=netlink_route_socket pig=9677 comm=syz-executor.3 21:31:57 executing program 3: r0 = socket$inet6(0xa, 0x802, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0x100000000a, &(0x7f00000003c0), 0x4) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r1, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r1, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\n\x00!!\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) fsetxattr$trusted_overlay_opaque(r1, &(0x7f0000000040)='trusted.overlay.opaque\x00', &(0x7f0000000080)='y\x00', 0x2, 0x5) r2 = socket$inet_sctp(0x2, 0x5, 0x84) clock_gettime(0x0, &(0x7f0000008040)={0x0, 0x0}) recvmmsg(r2, &(0x7f0000007e80)=[{{&(0x7f0000000100)=@un=@abs, 0x80, &(0x7f0000000300)=[{&(0x7f0000000180)=""/48, 0x30}, {&(0x7f00000001c0)=""/6, 0x6}, {&(0x7f0000000280)=""/102, 0x66}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000000200)=""/19, 0x13}], 0x5, &(0x7f0000001400)=""/4096, 0x1000}, 0x3}, {{0x0, 0x0, &(0x7f0000004700)=[{&(0x7f0000002400)=""/113, 0x71}, {&(0x7f0000002480)=""/4096, 0x1000}, {&(0x7f0000003480)=""/164, 0xa4}, {&(0x7f0000000380)=""/15, 0xf}, {&(0x7f0000003540)=""/4096, 0x1000}, {0xfffffffffffffffe}, {&(0x7f0000004540)=""/18, 0x12}, {&(0x7f0000004580)=""/245, 0xf5}, {&(0x7f0000004680)=""/74, 0x4a}], 0x9}, 0x5}, {{0x0, 0x0, &(0x7f0000004d00)=[{&(0x7f00000047c0)=""/235, 0xeb}, {&(0x7f00000048c0)=""/103, 0x67}, {&(0x7f0000004940)=""/244, 0xf4}, {&(0x7f0000004a40)=""/18, 0x12}, {&(0x7f0000004a80)=""/93, 0x5d}, {&(0x7f0000004b00)=""/178, 0xb2}, {&(0x7f0000004bc0)=""/113, 0x71}, {&(0x7f0000004c40)=""/118, 0x76}, {&(0x7f0000004cc0)=""/52, 0x34}], 0x9, &(0x7f0000004dc0)=""/84, 0x54}, 0xfffff001}, {{&(0x7f0000004e40)=@nfc, 0x80, &(0x7f0000005000)=[{&(0x7f0000004ec0)=""/193, 0xc1}, {&(0x7f0000004fc0)=""/38, 0x26}], 0x2, &(0x7f0000005040)=""/4096, 0x1000}, 0xfffffffd}, {{&(0x7f0000006040)=@ipx, 0x80, &(0x7f0000006580)=[{&(0x7f00000060c0)=""/194, 0xc2}, {&(0x7f00000061c0)=""/18, 0x12}, {&(0x7f0000006200)=""/151, 0x97}, {&(0x7f00000062c0)=""/26, 0x1a}, {&(0x7f0000006300)=""/91, 0x5b}, {&(0x7f0000006380)=""/140, 0x8c}, {&(0x7f0000006440)=""/155, 0x9b}, {&(0x7f0000006500)=""/128, 0x80}], 0x8, &(0x7f0000006600)=""/110, 0x6e}, 0xfffffeff}, {{&(0x7f0000006680)=@nfc_llcp, 0x80, &(0x7f00000069c0)=[{&(0x7f0000006700)=""/107, 0x6b}, {&(0x7f0000006780)=""/105, 0x69}, {&(0x7f0000006800)=""/255, 0xff}, {&(0x7f0000006900)=""/23, 0x17}, {&(0x7f0000006940)=""/32, 0x20}, {&(0x7f0000006980)=""/34, 0x22}], 0x6, &(0x7f0000006a40)=""/176, 0xb0}, 0x1f8}, {{&(0x7f0000006b00)=@ax25={{0x3, @default}, [@netrom, @rose, @remote, @default, @netrom, @netrom, @netrom, @null]}, 0x80, &(0x7f0000007d40)=[{&(0x7f0000006b80)=""/4096, 0x1000}, {&(0x7f0000007b80)=""/85, 0x55}, {&(0x7f0000007c00)=""/47, 0x2f}, {&(0x7f0000007c40)=""/201, 0xc9}], 0x4, &(0x7f0000007d80)=""/236, 0xec}, 0x80000000}], 0x7, 0x0, &(0x7f0000008080)={r3, r4+10000000}) sendto$inet6(r0, 0x0, 0x0, 0x8800, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @remote}, 0x78) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 21:31:58 executing program 1: syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0xcc000, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000000c0), &(0x7f0000000100)=0x4) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x7, 0x50, r0, 0x0) 21:31:58 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x100, 0x0) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x202200, 0x0) ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000140)={0x6, 0xd, 0x3ec9f82f760252ee, r2}) r3 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_emit_ethernet(0xae, &(0x7f0000000080)={@link_local, @link_local={0x1, 0x80, 0xc2, 0x689, 0x3}, [], {@ipv6={0x86dd, {0x0, 0x6, 'f`Q', 0x78, 0x3a, 0x86ddffff, @initdev={0xfe, 0x88, [0xa0], 0x0, 0x0}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x7, 0x608], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0x3, 0x4, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x0, 0x0, 0x5]}, @mcast1, [@dstopts={0x3, 0x4, [], [@jumbo, @ra, @jumbo, @jumbo, @enc_lim, @ra, @jumbo]}, @srh={0x0, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, [@loopback]}]}}}}}}}, 0x0) 21:31:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x4}, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)={0x14, r3, 0xd01cb83f3faa9aff}, 0x14}}, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x6002121}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="b04725bd7000fedb8c3152aaae2ed4dbdf2501000000080004001b000000"], 0x24}, 0x1, 0x0, 0x0, 0xf7764c565d52a204}, 0x8) 21:31:58 executing program 1: pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000001c0)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) write(r1, &(0x7f00000001c0), 0xfffffef3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000180)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000280)={{{@in=@local, @in=@multicast1}}, {{@in6=@mcast1}, 0x0, @in=@initdev}}, &(0x7f0000000080)=0xe8) ioctl$TIOCMBIS(r4, 0x5416, &(0x7f0000000040)=0x8f) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 202.760249] IPv6: addrconf: prefix option has invalid lifetime [ 202.786223] IPv6: addrconf: prefix option has invalid lifetime 21:31:58 executing program 5: perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0xa, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x0, @rand_addr="fe800000000000007029e5e36fc3e001"}, r1}}, 0x284) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) close(0xffffffffffffffff) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) dup2(r2, 0xffffffffffffffff) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0) socket$bt_rfcomm(0x1f, 0x2, 0x3) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) [ 202.817669] nla_parse: 28 callbacks suppressed [ 202.817690] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. 21:31:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x4}, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') sendmsg$SEG6_CMD_GET_TUNSRC(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)={0x14, r3, 0xd01cb83f3faa9aff}, 0x14}}, 0x0) [ 202.858579] bond0: Releasing backup interface bond_slave_1 [ 202.888698] bond0: Enslaving bond_slave_1 as an active interface with an up link 21:31:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r1 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080)='gge\x00', 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0xa0, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='rose0\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\n\x00!!\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) fsetxattr$trusted_overlay_origin(r2, &(0x7f0000000140)='trusted.overlay.origin\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x3) write(r1, &(0x7f00000000c0)="d17620c3ca068d11a53c75df5d1913433b161da83e7e9c5ad87957b74aac95ae322291cbb414f1524a2dd0d533657c0ae3989b270e030258cc68efc1d0297e3f671d253ae1523bd0c46624ad672780cf50feefeac6b2e9b986e5baf2cc1af5", 0x5f) r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/policy\x00', 0x0, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp\x00', 0x4000, 0x0) ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f0000000300)={{0x1, 0x0, 0x0, 0x5, 0x20, 0xb1}, 0xc47, 0x3e, 0x3, 0x8, 0x30, "52b4f123b9e12b285677c8479ddf3db04ed14ddb9b118de5f1b81c163053f5d56bbd5d72057d9d5d0c17eddc8c0cf94e86ce667c3cc9c059b8bee9b8af6ccd5432ff5b5302fa012ab70debcde29e714e561fd1abfac6a05a9c5e45cf81f0a3c22e9bd9f1614baf544341483d8003003782d2fe2efed4ff2e76e07ca5ecad00"}) ioctl$BLKROSET(r3, 0x125d, &(0x7f0000000280)=0x5) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 202.921329] bond0: Releasing backup interface bond_slave_1 [ 202.950132] protocol 88fb is buggy, dev hsr_slave_0 [ 202.955286] protocol 88fb is buggy, dev hsr_slave_1 [ 202.960442] protocol 88fb is buggy, dev hsr_slave_0 [ 202.965502] protocol 88fb is buggy, dev hsr_slave_1 21:31:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x4}, 0x8) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:31:58 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_SET_RESERVED_SIZE(r3, 0x2275, &(0x7f0000000100)=0x50d060000) mmap(&(0x7f0000015000/0x2000)=nil, 0x2000, 0x2000002, 0x10, r0, 0x4001000) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffe84, 0x64, 0x0, 0xfffffffffffffe81) ioctl$KVM_RUN(r2, 0xae80, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) write(r6, &(0x7f0000000340), 0x41395527) r7 = syz_open_dev$midi(&(0x7f00000001c0)='/dev/midi#\x00', 0xbb, 0x4000) ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40082404, &(0x7f0000000200)=0x2) accept$packet(r6, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000080)=0x14) ioctl$sock_inet6_SIOCDIFADDR(r5, 0x8936, &(0x7f0000000140)={@empty, 0x4b, r8}) [ 202.971760] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 203.000515] bond0: Error: Device is in use and cannot be enslaved 21:31:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x4}, 0x8) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 203.089835] bond0: Error: Device is in use and cannot be enslaved [ 203.099702] audit: type=1400 audit(1573248718.362:117): avc: denied { map } for pid=9723 comm="syz-executor.3" path="/dev/kvm" dev="devtmpfs" ino=13741 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:kvm_device_t:s0 tclass=chr_file permissive=1 21:31:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) 21:31:58 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x801000008912, &(0x7f00000000c0)="0800a1695e1dcfe87b1071") r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00', 0x1}) r2 = socket$pppoe(0x18, 0x1, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) ioctl$RNDZAPENTCNT(r3, 0x5204, &(0x7f0000000080)=0xffffbd04) connect$pppoe(r2, &(0x7f0000000180)={0x18, 0x0, {0x3, @remote, 'lo\x00'}}, 0x1e) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'lo\x00\x00\x00\x00\x00\x00\x00Jk\x00'}) connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'tunl0\x00'}}, 0x1e) 21:31:58 executing program 4: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x4002) io_setup(0xc32f, &(0x7f0000000440)=0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xb, 0x12, r3, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0) eventfd(0x1) ftruncate(r1, 0x48280) r4 = open(&(0x7f00000004c0)='./bus\x00', 0x2, 0x0) setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000780)="7ea2489387a42967d669cac636490db8130941fca67fc3324091e17f8a61fce88c9665943b5886f108e08f717d37c953992c95f1989bebb5ff8daea8e86fed57b5277a9e3921c8c0d56f65dab893ca84fb0ff877e9b24c1f313f03ce8ecb70dc6090eeab530c33e662843fd4b43b8df69d", 0x71) readv(0xffffffffffffffff, 0x0, 0x0) write$P9_RATTACH(r4, &(0x7f0000000080)={0x35a}, 0xfffffff4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000800)="371d848c24591792863b2d5d6bc3c76a000001000000000079e6ae1a07de1d42fd46fdfada485aaea1cda588838353786b2ff4f7b644e0839054fcd3486dfe9795b35eae35042b0ae441065b6570a16e9f59424cf705c5958d33fbfcec4080876e65ccb6cc4a9a8e6a0f46559eb725fdab41865ab93895a77a3e494f920e9617dc006dcbe35e9ff7112f2a58bbd9f7123b6661186821900b092f90a53e27d726e56671cc23bf1472b65c3131051de54ab9b1fe6b7b515163790da97ebdaf688dc5b30aed84cbb5c86c3c0a64548106e6a4bfd61442897160333d8ad0b914906fb8839422a3", 0x2c84e1972a71ed36, 0x0, 0x0, 0xffffffe4}]) move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) munmap(&(0x7f00000e6000/0x1000)=nil, 0x1000) 21:31:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) socket$inet6_udplite(0xa, 0x2, 0x88) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:31:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 203.542717] audit: type=1804 audit(1573248718.812:118): pid=9751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir270294397/syzkaller.1a7d7c/87/bus" dev="sda1" ino=16895 res=1 [ 203.612845] audit: type=1804 audit(1573248718.842:119): pid=9751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir270294397/syzkaller.1a7d7c/87/bus" dev="sda1" ino=16895 res=1 [ 203.679750] audit: type=1804 audit(1573248718.942:120): pid=9751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir270294397/syzkaller.1a7d7c/87/bus" dev="sda1" ino=16895 res=1 21:31:59 executing program 1: prlimit64(0x0, 0x0, &(0x7f0000000280), 0x0) getpid() sched_setattr(0x0, 0x0, 0x0) sched_setattr(0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x800080, 0x0) accept4$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14, 0xc00) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000540)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r1}, 0x14) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x100}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x2, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r2, 0x28, 0x6, &(0x7f0000000040), 0x10) r3 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ff3e6808e92b7abafc47d822996f60e4"}, 0x1c) sendmmsg(r3, &(0x7f0000006d00)=[{{0x0, 0x1000000, 0x0}}], 0xc6, 0x24000000) syz_emit_ethernet(0x0, 0x0, 0x0) 21:31:59 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/member\x00', 0x2, 0x0) dup2(r1, r2) 21:31:59 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:31:59 executing program 4: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, 0x0, 0x0) syz_open_procfs(0x0, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x4002) io_setup(0xc32f, &(0x7f0000000440)=0x0) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xb, 0x12, r3, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0) eventfd(0x1) ftruncate(r1, 0x48280) r4 = open(&(0x7f00000004c0)='./bus\x00', 0x2, 0x0) setsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000780)="7ea2489387a42967d669cac636490db8130941fca67fc3324091e17f8a61fce88c9665943b5886f108e08f717d37c953992c95f1989bebb5ff8daea8e86fed57b5277a9e3921c8c0d56f65dab893ca84fb0ff877e9b24c1f313f03ce8ecb70dc6090eeab530c33e662843fd4b43b8df69d", 0x71) readv(0xffffffffffffffff, 0x0, 0x0) write$P9_RATTACH(r4, &(0x7f0000000080)={0x35a}, 0xfffffff4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r2, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000800)="371d848c24591792863b2d5d6bc3c76a000001000000000079e6ae1a07de1d42fd46fdfada485aaea1cda588838353786b2ff4f7b644e0839054fcd3486dfe9795b35eae35042b0ae441065b6570a16e9f59424cf705c5958d33fbfcec4080876e65ccb6cc4a9a8e6a0f46559eb725fdab41865ab93895a77a3e494f920e9617dc006dcbe35e9ff7112f2a58bbd9f7123b6661186821900b092f90a53e27d726e56671cc23bf1472b65c3131051de54ab9b1fe6b7b515163790da97ebdaf688dc5b30aed84cbb5c86c3c0a64548106e6a4bfd61442897160333d8ad0b914906fb8839422a3", 0x2c84e1972a71ed36, 0x0, 0x0, 0xffffffe4}]) move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) munmap(&(0x7f00000e6000/0x1000)=nil, 0x1000) 21:31:59 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:31:59 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:31:59 executing program 3: syz_emit_ethernet(0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff080600010800060400010000000000000000000000000000000028f44031d95183f8eddb8d273399a0b9d6bf6bd4e51773c2f784f21d69c0670c44c18c7f85c58079b628841c571bb93683d972d41fe6d6c2ee7d77cd6beaafac1f097caea5a29dbb9aa46e19b597d025027dc3af16c531bde2d87c87432a77709fe0bbd7c507e7b721854e4f9f5a58b1a6e6239b4e21fae0a7c4a6ffa5cd81423e537e640b58b8f6b8951d4a1f58a1c28693746ecc1ff3d7bbac165c"], 0x0) r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x9, 0x200600) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000240)="828d928d93021dfa4cf5c1038c4d2276bee75187590b4ee20ac227002556a8d520f790a8a8bf5a20cdc93e297b65c25fae11ae43c8b072665a9b8006fd3bf6d9c93aa131c6e4759ef3b8818d0f2c4955b10187523fc08dd23380dce82a8256609ef9e1082a937f4759818d9f943901e3fb855d3b7ba3ceb99e788d862ba276bf832633469aefc4f259ba781beceb2889d9ce200d5b88", 0x96}], 0x1, 0x8) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000100)=0x8) ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000080)={0xffffffff, "7ef75341921698f6283b2b8acd617e15bd1a559d6c4943842ebf64f7c2b67166", 0x3, 0x10001, 0x5, 0x100, 0x58a0861, 0x4}) [ 203.912286] audit: type=1804 audit(1573248719.182:121): pid=9771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir270294397/syzkaller.1a7d7c/88/bus" dev="sda1" ino=16892 res=1 21:31:59 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 204.101295] audit: type=1804 audit(1573248719.182:122): pid=9771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir270294397/syzkaller.1a7d7c/88/bus" dev="sda1" ino=16892 res=1 21:31:59 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:31:59 executing program 1: prlimit64(0x0, 0x0, &(0x7f0000000280), 0x0) getpid() sched_setattr(0x0, 0x0, 0x0) sched_setattr(0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x800080, 0x0) accept4$packet(0xffffffffffffffff, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000500)=0x14, 0xc00) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000540)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, r1}, 0x14) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x100}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x2, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r2, 0x28, 0x6, &(0x7f0000000040), 0x10) r3 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ff3e6808e92b7abafc47d822996f60e4"}, 0x1c) sendmmsg(r3, &(0x7f0000006d00)=[{{0x0, 0x1000000, 0x0}}], 0xc6, 0x24000000) syz_emit_ethernet(0x0, 0x0, 0x0) 21:31:59 executing program 4: shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000040)=""/82) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x403002, 0x0) ioctl$VT_GETSTATE(r2, 0x5603, &(0x7f0000000180)={0x4c, 0x1, 0x101}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cacKe_threshold\x00', 0x2, 0x0) r3 = syz_open_dev$media(&(0x7f00000001c0)='/dev/media#\x00', 0x0, 0x105a00) ioctl$KVM_GET_REGS(r3, 0x8090ae81, &(0x7f0000000200)) 21:31:59 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f0000000180)=0x0) r6 = fcntl$getown(0xffffffffffffffff, 0x9) kcmp(r5, r6, 0x6, r2, r1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = open(0x0, 0x68042, 0x0) write$P9_RSTATu(r7, &(0x7f0000000100)=ANY=[@ANYRESDEC, @ANYRESOCT], 0x2b) fallocate(r7, 0x0, 0xffff, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000140)={0x1f, 0x1, {0x2, 0x0, 0x0, 0x0, 0x6}, 0x8}, 0xd) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, &(0x7f0000001700)) syz_open_dev$usbfs(&(0x7f00000001c0)='/dev/bus/usb/00#/00# ', 0x200, 0x1) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$TIPC_NODE_RECVQ_DEPTH(r8, 0x10f, 0x83, 0x0, &(0x7f0000000100)) lstat(0x0, &(0x7f0000000580)) 21:31:59 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:31:59 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$FIBMAP(r1, 0x1, &(0x7f0000000080)=0xffffffff) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:31:59 executing program 2: setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:31:59 executing program 5: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) chdir(&(0x7f0000000180)='./file0\x00') creat(&(0x7f0000000380)='./bus\x00', 0x0) r0 = open(&(0x7f00000003c0)='./bus\x00', 0x0, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000000)=0x401, 0x4) r2 = open(&(0x7f0000000180)='./bus\x00', 0x2, 0x0) write$P9_RATTACH(r2, &(0x7f0000000080)={0x14}, 0xfffffff4) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2, 0x12, r0, 0x0) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000002300)=""/4096, 0x1000}], 0x3b6) mbind(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x3) 21:31:59 executing program 2: setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:31:59 executing program 1: syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f00000007c0)=[{&(0x7f0000000580)="62f23e748cdfecc0d3bcb88248f9f8f8e87edc5637656d6e511dcdc6041c8d8a0957939950c15c7ac6360c7820e1d5957ba4167f17600b58767db91e29eb92a20f86dddfb0f8dda322d3ddeadba924051c7894f228f090746b1a55e851e7dcaae4d8411f6806d216b4f2e7eca231a301cc0c9bb4bb5598a94336a99790d3b77dcda45483c1fb1194c56ddfddb587442754e6c815", 0x94, 0x9}], 0x0, 0x0) mount$9p_tcp(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xabb, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x4db, 0x400}], 0x4801, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f0000000040)) [ 204.671757] audit: type=1804 audit(1573248719.942:123): pid=9820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir887682754/syzkaller.IrJDX6/85/file0/bus" dev="sda1" ino=16904 res=1 21:32:00 executing program 2: setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x40, 0x0) connect$vsock_dgram(r1, &(0x7f00000000c0)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 204.746242] audit: type=1804 audit(1573248720.012:124): pid=9822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir887682754/syzkaller.IrJDX6/85/file0/bus" dev="sda1" ino=16904 res=1 21:32:00 executing program 2: r0 = socket$packet(0x11, 0x0, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x9, &(0x7f00000000c0)=0x1, 0x12) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x8000}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaade1f598f0081000000080045f4001c00000000000090787f000001e000000100004e260008f978dff8baf6114b2f96f049c7f5e1b8ba9109bd8eb6fa51cead"], 0x0) [ 204.926748] EXT4-fs: Warning: mounting with data=journal disables delayed allocation and O_DIRECT support! [ 204.954091] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 204.964948] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 204.974995] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 205.006030] EXT4-fs (loop1): mounting with "discard" option, but the device does not support discard [ 205.025496] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue 21:32:00 executing program 4: prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, 0x0}, 0x68) r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) io_setup(0x2, &(0x7f00000004c0)=0x0) getrusage(0x1, &(0x7f00000002c0)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f0000000140)="73844ae89d", 0x5}]) getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, 0x0, &(0x7f0000000480)) openat(0xffffffffffffffff, 0x0, 0x88000, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r0, &(0x7f00000000c0)="4e1833e220e3667642580baf0bd3b648a66d17e7fc91c17d89649ef66fde92bfb35aacfa744e777994488edd92c4d9ac63d264b62234fd7bf5d9a35ddd12d94d1f4be703790b4553aa7eaeecb6ecea01933c298f8a8c608639ddd14921a3a93ef25111756827cd80b56a3d69e198c48091d17bcfe3", &(0x7f0000000240)}, 0x20) 21:32:00 executing program 2: r0 = socket$packet(0x11, 0x0, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:00 executing program 3: bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={0x0}, 0x10) pipe2(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x10) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x511, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, @perf_bp={0x0}, 0x30100, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000080)={@local}, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) connect$llc(0xffffffffffffffff, 0x0, 0x0) sendmmsg(r0, &(0x7f0000001380), 0x40003ad, 0x2000000) creat(&(0x7f0000000280)='./bus\x00', 0x81) creat(&(0x7f00000002c0)='./bus\x00', 0x0) io_setup(0x2, &(0x7f00000004c0)) syz_open_dev$vbi(&(0x7f0000000300)='/dev/vbi#\x00', 0x0, 0x2) r1 = socket(0x40000000015, 0x5, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) bind$inet(r1, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) recvmmsg(r1, &(0x7f0000004640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r3 = getpgid(r2) perf_event_open(0x0, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x22, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10811, r4, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xffffff5c) r10 = socket(0x1, 0x803, 0x0) getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00N\x00'/20, @ANYRES32=r9, @ANYBLOB="00000000000000041800120008000100767469000c00020008000100", @ANYRES32=r11], 0x38}}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r9}, [@IFLA_LINKINFO={0x18, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0xc, 0x2, [@vti_common_policy=[@IFLA_VTI_LINK={0x8, 0x4, r9}]]}}}]}, 0x38}}, 0x0) bind$bt_hci(r5, &(0x7f0000000180)={0x1f, r9, 0x2}, 0xc) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x3800) close(0xffffffffffffffff) r12 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0) openat$cgroup_subtree(r12, &(0x7f0000000140)='cgroup.subtree_control\x00', 0x2, 0x0) io_setup(0x2346, &(0x7f0000000100)) 21:32:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x16a) ioctl$ASHMEM_SET_PROT_MASK(r1, 0x40087705, &(0x7f0000000100)={0x9, 0x2}) ioctl$CAPI_GET_MANUFACTURER(r1, 0xc0044306, &(0x7f00000000c0)=0x10001) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:32:00 executing program 2: r0 = socket$packet(0x11, 0x0, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r1, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) r2 = syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x101, 0x0) setsockopt$sock_void(r2, 0x1, 0x0, 0x0, 0x0) ioctl$sock_ifreq(r1, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\n\x00!!\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) splice(r1, &(0x7f0000000080)=0x80000000, r0, &(0x7f00000000c0)=0x3ff, 0x0, 0xa) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:32:00 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 205.487618] bond0: Releasing backup interface bond_slave_1 [ 205.506181] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 205.524805] bond0: Releasing backup interface bond_slave_1 [ 205.535510] bond0: Enslaving bond_slave_1 as an active interface with an up link 21:32:00 executing program 4: syz_init_net_socket$llc(0x1a, 0x6, 0x0) openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000000100)='/dev/snd/controlC#\x00', 0xfffffffffffffffb, 0x0) unshare(0x40040400) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x0, &(0x7f0000000180), 0x4) perf_event_open(0x0, 0x0, 0xf, 0xffffffffffffffff, 0x2) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0xc) r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x3, 0x0) ioctl$TUNSETVNETHDRSZ(r2, 0x400454d8, &(0x7f0000000040)) ioctl$VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, 0x0) openat$snapshot(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) creat(&(0x7f0000000200)='./bus\x00', 0x0) open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, 0x0, &(0x7f0000000140)) setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f00000002c0)=0x21d589b99514b289, 0x4) getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) 21:32:00 executing program 5: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000000)={0x8, 0x1, 0x6, 0x5, 0x15, 0xfb, 0xc0, 0x9, 0x4, 0x4}) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000340)=""/109, 0x6d}, {&(0x7f00000004c0)=""/16, 0x10}, {&(0x7f0000000500)=""/135, 0x87}, {&(0x7f00000005c0)=""/70, 0x46}], 0x4, &(0x7f0000000680)=""/93, 0x5d}}, {{&(0x7f0000000700)=@hci, 0x80, &(0x7f0000002b40)=[{&(0x7f0000000780)=""/242, 0xf2}, {&(0x7f0000000880)=""/56, 0x38}, {&(0x7f00000008c0)=""/244, 0xf4}, {&(0x7f00000009c0)=""/163, 0xa3}, {&(0x7f0000000a80)=""/13, 0xd}, {&(0x7f0000000ac0)=""/57, 0x39}, {0x0}, {&(0x7f0000000b40)=""/4096, 0x1000}, {&(0x7f0000001b40)=""/4096, 0x1000}], 0x9, &(0x7f0000002c00)=""/255, 0xff}}, {{&(0x7f0000002d00)=@rc, 0x80, &(0x7f0000005280)=[{&(0x7f0000002d80)=""/173, 0xad}, {&(0x7f0000002e40)=""/181, 0xb5}, {0x0}, {&(0x7f0000002f00)=""/39, 0x27}, {&(0x7f0000002f40)=""/183, 0xb7}, {&(0x7f0000003000)=""/212, 0xd4}, {&(0x7f0000003100)=""/255, 0xff}, {&(0x7f0000005240)=""/23, 0x17}], 0x8, &(0x7f0000005340)=""/156, 0x9c}}], 0x3, 0x0, 0x0) 21:32:00 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x3, 0x10000, 0x1}, 0xfffffffffffffc33) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:32:00 executing program 1: socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x5}, 0x0) write(0xffffffffffffffff, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) socket$inet(0x2, 0x0, 0x7f) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x10) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) read(r1, &(0x7f0000000100)=""/155, 0x9b) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000240)={0x8, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="010000000000000011bfd2794611c8afefeaa6dbc0e3b3925ef76b090a416069187dd380047a76b8328f02371156d30b4e5277bf12a882e3b36fdfba322037fe17b15f77d0456d"], 0x0, 0x0, 0x0}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) ioctl$TIOCGPTPEER(r2, 0x5441, 0x3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}, 0xfffffffe}) ioctl$sock_inet6_SIOCADDRT(r1, 0x89a0, &(0x7f00000005c0)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @remote, @remote}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 21:32:00 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:00 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_stats\x00', 0x0, 0x0) setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000100)=0x1, 0x1) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = socket$inet_sctp(0x2, 0x5, 0x84) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f00000002c0)={0x2, [0x0, 0x0]}, &(0x7f000095dffc)=0xffffffffffffffab) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x14, &(0x7f0000000040), 0x8) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f00000001c0)={0x0, 0x77, "296cb2885ad22d14e914c403db1eac673c5da26c2b5ccc76ae2247a32aea304729a0df8a7b451d9b376c3cbe4d233da838bb65e3a1c9e02e052cf0cec0075c70bb4dbb1b408bf06c3b591bc39cae777d5111bc466bf375fb246743b4c869d0ff7e67e66e131c4abd3f3e6ef4322431905fa49194ac2112"}, &(0x7f0000000140)=0x7f) r5 = openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/create\x00', 0x2, 0x0) fcntl$setpipe(r5, 0x407, 0x7) [ 205.689457] IPVS: ftp: loaded support on port[0] = 21 21:32:01 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:01 executing program 4: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000300)={0x18, 0x0, {0x1, @local, 'rose0\x00'}}, 0x1e) r1 = socket$pppoe(0x18, 0x1, 0x0) close(r1) 21:32:01 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x1d, 0x1) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x182) sendmsg$key(0xffffffffffffffff, &(0x7f0000b6dfc8)={0xffffff7f00000000, 0x0, 0x0}, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) timer_create(0x0, &(0x7f0000000200)={0x0, 0x10, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000240)) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) socket(0x0, 0x800000003, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:32:01 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:01 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000240)={{{@in6, @in=@remote}}, {{@in6=@ipv4={[], [], @loopback}}, 0x0, @in6=@remote}}, &(0x7f0000000040)=0xe8) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@getnetconf={0x14, 0x52, 0x10, 0x70bd25, 0x25dfdbfe, {}, ["", "", "", "", ""]}, 0x14}}, 0x0) 21:32:01 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 206.198325] overlayfs: './file0' not a directory [ 206.239262] overlayfs: './file0' not a directory 21:32:01 executing program 5: bpf$MAP_CREATE(0xc00000000000000, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x400100, 0x0, 0x0, 0x0, 0x14], 0x0, 0xffffffffffffffff, 0x2}, 0x3c) 21:32:01 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, 0x0, 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:01 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x1d, 0x1) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x182) sendmsg$key(0xffffffffffffffff, &(0x7f0000b6dfc8)={0xffffff7f00000000, 0x0, 0x0}, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) timer_create(0x0, &(0x7f0000000200)={0x0, 0x10, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000240)) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) socket(0x0, 0x800000003, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:32:01 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, 0x0, 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:01 executing program 5: select(0x40, &(0x7f0000000000)={0x980000000000, 0x3, 0x6, 0x4, 0xfffffffffffffff9, 0x7, 0x4, 0x2}, &(0x7f0000000240)={0x8, 0x4, 0x5, 0x1f, 0x6, 0x4c0b, 0x20, 0x6}, &(0x7f0000000280)={0x2, 0x5, 0x5, 0x4, 0x56, 0x2, 0x1, 0x3}, &(0x7f00000002c0)) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000440)={0x4, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0f630c40"], 0x0, 0x0, 0x0}) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x1, &(0x7f00000007c0)=[{&(0x7f0000000640)="e2f23e748cdfecc0d3bcb88248f9f8f8e87edc5637656d6e511dcdc6041c8d8a0957939950c15c7ac6360c7820e1d5957ba4167f17600b58767db91e29eb92a20f86dddfb0f8dda322d3ddeadba924051c7894f228f090746b1a55e851e7dcaae4d8411f6806d216b4f2e7eca231a301cc0c9bb4bb5598a94336a99790d3b77dcda45483c1fb1194c56ddfddb587442754e6c815321b125f", 0x98, 0xb}], 0x0, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vsock\x00', 0x40000, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000200)='./file0/file0\x00', 0x0, 0x1, &(0x7f0000000100)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0x1, 0x0) r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x0, 0x400000) faccessat(r0, &(0x7f0000000180)='./file0\x00', 0x1, 0x1000) [ 206.507962] overlayfs: './file0' not a directory 21:32:01 executing program 1: creat(&(0x7f0000000180)='./bus\x00', 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) mmap(&(0x7f000003f000/0x2000)=nil, 0x2000, 0xb, 0x11, r0, 0x0) r1 = creat(&(0x7f0000000340)='./file0\x00', 0xc0) ioctl$NBD_SET_SIZE(r1, 0xab02, 0x2) write$P9_RUNLINKAT(r1, &(0x7f0000001600)={0x3c4}, 0x7) fcntl$setstatus(r1, 0x4, 0x4002) r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0xffffffff0, 0x4000) ioctl$VIDIOC_SUBDEV_S_CROP(r2, 0xc038563c, &(0x7f0000000100)={0x0, 0x0, {0x7f, 0x40, 0x8, 0x200}}) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r3, 0x541b, &(0x7f0000000140)) io_setup(0x400008, &(0x7f0000000040)=0x0) io_submit(r4, 0x79d, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7}]) r5 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r5, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r6 = socket$inet_sctp(0x2, 0x5, 0x84) r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x14, &(0x7f0000000040)={r8}, 0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f00000001c0)={r8, 0xff, 0x20, 0xffffffffffffff8e, 0x6}, &(0x7f0000000200)=0x18) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000240)={r9, 0xdf6}, &(0x7f0000000280)=0x8) 21:32:01 executing program 3: syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000280)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0, 0x9, &(0x7f00000005c0)) 21:32:01 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, 0x0, 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:01 executing program 3: getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000c40)={0x0, @in={{0x2, 0x0, @dev}}, 0x0, 0x0, 0x6, 0x6, 0xa7}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x20004004, &(0x7f0000000040)={0xa, 0x20004e22, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0xc498ead121f97dd6) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100)=@gcm_128={{0x303}, "d44eb8c7308ec7c4", "442065238929350ade91900b51fc9534", "6bdda720", "7ee51430da3f51b3"}, 0x28) sendto$inet6(r0, &(0x7f0000000080)="39a110", 0xffffffffffffffc1, 0x40, 0x0, 0xfffffffffffffe5b) r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0xc0185879, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080)) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f0000000140)=[{{0x2, 0x1}, {0x1, 0x1, 0x1}}, {{0x0, 0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}, {{0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x2, 0x0, 0x0, 0x1}, {0x4, 0x1, 0x1, 0x1}}], 0x20) epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f00000000c0)) 21:32:02 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000), 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 206.792787] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 21:32:02 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000), 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:02 executing program 5: pipe(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) close(r1) socket(0x10, 0x3, 0x0) write(0xffffffffffffffff, &(0x7f0000000180)="1c0000004a00", 0x6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) writev(r3, &(0x7f0000000500)=[{&(0x7f00000001c0)="8ba785dda1f0b0f5a27d811a2b06867d4e62f1b541752c544e5e4e42039d27fc53943c170ae4726ddcbbdfd80a230d7b5fc887963628bad407469bc2d332caab59a8cbea04b6707ab08081effcdfcde68b514ffc1a58c925aa72abf91fe9ead3bcfc1badf5d57a2bd9463948fa8a362fa8628773126cc3ba3066b02e2b3638ed07182f17f0c56226f0ea1de8da55c772e62e4332062b4b2e18c17df8235ba3141cc79b60186f9fbdd8f2f331c3a77c2ad8f94c49c7176bbf89a3125584120425547c9b913259acaaaf4bfaec219f5b2cf20b8bbd01030cd81170e448", 0xdc}, {&(0x7f00000002c0)="34937b8d1ef8678daeb7765dc2764241cb6d28445ca6fd1d82b60b1a6720768f5e285f85b319a79272ea3aed6c5316ac417606abf329f897aaf92f1511b5321bf2b49d02e02203a3bfcccceabbd27a40a2930285aee1899cc8c0abb2324539b16f010d271d9b4d60b066f81249c8c83508348a40c1f4b5cf378d3fc36b286029988d2fc3d34235f51beafbac829c1137b2305d90425c4f175951dad2", 0x9c}, {&(0x7f0000000040)="88a8f39d358b5c0c67330a2247dfcd095e9d1d6d5e336e94f733fbb9eaa6b52f293090c6c56e344de1e373c1c6d662af4d6dcac8b8d59e7ff0e760e246256e09252092cdeaa4b504f9fb25c4533b9442006f1c820517291f1e5e59678b341ba0b84e5fb174eb263075fc77f32b85e8c63b6e0812a5c344b29798891f", 0x7c}, {&(0x7f0000000380)="a3bb5f144915cabb3198006af0fc36594616cf6bff82081e7c9a48147ef7332913275feb6d1105b7fcdd75f7b5f1bc0723c3fefaa5305c2a547aad787f7335eca2c35ccd7e5fd179b6e7633ff4b62f53", 0x50}, {&(0x7f0000000400)="22f697691c3bb65a54612ed21907a5c1afb967e2b1a4ab71b50e59ef72aedd78fa7fe505496f894379383daf1fc40d8a476c749b27cebcf41431b3dc6244f8e7717b346bb417e06e7aa5e51a1297b5b846e85862eade0fa7b37ca9e6868215b481e0c3e0c7fe728b551ebbe5c04d830a69e576aeaa19aaca2e992a41b0a538cd821940fc1079be2962d6f27f72cc2f08", 0x90}, {&(0x7f0000000100)}], 0x6) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) r5 = dup3(r2, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) splice(r0, 0x0, r1, 0x0, 0x10000, 0x0) 21:32:02 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000), 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 207.222881] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9992 comm=syz-executor.5 21:32:02 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 207.295929] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9992 comm=syz-executor.5 21:32:02 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0x20000000004, 0x4, 0x8}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000040)}, 0xffffffffffffff6c) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040), &(0x7f0000000180)=""/181}, 0x18) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0xa, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0x6000000, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @rand_addr="fe800000000000ae7a29e5e36fc3e001"}, r5}}, 0x48) write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000580)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @rand_addr="f40a250b388d101af1158aec7455e37b"}, {0xa, 0x0, 0x0, @local}, r5}}, 0x48) write$RDMA_USER_CM_CMD_CONNECT(r2, &(0x7f0000000240)={0x6, 0x118, 0xfa00, {{0x4, 0x200, "d69f60befeb6edd2807676c6c1d48c9803452a3172be4d67815de4a8a6ffcd9092fa27281f44a4ef1f4e649dde97bbdf614c81cf99d394057c94e72ef33f404984ba21c9cab3c516c609aa41708c202e2c475f246fa33486520f22d27ad6c4597186bf9f7761a871abe3b392fa09f3d8857a1446e9855ab17bfdcd76ea9b3633c1617680a61342dca373e286f484906a5e02d303fd50f070891eda52b5f1e7c1aa184ff88bd8c4ed20c4ae342d79361280f32af2bbe15be4c4742bd92dbd8600aa3e7ae70e3f03182fe6266f10418a21aee1339e1639b13ffd15f0ea744a35688ceeb629bcd5094b0ac432a3b39d38a67837c3d46ff494d4078eb6e8cda0db88", 0x7f, 0x2d, 0x91, 0x8, 0x7, 0xc, 0x1}, r5}}, 0x120) getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000040)=0x2, &(0x7f0000000080)=0x2) 21:32:02 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 207.355486] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9992 comm=syz-executor.5 [ 207.419249] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9992 comm=syz-executor.5 [ 207.435600] kauditd_printk_skb: 7 callbacks suppressed [ 207.435614] audit: type=1804 audit(1573248722.702:132): pid=9971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir615941075/syzkaller.zuHwO8/99/bus" dev="sda1" ino=16609 res=1 21:32:02 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 207.485616] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9992 comm=syz-executor.5 21:32:02 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480)}, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getrandom(0x0, 0xfffffffffffffebf, 0x0) set_mempolicy(0x0, &(0x7f0000000040), 0x4) r0 = socket$inet(0x2, 0x2, 0xdf) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, 0x0, &(0x7f00000004c0)) setsockopt$inet_tcp_int(r1, 0x6, 0xbda55543c11662ad, &(0x7f0000000240), 0x4) sendto$inet(r0, 0x0, 0x0, 0x200007fa, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) r2 = semget$private(0x0, 0x8, 0x0) semtimedop(r2, 0x0, 0x0, 0x0) r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) r4 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00'/15, 0x0) pwritev(r4, &(0x7f0000f50f90), 0x0, 0x81003) ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4) sendfile(r0, r3, 0x0, 0x102000002) r5 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0x9, 0x4, 0x4, 0x100000001}, 0x2c) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) dup3(r7, r6, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) dup3(r10, r9, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) r13 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r14 = dup3(r13, r11, 0x0) dup2(r14, r12) ioctl$EXT4_IOC_SETFLAGS(r5, 0x40086602, 0x0) [ 207.558635] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9992 comm=syz-executor.5 21:32:02 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:02 executing program 3: openat$rtc(0xffffffffffffff9c, &(0x7f0000000340)='/dev/rtc\x00', 0x0, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$UI_SET_PROPBIT(r1, 0x4004556e, 0x0) syz_open_dev$sndctrl(&(0x7f0000000100)='/dev/snd/controlC#\x00', 0xfffffffffffffffb, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xf17) unshare(0x40040400) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, &(0x7f0000000640)={{0x3, 0x3, 0x6}, 0x6, 0x3, 'id1\x00', 'timer0\x00', 0x0, 0x10001, 0x7fff, 0x5, 0x3}) sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="778741f35c6700000000918f8745d5c11fe0a8a4ec52e633dc11b51bce84705d99f76cf4e5c992445df511040b0e91cd05bc21b0770cbfd78373cf1a04d9020641a09392b5b0b076cdabce76eb97e37cb654b8734caf3cd8372c229e4f268cf85e3ed17c5bde884288876df9c5163b0b3c74", @ANYRES16=r2, @ANYBLOB="e54e000000000000000008000000180004001400010062726f61646342"], 0x3}}, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000180)=0x804, 0x4) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xc) vmsplice(0xffffffffffffffff, &(0x7f0000000300), 0x0, 0xc) ioctl$VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) r4 = creat(&(0x7f0000000200)='./bus\x00', 0x0) r5 = open(&(0x7f0000000480)='./bus\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x40d09) r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000280)='SEG6\x00') ioctl$sock_rose_SIOCDELRT(r1, 0x890c, &(0x7f0000000500)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xc0, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bpq0='bpq0\x00', 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}) sendmsg$SEG6_CMD_DUMPHMAC(r4, &(0x7f00000004c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x118000c4}, 0xc, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, r6, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@SEG6_ATTR_DSTLEN={0xe2, 0x2, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000004}, 0x80880) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000140)=0x8) rt_tgsigqueueinfo(0x0, 0x0, 0x16, &(0x7f0000000000)) [ 207.620555] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9992 comm=syz-executor.5 [ 207.698206] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9992 comm=syz-executor.5 21:32:03 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 207.750382] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9992 comm=syz-executor.5 21:32:03 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 207.823141] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=9992 comm=syz-executor.5 [ 207.853802] audit: type=1804 audit(1573248723.122:133): pid=10035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir771782826/syzkaller.NhxGsH/45/bus" dev="sda1" ino=16913 res=1 21:32:03 executing program 5: r0 = open(&(0x7f0000000040)='.\x00', 0xe6a2f49f1233021a, 0x0) open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a0000000100000018"], 0x0) syz_open_procfs(0x0, &(0x7f0000000380)='fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$nV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x871B\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\xc6\x96Y\xf7\xd3`\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'/376) 21:32:03 executing program 1: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x80000000}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000080)={r1, 0x7, 0x3f, 0x8, 0x7fff}, &(0x7f00000000c0)=0x14) r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r2, 0xc008551c, &(0x7f0000000140)={0x3, 0x4, [0x5]}) acct(&(0x7f0000000180)='./file0\x00') ioctl$VT_WAITACTIVE(r0, 0x5607) write$FUSE_INIT(r0, &(0x7f00000001c0)={0x50, 0x0, 0x7, {0x7, 0x1f, 0x7f, 0x100, 0x5, 0x5, 0x7fff, 0x5}}, 0x50) io_setup(0x2, &(0x7f0000000240)=0x0) io_destroy(r3) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f00000002c0)={&(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}) socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$inet6_buf(r2, 0x29, 0xcd, &(0x7f0000000300)=""/65, &(0x7f0000000380)=0x41) r4 = syz_open_dev$admmidi(&(0x7f00000003c0)='/dev/admmidi#\x00', 0xfffffffffffffffa, 0x80040) ioctl$TUNSETLINK(r4, 0x400454cd, 0x19c) r5 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000400)='/selinux/avc/cache_stats\x00', 0x0, 0x0) fcntl$setstatus(r5, 0x4, 0x0) ioctl$PIO_SCRNMAP(r4, 0x4b41, &(0x7f0000000440)="88b935023e252e84a74d4c99657dc797337b1a29c8934f0a1f194587b21d5cf9d1101445703b009d636f50f5064612c6b6406824e0b256cb727af8c2208dc45ec64e3851c8e284078dfefdc47039bd807d3ee6458893d910f823cfadc493cd6e1664dd48bb898669e964166b8d69bf6047549dd8bbfdfd781cddc4c1aef8183c88b19ad8c7f144c1445414fc9a466be228985115078cc923f02a1dc2446f4f009d5153fa") ioctl$PPPIOCSMAXCID(r4, 0x40047451, &(0x7f0000000500)=0x43) r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000540)='/dev/null\x00', 0x48001, 0x0) ioctl$PPPIOCGL2TPSTATS(r6, 0x80487436, &(0x7f0000000580)="2db00467eec06ac9af6861b4ce355d1ac5232da07e6fc0395f5a3ef006ffc99dda9df6811a293d1c5388292c1f0b91db19d3fe239365233d5fe991a88e7778af68c7e4fb6f68fa69862aa8a0378040d88d6b973400211da8cc3995d09f1dd3790e5d9edb93e961e146ff7717f3f3ac284a96bd1146e148ab1951a90c1cb5c58f8700972a048ae4a89d") r7 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000640)='/dev/vga_arbiter\x00', 0x4000, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000680)={0x0, @in6={{0xa, 0x4e21, 0xffff, @loopback, 0x120a}}, 0x80, 0x910a, 0xffffff00, 0x19f7, 0x2}, &(0x7f0000000740)=0x98) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000780)={r8, @in6={{0xa, 0x4e24, 0xad6, @dev={0xfe, 0x80, [], 0x1c}, 0x4}}, 0x5, 0x1, 0x3, 0x18000}, &(0x7f0000000840)=0x98) r10 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000880)='/selinux/avc/hash_stats\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAXSEG(r10, 0x84, 0xd, &(0x7f00000008c0)=@assoc_value={r9, 0x9}, 0xfffffffffffffffd) ioctl$KVM_ARM_SET_DEVICE_ADDR(r5, 0x4010aeab, &(0x7f0000000900)={0x0, 0x1000}) chmod(&(0x7f0000000940)='./file0/file0\x00', 0x184) r11 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000980)='/dev/hwrng\x00', 0x80000, 0x0) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00000009c0)={0x0, 0x20}, &(0x7f0000000a00)=0x8) setsockopt$inet_sctp_SCTP_ASSOCINFO(r11, 0x84, 0x1, &(0x7f0000000a40)={r12, 0x8c00, 0x7, 0x60, 0x9, 0x80}, 0x14) 21:32:03 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x0, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:03 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x0, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:03 executing program 4: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c) listen(r0, 0x5eb857) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r2, &(0x7f0000000080)={0x2, 0x40}, 0x2) r3 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg$inet(r1, 0x0, 0x80) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ubi_ctrl\x00', 0x4000, 0x0) sendmmsg(r3, &(0x7f0000000c00), 0x4000000000001e6, 0x0) 21:32:03 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x0, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:03 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = add_key(&(0x7f0000000040)='big_key\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000001c0)='g', 0x524, 0xfffffffffffffffb) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) getsockopt$inet_dccp_buf(r5, 0x21, 0xc0, &(0x7f0000000100)=""/33, &(0x7f0000000180)=0x15) syz_init_net_socket$llc(0x1a, 0x1, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r6, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400004}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="a400000097b6a4737a8606edc79dce5697000000000000", @ANYRES16=r7, @ANYBLOB="000827bd7000fddbdf2502000000440001000800050002000000080004004e2000000c0007003000000004000000080009007b0000000c0006006c626c63720000000800050001000000080009004c000000080006001c1d000008000500040000003c000300140002006272696467655f736c6176655f30000008000500ac1414bb080007004e22000014000200"/158], 0xa4}, 0x1, 0x0, 0x0, 0x4}, 0x0) keyctl$revoke(0x3, r3) 21:32:03 executing program 1: r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) io_setup(0xc32f, &(0x7f0000000440)=0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ioctl$EXT4_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000001c0)) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x31e, 0x5) write$P9_RFSYNC(0xffffffffffffffff, &(0x7f0000000000)={0x7, 0x33, 0x1}, 0x7) r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) setsockopt$RDS_GET_MR(r2, 0x114, 0x2, &(0x7f0000000180)={{&(0x7f0000000100)=""/37, 0x25}, &(0x7f0000000140), 0x4}, 0x20) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xb, 0x12, r3, 0x0) ftruncate(r0, 0x48280) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x24211}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x3153b527}]) read$char_usb(0xffffffffffffffff, 0x0, 0x0) [ 208.271823] audit: type=1400 audit(1573248723.542:134): avc: denied { name_bind } for pid=10061 comm="syz-executor.4" src=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 [ 208.428240] audit: type=1400 audit(1573248723.562:135): avc: denied { node_bind } for pid=10061 comm="syz-executor.4" src=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:node_t:s0 tclass=dccp_socket permissive=1 [ 208.579068] audit: type=1400 audit(1573248723.572:136): avc: denied { name_connect } for pid=10061 comm="syz-executor.4" dest=20003 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=dccp_socket permissive=1 21:32:03 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x0, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 208.677393] audit: type=1804 audit(1573248723.642:137): pid=10069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir615941075/syzkaller.zuHwO8/102/bus" dev="sda1" ino=16658 res=1 21:32:04 executing program 3: r0 = socket(0x4, 0x803, 0x0) r1 = socket$packet(0x11, 0x6, 0x300) sendto(r1, &(0x7f0000000000)="c7f391422f17a37c9cde24cb654c3e2736b169368859", 0x3c3, 0x20002510, &(0x7f00000000c0)=@in6={0xa, 0x4e22, 0xfffffffe, @mcast2, 0x3ee}, 0x1f) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) setsockopt$TIPC_MCAST_REPLICAST(r2, 0x10f, 0x86) sendto(r0, &(0x7f0000000080)="120000001200e7ef007b0a00f4afd7030a7c", 0x186, 0x4080, 0x0, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) connect$rxrpc(r3, &(0x7f0000000040)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e23, @broadcast}}, 0x24) 21:32:04 executing program 1: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280)='devtmpfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') pipe(0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmmsg(0xffffffffffffffff, &(0x7f0000005c00), 0x0, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x220202, 0x0) openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000f, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) 21:32:04 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x0, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:04 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x0, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 208.856437] overlayfs: failed to resolve './file1': -2 [ 208.884144] audit: type=1804 audit(1573248723.792:138): pid=10076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir771782826/syzkaller.NhxGsH/45/bus" dev="sda1" ino=16913 res=1 21:32:04 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x0, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 208.947328] overlayfs: failed to resolve './file1': -2 21:32:04 executing program 4: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c) listen(r0, 0x5eb857) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r2, &(0x7f0000000080)={0x2, 0x40}, 0x2) r3 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg$inet(r1, 0x0, 0x80) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ubi_ctrl\x00', 0x4000, 0x0) sendmmsg(r3, &(0x7f0000000c00), 0x4000000000001e6, 0x0) 21:32:04 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = fcntl$dupfd(r0, 0x406, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$alg(0x26, 0x5, 0x0) close(r3) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'nr0\x01\x00', 0x7132}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r7, &(0x7f0000000000/0x18000)=nil, 0x0, 0x480b75594570cc50, 0x0, 0x0, 0xfffffcc5) 21:32:04 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x0, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 209.027663] audit: type=1804 audit(1573248723.832:139): pid=10069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="ToMToU" comm="syz-executor.1" name="/root/syzkaller-testdir615941075/syzkaller.zuHwO8/102/bus" dev="sda1" ino=16658 res=1 21:32:04 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x0, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:04 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000008800000088000000050000000900000002000006040000000a00000039e1000005000000c1ffffff0a0000000600000604000000080000008d00000009000000ff0700000900000000000000100000000400000004000000650000000d000000010000001000000000000008220000000600000002000005000b00000e0000000400000001000000070000000500000000000000005ff53000"], &(0x7f0000000240)=""/226, 0xa5, 0xe2, 0x1}, 0x20) r4 = dup2(r3, r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000080)={0x11, 0x6aff}, 0x8) r6 = socket$bt_rfcomm(0x1f, 0x3, 0x3) bind(r6, &(0x7f0000000100)=@nl=@unspec, 0x80) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:32:04 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:04 executing program 1: openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x0, 0x0) accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x80000) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x4000000000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x62a, 0x0, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) io_setup(0x0, &(0x7f00000004c0)) lseek(0xffffffffffffffff, 0x0, 0x4) lseek(0xffffffffffffffff, 0x0, 0x3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) ioctl$EVIOCGEFFECTS(0xffffffffffffffff, 0x80044584, &(0x7f0000000500)=""/4096) socket$alg(0x26, 0x5, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x0, 0x0) setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000180)='ip6gre0\x00', 0x10) connect$inet6(r4, &(0x7f00000002c0)={0xa, 0xffffffffffffffff, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x18}}}, 0x1c) sendmmsg(r4, &(0x7f00000002c0), 0x4cc, 0x0) [ 209.355450] bond0: Releasing backup interface bond_slave_1 21:32:04 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:04 executing program 3: bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0xfffffd57) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000008c0)='./cgroup.cpu//y\xf3l\x00@\x05:$\x92\t71\xf7|6\xaf@W\xda\xea\xf2\x897~', 0x1ff) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) close(0xffffffffffffffff) gettid() recvmsg(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000100)=r2, 0x4) syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x2, 0x2) write$cgroup_int(r1, &(0x7f0000000200), 0x400000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) gettid() socket$kcm(0x29, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/avc/hash_stats\x00', 0x0, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f00000003c0)=""/247) setsockopt$inet6_MCAST_LEAVE_GROUP(r4, 0x29, 0x2d, &(0x7f0000000240)={0x80000001, {{0xa, 0x4e21, 0xd57, @remote, 0x6}}}, 0x88) 21:32:05 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0xa}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3c, &(0x7f0000000100)=0x400000000008000, 0xffba) setsockopt$inet6_int(r0, 0x29, 0x3e, &(0x7f00000003c0)=0x3, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) ioctl$FS_IOC_GETFLAGS(r2, 0x80086601, &(0x7f0000000180)) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) fcntl$setpipe(r3, 0x407, 0x2) write(r1, &(0x7f0000000340), 0x41395527) accept4$nfc_llcp(r1, &(0x7f0000000080), &(0x7f0000000140)=0x60, 0x80000) sendmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000400)="8122f0126b069798c4974d76a800843360d64d3746b948091dccc951673ae22189d21ee42b5ce8ab8612161e11256192bc2fe33243a7098662c0faa8e5906c4030a54a15a5c46f1b434fc97b064881acfa13dd74e25567cf4212376a787626b3cfd9bb03c1cf735fbaba5f87d80e008293b69a98be3caac5059b120680950738a2d8f22980f18b1fa214800585171aa955c5872bea9b56fe7dfc2f243fcb87ce49f0c2846b6912181051ddffef4efcbad81b16258abf1b9571a3446167ec2162d03cf5af279cf3f818fe440621fa73154a1dd13b793c294115d5fed15aac1d3a7f7e477a4b3370d0bbd34c5dbb650baf315d7c336195f5246f24d88f2b0b3a41a16cc052cf4e93dcdc7ddfae2b2f533655e8967aba12edd2d827d1f67c3fdc2ee7f4388bcba59db511fc5ff4126cefc500b992fa62e7d73162bd4ef0f0f739ce8e4db05694f5c639072f4b53476cc01bad7d3d87286cbc3a912337f580992adfb97dd8e6b94f4f17d72adb141d42fe7c1894d24546cd4efe5fb258002b742bd7f9a9e6c72b2113d2fcbbbed6ee210700cd80c52868cba441f1b928414b8d02cef609d7ba4baaea247359c80a0f52c2dffa0d45657538b0ae0d390cfe0a370c038cdf2d7f95295f16b1160277b83eff71f2fb5fb73f0e89cf48a6c479f963affa38cd5d3bac156662d66542ad2b932214d9e2ea323f5515b8b21a4affc221a6af1700cdb608a165e1c3997cafb60e2fff1b4df8b687e8454711f5e2b19e09536c3cc20d1324a6050690559fddf6640e13289e22d523db0dd41398646ecde132ab8cd1243db1bc80438a28a8aafe0dad21f8a795179b4814cdc3ca740cf61388423d9e90a98dc00580d1de9adff505cc8ab607b41f9f02596ce4a17c424e0064874e3679fda12f79d51075d06a268d07e807dcdb296f34a87593f763a3665b6238a518966aecd7e7e790ba342f8acd3afce2d37dba0fb3792c36aac34081350591b9b6100734e9986b696dc0e40d0bbaa0ba2678ebbc40ef65b1c41d830cc077a14ae424dfa8cb2d2ce4c9ab4a90140c05bfc0f847d60314e35e058a8179b2616c049c67559b516d25099019394ebfdc7fcb2e2657762436d78408fae39bd771ff3b11fc20527ae05e4656fc04ac121e9d890dfe864f4ee81adc8f26f98a149f8d9270186e0994acc9a85ff520d3d9916409080586d3a6e0ef6762b7d3b5384f4f8eb8fa64662f25f04ba278a03b4a4ade2bd4184abc7b92dda8a3d5161ed233b47eee927fc43db76a6944958eaf3ec56540e030dce47860dc935e66c162605b9535b832701f366eafa4de4aaa10277610b6e39fbed7a811780bc8afb5c8b4acf37abbb937095ecb515712bee0837fb11e268bfb57d583e7f71dc16eec5939e3b349a0eda30dd013eb206f9b0ba514c045210f0d8cab4d0d1ee50c0bf7d893e2020e967a44f1c028883c260f99d43b925c794a01dc8e4cff7b5f158f24715ac2695ff8aebc81d63be8ee877fb3229b4963fb9bc83c2fdb4a29040acff5675c0c576ae649ab9cb5b0bf801f3c528dac2878707ca257c31e4c5fe3f25eb8427a88a865d6bf0e283887a488e3116ee2e4376a9c866e814dac7636e62d5317a98eb787a138e73df1c28223334780cc7b2ce65c53a1c4b65bd111ca03ceb26370e2e95236651ee19865bbeb043b0965ce0f82533dcbd0ceb93304317a19ea41be9969b4ae468c2c7fdc29e357a5a7a5ba953f63fa2eda593963cbaff2d3550ce0e807ff549f899d864e59f76ded2c95796021eb9025ca5dd8b545a6e284130266074d665db77af96493359ed9193c95c4128fc5d68c518af76bec5e32006791cedacd4c128a5136c526b769e91ffa9c302bfb7d90d8e36afd703bedac0b0a8c739a3c93481f7b71075c072ef2b05560097361cb18632e1faeb1990ec40aa0b605ee192c14d7d23ea9304455effd2cac771ffa53d78c2e36325e0f0cac", 0x579}], 0x1}}], 0x1, 0x0) recvfrom$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, 0x712000) 21:32:05 executing program 4: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c) listen(r0, 0x5eb857) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r2, &(0x7f0000000080)={0x2, 0x40}, 0x2) r3 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) sendmsg$inet(r1, 0x0, 0x80) openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ubi_ctrl\x00', 0x4000, 0x0) sendmmsg(r3, &(0x7f0000000c00), 0x4000000000001e6, 0x0) 21:32:05 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:05 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(0x0) [ 209.990173] net_ratelimit: 12 callbacks suppressed [ 209.990222] protocol 88fb is buggy, dev hsr_slave_0 [ 210.000327] protocol 88fb is buggy, dev hsr_slave_1 21:32:05 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(0x0) 21:32:05 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(0x0) 21:32:05 executing program 2 (fault-call:3 fault-nth:0): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 210.466624] FAULT_INJECTION: forcing a failure. [ 210.466624] name failslab, interval 1, probability 0, space 0, times 0 [ 210.478226] CPU: 0 PID: 10171 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 210.485249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 210.494616] Call Trace: [ 210.497191] dump_stack+0x138/0x197 [ 210.500825] should_fail.cold+0x10f/0x159 [ 210.504956] should_failslab+0xdb/0x130 [ 210.508912] kmem_cache_alloc+0x47/0x780 [ 210.512955] ? __might_fault+0x110/0x1d0 [ 210.516998] ebitmap_cpy+0xcd/0x270 [ 210.520615] ? hashtab_search+0x196/0x230 [ 210.524744] mls_compute_sid+0x22f/0xd60 [ 210.528787] ? mls_convert_context+0x6a0/0x6a0 [ 210.533357] security_compute_sid.part.0+0xa8f/0x10f0 [ 210.538530] ? get_pid_task+0x98/0x140 [ 210.542404] ? compute_sid_handle_invalid_context+0x270/0x270 [ 210.548268] ? lock_downgrade+0x740/0x740 [ 210.552408] ? find_held_lock+0x35/0x130 [ 210.556465] security_transition_sid+0xd6/0x130 [ 210.561120] selinux_socket_create+0x36d/0x4d0 [ 210.565683] ? selinux_ib_free_security+0x20/0x20 [ 210.570514] security_socket_create+0x83/0xc0 [ 210.574995] __sock_create+0x67/0x620 [ 210.578780] SyS_socket+0xd3/0x170 [ 210.582311] ? move_addr_to_kernel+0x60/0x60 [ 210.586697] ? do_syscall_64+0x53/0x640 [ 210.590662] ? move_addr_to_kernel+0x60/0x60 [ 210.595052] do_syscall_64+0x1e8/0x640 [ 210.598918] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 210.603745] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 210.608913] RIP: 0033:0x45cd67 [ 210.612082] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 210.619768] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 210.627017] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 210.634265] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 [ 210.641516] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 210.648764] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 211.512508] Bluetooth: hci0 command 0x1003 tx timeout [ 211.518263] Bluetooth: hci0 sending frame failed (-49) [ 213.590330] Bluetooth: hci0 command 0x1001 tx timeout [ 213.595631] Bluetooth: hci0 sending frame failed (-49) [ 215.670124] Bluetooth: hci0 command 0x1009 tx timeout 21:32:15 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000240)='/dev/full\x00', 0x0, 0x0) unlinkat(0xffffffffffffffff, 0x0, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r2, &(0x7f0000000280)="66dceb14f42958fa06cb5e50546b12c822b68c0a64724c6d41fa9a0c34deaab5c7241fc1420a8096e6c682c48f16f949faa6fa63ef9cc6f95c9a72523be517f2dccaed2e9e6a94614c097744be152671feefb9c285d8e91910661784a11fc10ad019c1f044931c5cabd1a71eafa1aa7e0ea972f8e490a8c239c89268d4bd7b86faab1ac60b1db7386440bdba5d78ff5f4f661baa25a5f90501327d72a70da5b087cea134111262f43a995cb6", &(0x7f0000000000)=""/28}, 0x20) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_genetlink_get_family_id$tipc2(0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f00000000c0)="0f20d86635200000000f22d826d33566b91109000066b80060000066ba000000000f306766c74424000d0000006766c7442402f60000006766c744240600000000670f0114246766c74424003f8c00006766c7442402e4d400006766c744240600000000670f011424660f38827500b8dd000f00d80f21f30f01c3ddc3", 0x7d}], 0x0, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_TSS_ADDR(r3, 0xae47, 0xd000) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket(0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r5 = socket(0x0, 0x3, 0x0) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) write$vhci(r1, &(0x7f0000000140)=@HCI_EVENT_PKT={0x4, "f24be58d5d815f8800bf22dd52cf21c40bfafc5688411b9245438164d02556b5205b9ae925cb9994b8ff6f68af3294ae29595f82c5d623fb17ba09dc46af69b801940be6b2ff4c66804cdcaffecc5f9bb96ce19cb173eeba1a0a9e3798"}, 0x5e) bind$packet(r5, &(0x7f0000000240), 0x14) 21:32:15 executing program 4: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) ioctl$CAPI_GET_FLAGS(0xffffffffffffffff, 0x80044323, &(0x7f0000000040)) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000000, 0x110, r0, 0xffffa000) 21:32:15 executing program 2 (fault-call:3 fault-nth:1): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:15 executing program 3: bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0xfffffd57) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000008c0)='./cgroup.cpu//y\xf3l\x00@\x05:$\x92\t71\xf7|6\xaf@W\xda\xea\xf2\x897~', 0x1ff) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) close(0xffffffffffffffff) gettid() recvmsg(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000100)=r2, 0x4) syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x2, 0x2) write$cgroup_int(r1, &(0x7f0000000200), 0x400000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) gettid() socket$kcm(0x29, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/avc/hash_stats\x00', 0x0, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f00000003c0)=""/247) setsockopt$inet6_MCAST_LEAVE_GROUP(r4, 0x29, 0x2d, &(0x7f0000000240)={0x80000001, {{0xa, 0x4e21, 0xd57, @remote, 0x6}}}, 0x88) 21:32:15 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000008800000088000000050000000900000002000006040000000a00000039e1000005000000c1ffffff0a0000000600000604000000080000008d00000009000000ff0700000900000000000000100000000400000004000000650000000d000000010000001000000000000008220000000600000002000005000b00000e0000000400000001000000070000000500000000000000005ff53000"], &(0x7f0000000240)=""/226, 0xa5, 0xe2, 0x1}, 0x20) r4 = dup2(r3, r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000080)={0x11, 0x6aff}, 0x8) r6 = socket$bt_rfcomm(0x1f, 0x3, 0x3) bind(r6, &(0x7f0000000100)=@nl=@unspec, 0x80) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:32:15 executing program 0: bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x100, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000140)={0x0, 0x0, 0x5}) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000200)={0x0, 0x0}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) getsockopt$inet_mreqn(r4, 0x0, 0x20, &(0x7f00000002c0)={@initdev, @dev}, &(0x7f0000000300)=0xc) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000280)={r1, r3}) bpf$MAP_CREATE(0x2, 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r5, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r5, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\n\x00!!\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) ioctl(r5, 0x0, 0x0) r6 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r6, &(0x7f0000000100)={0x2, 0x20000004e20, @local}, 0x10) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) sendto$inet(r6, 0x0, 0x0, 0x24000000, &(0x7f0000000040)={0x2, 0x4e20, @local}, 0x10) sendto$inet(r6, &(0x7f00000001c0)="83", 0x1, 0x4081, 0x0, 0x0) ioctl$sock_TIOCINQ(r6, 0x541b, &(0x7f0000000040)) r7 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r7, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:32:15 executing program 4: r0 = creat(0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)=0xffc00) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) clone(0x2000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='devpts\x00', 0x0, &(0x7f00000001c0)='/selinux/policy\x00') r1 = gettid() tkill(r1, 0x3c) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x1, 0x0, 0x1}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f00000050c0)=[{&(0x7f0000004d00)="fb7e931ee752d70dd764f06f58d0f4cdc46282be3888669c286b03ccb30d30b15444f7505a01ad62680a99d6bd1dfc1ba827eabae6064b1b62d3a3af839d7e656f2497f61361748cfd040c8eae2fa7e99db1749d2e6604cf8c805923e66e5d587a4b800f070db6a80f1b16c8a170ddbd7ff1b7de3307a26ccdb4339f6b80eeadfeab3ae9c9d88e532844584127d40d16da", 0x91}, {&(0x7f0000000c40)="c317d879232f423936319cb5f367f7d969c8ad1fe35c06c3c8a0e8a3d99bc8021539e4b89f8d3c6a9af27242bbe69bb64307c5a6efc96d688c1a1caa45cd34cf2386ee70c1a4d6659c10cf5071628e61f284453ad7dbfdd2648e121993659dba24502efa0ba01369a2dc950185d09e0566", 0x71}, {&(0x7f0000004980)="a0692bd46a43ac309275d157eb1d55538e47e2b8ec40665b57a1eef3e10d1606b89e9f7e2f818f2c03489a151c1dbe3c526157adcc68dd6deb2c400df38b73ef145b5cd9ab4f", 0x46}, {&(0x7f0000004dc0)="b2f75a6d820a07e52a14fbe7a37788c4e525b7572d90e7242119c1a45d67709350", 0x21}, {&(0x7f0000004e00)="d6d8babb1e2ca060fda3d8efe5fd24bdb5090c98c09065c8b8f325c3dcaecff19eef9345af22ac5351957fafcba03b51d678fbecdad7f5a0905afeccd5fa141d71c5afb1376d67a8e24988d264cd972f981a87760cfd0da53d0bf6df863664aa06fde01e5f7755219ed3e81ecfaaed2b82913d4c87dc87f083213153534102888daf2eaf4edb04933f1338c7d0389c7c5927740342cb485d55a299a3217ce51dab6c713c2212ddd3ff433194de8d2531d7f740cd3fa65b0d3ed24f2dece7af8771563ebcdc6df3f6311967f8ce576579a9c77fd2e87219f8985acc06668a0b10eacda01032c99a91", 0xe8}, {&(0x7f0000004f00)="40b5d1deac458fe16bd59a6dccdb703cea47a45d3fbdc9b85227edccced50fbbb48ba1152b953941c555f5eabd5c184c00da9fe42b09d16be03b6f1403461e624a5bd2c130652aec97523ed1dbfa3b32312369cea156a5047b46febe63fee9d54a4de40221d319d4cac8ff0fd786a0c87a8943009fd104e73caaac688e94ea0aa11a6f003d3959262577a19e2a2fb5ae954440", 0x93}, {&(0x7f0000004fc0)="fcb56d8f", 0x4}, {&(0x7f0000005000)="8d3815994b2cabcb36ad938ab611a3a47be2ecd38fd24ed56112c70140ad663bd0975d803fd7bfede3525c3aa98a9ef8efaa88fec8adb0ac1f47b9e4a3a4436cdc8e43b2bc4dd934cdac2d1ab9afd281084aaccc96897cb6a7a4d220e65115f68d9ae09da56cf109bb306e0a3c0734dd3e567308120cbcfc02981e284d8e87ad3237c8ddd93a866b56c38157f1a61d4e5e0212044ea1bd32e9d18ba21d02c1529bca047840e8936f9ef8e5c73c141b649a083f1441b54044", 0xb8}], 0x8, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0xffffffffffffff6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x100}}, 0x0, 0x5, 0xffffffffffffffff, 0x0) add_key(&(0x7f0000000000)='id_legacy\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)="b8", 0x1, 0xfffffffffffffffc) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) ioctl$FICLONE(0xffffffffffffffff, 0x40049409, r6) syz_open_dev$sndseq(&(0x7f0000000340)='/dev/snd/seq\x00', 0x0, 0xacdb01d2bbc79f73) socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = socket$inet_udp(0x2, 0x2, 0x0) r8 = creat(&(0x7f0000000000)='./bus\x00', 0x0) syncfs(r8) ioctl$PPPIOCGNPMODE(r8, 0xc008744c, &(0x7f0000000240)={0x3d, 0xf1f2a07b2bbe63e8}) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r9, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) bind$inet(r9, &(0x7f0000003080)={0x2, 0x4e22, @multicast1}, 0x28d) sendmmsg(r7, &(0x7f0000004a80)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000002c0)="6e491c0c5f8c3447b9724af60dd3405488d55ce80c83be371df780f62be471f749ff0cdf2075810c0bf95de16750659c86c576f71f763e81fc31bcad0a7a0348cd894b4b99dfb9caf587044be0fb56c3543dfce1573fd52a06ce658f145baaede7e9d9d3", 0x64}, {&(0x7f0000000380)="addf8cf26d8eaf3ab41099fa546f232aa8bf1743160cdce16fccac02b5feff7971bd5875bbbf391ed2f41f0952c9d9003bc2f9b1bbfe16a7591d1bfa43a41ff508e5e49d18214646d79486ab9dd461ef20a64edce866990691d5a7eb28d1ad586f5746f0560a1664596605c20c1e67632b6af621dd0f6c79749ed57ddf30291b04cc57ca3b70c5c609ae9c98603f779fefa47c4bcdfd1b13ea608db57512f79c18cad32d31584a9034135ddc300d67f4c1dcea76011d1c7d8b2a50e3ec3f38c9129d4b548cdec5af38b56d99e8b8d3269442e28948", 0xd5}, {&(0x7f0000000480)="ecb497be1de7d4bb0612683719822087be0a4c5672af612215ec1956bc0597dd9608fad9daa9540abbc27e020c3ad4d9db38922f3cfbf7a2177c70371e3c74847e2999e983c82efd3773e445dc4e7c9006d9ded60a1b3e8ea0251fb5b53534bf0d4b3a29e538f1241b69124e3a89a6611fbc0538f83b0a7b32787d9988d49dd62e17d5a8483251716d366709e4129f3b890f67e55ef2792bd867f1d8075215cbfc463a64be884622382e050b5dcd07da440162e2f82e5f35e9ab097afc65bfc26df9f0d45f0fa0dd9329be6ef6ab1e11826433f66ebb49f10b285f5473d428f57b4a4b0d504dd33224875d4651026de478cecf3cc887f1c199", 0xf9}, {&(0x7f0000000580)="cc1d178f363aa5fe6816252ef32e6caa080a6bc5b49cd1d77fe7bf0a3ce777e06c7cd284f6072759b6fee4a8dc883610649046ec666b65e3e65d678b28b343752df1abcb23da457150b17d03ae11d9529f6fa1110a439f9009f907b0fa6930924f5652c55d8f242a70ead4098328296b96b18bf7144a471c80250e1b2ae9", 0x7e}, {&(0x7f0000000600)="953393490895d82ee411b75bbe6beb27370e52e6c8112a186c5dfa3084797e15c1f30f0735121de35d6cebe830ddad974171e7bf1b4f8c2d988881e532dfc009747460f760fca5871824671ace48229b43ab9656f3a58da8c0fec184e205a6d58fb2af", 0x63}, {&(0x7f0000000680)="5cc71c14b9495219b65e8938825c810d582cb7b1fe9c1ba93a55bd7ce2834d4bae6df1a3f58df05a61ef92e3213dd2d2063edfb515d2707939a8231e5526415246ea7683d7d50f14a938b60d069853", 0xffffffffffffffe1}], 0x6, &(0x7f0000000200)=[{0x28, 0x119, 0x1000, "b64e51221e2779287407cf54f3a1e38090742d2a24d8"}], 0x28}}, {{&(0x7f0000000780)=@x25={0x9, @remote={[], 0x3}}, 0x80, &(0x7f0000000bc0)=[{&(0x7f0000000800)="01bd77ddb50ec263a0491570de11d0aae697dad10deaf59d7ee6712e8e22000f2422c5d530c9dea9ebdbdc376e0fccdb38d1d426872933ccf689289cbb8c7b80b194f24769946e14c956cc9251f9e8e60c1c3822eb0d1008e692e2cc017e32fa4535c51ebca3eaf781194ab0d6941cfd98f5e1919456e09867d1f63919daad2c9cedc0fa326bf7ebebeab875ca3bbf4e0fad4e4147ec213a2a2108735435c896e5", 0xa1}, {&(0x7f00000008c0)="dae92ca22606075c98c0e4e63044ddcc278ca1976b57c6ae55501b2ea73215dfbd483e91df70e5c635a0ba5937c10233688f003463877d61ac8950e36135a43a4f182de20d503b9b6586a0e6f217d913e0c0094ff3d4ec6b82d81e268fdc445052cb40b33ba32cdeb01c2b977980a436e7f1f5", 0x73}, {&(0x7f0000000940)="c6e7f5d419f7039c96be7aea", 0xc}, {&(0x7f0000000980)="e376b71af48e66f20b7f2d61597c211f19cd880392e9114d89835129353a0d1e95f8caadc5d01b10bb8efaf764fd9ea719ad1f57af880d117d070c2b6f3539747d436ec315c97a16c55bd33ae78db99ae4ae7d441f9db2d6c7daf348f0154b848f08048cffa2bf56b4591df562f0716901abac84d271d16bf30abb2c301cfee7c2627a5a14511823136469f4bf1c0b63307b7cbd9020e08bb75d0133415beab9069a7245ac44c0bb4ff214a042", 0xad}, {&(0x7f0000000a40)="b4ff97761bca09b5ffdd17edb2e119ebc111b5e4080b5d3b8dec5538ec33d61d630db77ee9d4ec955f097c086db164b0e267d08cc0aaf12c", 0x38}, {&(0x7f0000000a80)="65253bb9ede4c74b34d65d7dde63f7270ebd0109e37cc3d4ed8d28fd4e6ab98964ffb07165db64848a31abddb81429a6a789cd84f1730c6e6c84235d3f78ad5b6270c6d52f927f61587367d2d888984308bac79ee8bc898b30285a6ea5eb4e14f7200db41fe5acd291c424ee9cdc9b8c9d18907995771c1d8c10fbd583aaed611c7cbc0bd4ac2bc491087f545449fbc3b16377b9c83693fda56db97eeea315f6c83c390391ca8e63f88d0e964ee831200ddfb79d25ade05210da8db9d56c49f25813dac3bbb040b34df2d9e0ad7b4a247f982e162ef12acad33669d9b6044124030eec0c3bf33565ebac9ff1291c00c73f658e59dd25c0a678", 0xf9}, {&(0x7f0000000b80)='1r+0\t', 0x5}], 0x7, &(0x7f0000000c40), 0x58}}, {{&(0x7f0000000cc0)=@rc={0x1f, {0x80, 0x49, 0x8, 0x80, 0x7, 0x1f}, 0x5}, 0x80, &(0x7f0000000d80)=[{&(0x7f0000000d40)="f91b09fce51a39af9362001faf7622495f07fb17975789", 0x17}], 0x1, 0xffffffffffffffff}}, {{&(0x7f0000000dc0)=@generic={0x14, "7556ebad2e7bcbfbf6b04065fe76ad80d5395279c207255caabc6c079b995282d42b2472ad8c6380af6091e26e5e5e52c4b4ccb3efb2309406993f876f0a9817da9daf9d4407d5cdc1c06d55200dd4ce9e6d8f793cc5c2048d85f5875c71f18a59a17d3699435abd8f745f726494be2255ead6696468aaa116554dbd6de8"}, 0x80, &(0x7f0000001e80)=[{&(0x7f0000000e40)="18b6f8e6941cf784139928dd27a217c179699bac171f49ddf5d568ff21cf58f5b3", 0x21}, {&(0x7f0000000e80)="fdfe0d3077181589a3c0ae6b4ff17cd781f77d2e26625c11e641a7a606db01e8444ba4cd3d3608d8866f84900d88476dc8c5c40ec9afdbb196fb1a27f872fde22b23c2b086b39f2a229fd16ca3d3d462c10d625e885e2db86e202ece4cf234fc18a7254cadef4eeadb5c008713079c20b64a0aa86072b296922ca7ca179eb0a301f7365a8498142ec99ef1b7356d83100e6d117c0d9f79330b7d8846d43344067990ca4ba2ff29d2ceabd8421d57c2f679e2b789aa8e239e9e5c01661c88d214ab36ae92d53efa969e6aabb258c35219c70681cc734d284f6e630937c942451526ec3ad5e6eb8317e0faf43d578190aeead541fb93ffa564d15c07026e185ac4c818e78942842e4525e176d05882e5491f292f17db7c34d000347dce133e439f192e72c0d2dd7d86e3913d9395367040c9dcac5cdc2f9b993a64dfe2ce7e127a606dce66a0ac6d9e520ec52552110ff274532d29615e73f808012e18f74e860fe68a0d8900ac61a614df50ab5257d28779d7285a4ba2faf99a7fdc60d13365a85c61140912ad2d492c30f36eea41b5a9bf0bf41c74be48a791c9bda12e58b7e2170984a9d3977a1a01815713a8f7c353e9bd83f2faa41efc47259786709922beed2a221c87213ba473d7af7b2924ae2fbe68a2b52e6f917c6ac98f1d60e427d2c92798633ad2ac7a13232fbd267b72da1cbf2cc245f0839bf27ea992815f565d6fab43961ba0d473023fec813e34db5f524e0e6ee5b475b99ec75fac6a9cdda2d89388a27c6f3b5726ea0ae6337ce9e5b56e7c2f2dbbcc4cb04eb2554a8d1c055cc160bff5050cc23b5126584b6a2b2a9aaa4bc43b09ac8f6eaa04780469be0df18284a44176e817b9b76d7e097426070664b834eb5dbd47e7bc865687544017d31da46591537b81681e10e9e918a12e6d206fddb9ee5fc4444757ece0e724e0cd82bb7acf13e96b476236617402ba78f079670c07004fe83b2f4fa305dcf4dcfb0f0a30e1498ff95948acab8d0dbad908f8d2838f39b7ced11aa2c619d9c8af26f5c2274e429e5a1a5c81c58be3f53540dba4a503b405b7f89c6a03f06b82eb6ae60acec16fc25247cac1c7ea4456d0402634ee253f3e73d004a5080a1148869500e1e4addf4b14244a79b770bcb5a5a95a60fbf0a4bfaaba3022d42878910fd1f044621ab1d2ad47a58b09d7db3c07db9dbcf4bf9a69de1f43539570a62ff34282338e496a4ed170e47b5cfaeab3de3620995f217547e84b378681bd4d133f3679248b1168e4a1d825501c8cf7940af37f7981952decb5e64700de68fb93019c3c871089268cb1d2096ca9fdf0d99934faab1dd9430cf26d767b2db0fa12a103fe0368b968a764c88bdba2fbd8646db3246a55d3dc42297835a97ddef3b5163a1c01e431bd83e4fec5898c08ce8387bb1a1137e696ea2f23d7fdb01d42c60c3fc584783d7dcf06384faf12fbb4bf6ca9eed80573e06b0977de5032600c0243fa6243bc0f60e4b24b7f7fcf2db84107ef38b60f543e5bb5ddb368d99c978f7fcd41be9acd9c1ed2cee9ed494f9b52aecffdb38a529d4dc42cf0370d692e38acb21f33d894930d6c1d0bc592c94c05814251f11942be23ed98d090e5f8d78d8b72bec315ce5dcc6ed3561eb9fda632c9aeb2a85146deb594ef8b7b9aa9a9fdf0cb543e6e86a2f028070ca04c4993262eace700c21936b5fa5cd6827113bbfdca1bb89fed94c15ac6a9daf585a2d6021805bb32eec576b08f214fe162f63cef378b5889fba84e5eab47881f92967f222237aafabad29081c82c56b169732daf50097695e14acf023192593971b3d7bbb686a6d28c788c660a3688f3b5efef90ba7bb31fba4e02d9c452238ade3f1ae60b3bcce6d3f6c62fb6cded4698a8f56868fdb1600452f29976125f79f3bd91cdd05a71e7c14fd354166f38ecdeb4d286bd94dacc75f914f0948fedb72152bffe78d3e70d5818d307de70c314d0a412d29b8223369ef88dd24738128700a2ae7d36e5d2bab3b98d07879ef62b46328fb603baf314c303198cfc397a955375e6b0d98d8848fd09f0800f6c5aa211f2798769b0df75492d680726ded7337c5bc69a33ebb417c063dbaaa6fd2f5bb2d2b516389129474357a91789b4716b6e5a8a46e3b704d91f29950444f34767878e2a81be5ebebb84e15f4254d29800af594cc6e34bb5946e2457c26fa80d87e96cc578beb4890f8bf520f12f95112bef8d545c44dfe609f296912b52f9fba168d2f53021283db0179079ab2e7b567a4f672c7c23820ee8469b3c22bd4d0f0f9636849e0c95dee9243f1eda8d661f4be892733f30ab6ddf4055641e6772e01f182e5502f8db16a31cb9fd86525eef924189e51ac2d438338add5443b0fba0eb2498312d4a78a36d8750d860d6708c3f7be2843d85016e7d666150deb8ed7188fe81ae9263f8c161dd91175c9d1a31ed6c5df8fac9baa1f8b7085056a0f66ebd2c54e9520cf2aecae51e304a7efd1be95959047fc4ea3a7a8d220d3e0714300b1417587b1138f57360c119be0b519393b11ab4582da55f81d4ba97599e2b540a146a5617e19beaa3282f7f1d6b4a9d9229c06fdd7e7ae778d401a5af127e7774212b7d8ce79d68e2b241f53c73db188d38e8f41868cc22f883a71242d7852cbfed7c177d869a18f033159e6eb5168781c26ef13b25b3676b62b1a528101559d43ad7232ebae4ca272e422f28708bfcbf5f3215603ec5c1ea99e3e9b3533fa4883a36f14d1773343d857d77ca550f7493a9b5650287bc5f65bc5ba4efcf0e5d6af34d6842d25fcde3767b51e46da5a592dabe8027654a051a79b198f5cc602e02917f30947dedf140f145db988eb27e6f5fdad11f38deac62847325b7e87428621be80f073ab8fefe7ea7ae0a7781aa8381fbc831099a81f37d5142282a66f3a4862aa21d080d1ba9ae3dc2be37765ed166da058a0296b3aa0604da251b9ba54f65dfd6a76fa7c12ad07e192f6484e9e6ceac716143ec77880b4746392fba43a01c626ab3772687a7d9e2e966157085db193a43fac83c2e86148ad80d17c29e70ee87e7afefafc2f36083a3d5be224048618e34680da1edbdbebf6e81226c2d6591546336887b75d97a138f182ea9b9f4ef67b315d0265c7ad9c29f3418651e0ac92d54729766a584a4db353155ee5945fc678c99ee3f3f0d38db9ab9574ec5bdc12fc079027cee22d47737eb54bcf2708b7799f268b6207b1e46888b942e9ea20791081b97dc4b34b25dd3fb2774b3a344a0259509a835655fce8567f7e809a9042f8d2b2acbfb5e8594aee0435c5460027e256cd8aa05d2b2ff9362b5a6348b254f2d117cb16198c8364e58223684ffa8695f9b92aa224f4dddbc20449490fefd262883993960d74a2406518bc34ef4bbd0ba9758d7a85c61713b8892697a994670512596b2df57b694a84457b455c8315d65652ad72797f50632b55336966273de1a1c0576839fffb4fce15d3bf9654e866dcb02ab73f9818d55669d5b69a77006e53aafe8168f907731544b9fe6e179bb687926ffd208364a044547afc2941c2095477db9676e5067040b44540d24f0d68fff3ec4668705bd2a8a2af8442da67cc5b1669df3a6f89510de9a08c247586d9390d7f7410890574ca30a84dea7f0ade2f8f5d68cace0b1b3f20d9c7be4678557f27630e5750f1e897b41725ee6df3212a259c9eaf7188d98211433159466f66e66ef2913e60ceeed37cd4a99a0e7b8719a5390a8a0f6fce734a2ee1711f9c658311d1a2ddd298c4d31b87f68d41f5deec3a573815799232f73fff03ae1744bfa53bc495de65b90b9c3dffd04bba70705d50ceb02f8150e36973a3d1c650fe53f5e097cfe8ee745ed2b9ba1db16c7b839e4f28a524ddc6bf46ad6223783e1b301ad76de6f2b1a69854817e910d469606b5829e8f2338cd91fc26788f724225188a3e86a76262dbee9267771ba9e79530d187bb49de19b94d55934e4ed34955a9295d7c218cd6898c92943b9138c75acdf2bf77d7ce6e3c588a29163c9db0e7d46d13834e4c4877a6a0a40d25a3d1328fe596f6452baec4609dd3733e2ea5d78257b587a45083da1192c50b2d61c256e1206423b5ec643dfea15ac80eddd400d4d7a4388f5086e7b63df1dac971c4186f182fd1979b272d76d908d0cdf6a5244c9c76dab4633572d86e419337b6030a15d77041de2261ca9e9dbfa64fcad2407a3977f2f3a4fd5d22f7a2bca3b1a8c3768d9976a5449b2ed9679efe99597e7815092bc9ae6b4be17f386d451bc7df333d89760563525bfc2adddfc6db24132cec5952f5180e739be8f72f9feea6b033d6d8d196b0a75da2aa0466271d60825e61e0fc4efad1e6ff1fb73b49d8c5d3a7a94427eee51a94599ed14c92a9b8d47de26062ac986b230e70bd05154f7e6fba4c5c48aa0a2342b8b85ae5f4df74a13a3273c1ed5ec587717d134d67b61896622298b194c203e9e4e7fb43512fa2f89b9ffeafe8444ee1d8f83f59a8a28de8b23054251cf35d6b9216d707c9890ffa1987968b3e28f89d0fc52ae02ecf2be9d65e7239057a25ec1ef4e9a182fc7e2579f074ca11803ee150ae1b6269305e46595a1f62727cf314bbd06d26943dc34e0e46986f3c4477dd6ff1e4ff857beb5f4d544f5053df180d8ee8bf2770f3230c9ed8694e1be3c91b679868cdb0028594937a3d280314995f66f56c9af1663fa50439c770a18faf1bac8553ce73d879ec05ecb1099163c898a635bd296ec206d113b270b20ed1a6c12cbe104fed9ff04edb2374fef1dfc128b4faa735848781a378347ad2e00c6d0f315b2fd2019ec709d20bca2f0bcb787ed4d710519c3aff6e3f9b8014d311a88d66877c36e499f6fdc69e5f6687b6a27b4a53115596466365cd1f43e773593bc50232cae43d6d5a427a0f2e9cc059d7bd0dada89e1e5d65036c2e1409dd660e000da1c9e4cee4bed5069a64a88ffde47ce00208d37147045f2b310e47f1d2f3eacaf9c237e015f1dbbd26766a06c77ba554390ac5cd7c110f9be9cb1a14c7149ad5ed2a526f36f63d226648bb2c4e4593a9f5580f1d8ae4d61ecce2201bb811e6825ea8193eb30ef32b91c33e15e61addf514145267dd56e2010f087ab80cbfba17de93024526a13a1e9d388625612da2fbfa9de72b01b31d2b34867a06f0436d11bc1a37143b47c58a51160193876a1fa935c146ef7211156bc3080919edb2678e8c126a3a521ea70773b36f09fda5f22c47d40ed09d6e64e026f10c0ef2d9a0fbf768369514a61db21957fde1a6abf48d6d28bfc3a21e9474edc10beb85e1593a10eb005436e3d72604dfa8cbe14fe2e7f8e52b1461ed5a75054a4cecceefbd752f5ba185ff2fb69f7f661b4b4f3e9601a2018bc0f0001b6353b1a492ff547b6a7f193994e955f76e1e22d0943ab3239fcf8ead4edd5c602da7305a4b6b3fa641c557b13f6bd13e203e3f64ad1ecccdc6ff753c56f2011d39b4010f729dc38acfea1399ce433c9446506f6c49d00a3e92d70603f56833301287eb5469ee7c953b54c84df9b0a65697686c899ea05faa628e471b9d43d05bff41c1b79142a316950cf4452f595e17022cdca97ce286589d4bb5712c413322698835b230b0bec2b04c97b1aec0dc49985525e2dbd02b9e9b933cecbe26b82e522cfc47fa4ea5dd5fad3f3a4e9abbe0a03f1cdcd76404b6305a72774b53a51362b629b2ba746eb66a643fc9c50b6fa3e8c47bd1f39f4a3a109674e1f7e964ecd5e366d964771440c8cc963ef92b327a1a91e0720", 0x1000}], 0x2, &(0x7f0000001ec0)=ANY=[@ANYBLOB="90000000000000000801000000800000036923ab0c559b45d920db2630a825fc0582fd82fa84a98c8f843cafc7f3e862147a0f987c78937654248ddbe43b02e07d6fe3317b3dabfd115ef52d88e117a74235e6ae02bcd29654afb9565a66b331792bf82268a9353d5d8de86c51389887841a096d2090a9775ceac46fbedb28fd7adbc10983ab95f5c22764b5f260a90010100000000000000b010000080000007cd8b41cfa20e5b236e53aabd4e23b2c361ee078e1edf3ce32f3d3d4ab5da411805ec428f683e8fdf646e5f1310f41eac5fb017b3a83836ca89db834242b4acc969faac97261533a060769afe3e63005723704fdae9d07ac4dd30362178cd09f69e0716f63dd14870007ba1bdf18c59e107cfa767eb9ddc07efb3f6730413617e6ad122d6f52ae3e1868522b9ba84c8cf7f58276844df4c8f47dd4d4f03fc1ec827fa6a7bd549c17086370b39c915085542544111f554c0f73b799d96dd0444ca6bd6b0e6a0e20ebee681faafaa7a7842975bc31ce6c57e72d255c3ebe2449341aa1ca6f342ee35970e7e5dc18e36fe77cfc980bffec202756136e0824e532daf5f1a81af9566e164c06b3f753d444362eb0d9dc9baf678499ff39f0f759c2d6379b8756feaa86ded32d9afbb91d17794f851eb94412fdfc2728af35c075613780a76b2348041b51950d268def7c3e0fe0c9c6434ccd855e46f2326d785f011d1337d18a500dcac4ae07bdbd95e557b30becc6943e285db8725edcb4eed2bcaf49ce86fe674b865300c95e440e58b5ec5137e43d900a7d558403cef86e97449d42f2340fbd426c2dbc971fde3b3e5e4082d04d04dd2aebe4894c70fc7c0080e2387bc7ed2f277633bb39d9290a4048b4eb73dec22fea128a0f997575454081c7604fa66456ca71dae5af20e0e74bb4cd71c968be5797435e6809635e708e38937458e0d30ddf698f0a888eabb322f690cf22798931a099a4fcfa0870caea28f3f0850a4090cc29937cbb68e32535b74fbea3ecbfef862ea1e7414d2aa53079023dbe44fae1428cd8be31ab5bcbb637899b369acccdc1507d1b5ff09a92ce26bae794e5c064327fbc44819e074fb48c373bf4afb37843dbfcb882db681b3af7d812cf14bc17272553ff574f0dc430bd82aa4b4ac181ebb82ff0b9fd836f59254c8cfb01569ee345845dedb3b2df9e9db7d547efe3acc4eeba01c0fa366a0cdec820f440b1e1f1b2eceb43674f14429f905f33f10867e7a61ee7c2526a7e02f6a77dd9d945a70ce7f42efaa0096a41572f62fda14e15de282af261c4101e92cc78bde2c52bb24b926657ba831020a937364d17702512f4af4bc2d8bc00efc0138cb9b969002959efdc46a361fb7cf76e9d4d3a30e498528b870c1ca50317726f5169acb6d8ace8b356b8d9f927076f6ad1f1891321eed3df9f88cc1e660e1418f6fed5c943e60169e3eb2c39d040fe902d7a445193233bd79c84cf57436ed705556bc171806fccb719bc7e719660128bc3d2c34bad5dff21ae2a527e948632b3465d308959cf15244d7cae8d108326673d2a166f92c69c3c4d3c1747edffae680515523f4e2424428be6224d3d11e0bbb1efa6d23ff177899cc1be7d901cc2c0eab4e7887fd93faa244ac7f85622d1f1e85fe53159912d60e8bd8d3eaf61202ea867463a31599234ad2ec05933a762300f6bf2f2836d1f784ffe7798bf4f7ee9ba079a1c4e50fdd8389732d5390170a34c0880a699279f8caa151fcd6c3cc4ac59112cfd60cfaadc9a218191eb43983acfa10f110da21ec29905d9bae172bc3cdb9b59476bb9313148a8ec2a8ef446a88d4fdfa8d7234f90736c7ad7ecf2368e604ff4cd8334bddfd4968d3f222e97cbf5da7501014d985f34d4246197cc17624966bf823b338ca009f0787d24c5ff35f005a12a6a9b5cede27f270a59c7bbaf0374c5e33c54161a58ad2cb2d9bb26684f99fa12a380a4e0860d1596abe09d18f7a59e594a83cc74421f9d2799cb139ad2bac9a4a0a7ff92a97c9ad5bc86df549c34a9a6b344495d51a2bb11ae08866cbaa4689cd9149e17919be27339d1451a05565ad69f485bd97a0ff8ad02cb2e460aae484bfd3f02e9c37bff82ea7ba000027ffac64da50f93bba4b52938ae93f40e56b27a123ef7d5cefce591b07d1011f7b1673bc35935841a5389eada8baaf289f30c7f5a5f687cf32165ed1a4e08d36246b8dfd231132bd717cd7553e460d4dc9a80d866d5bf44ecf03b9057949de934a1914eade901ef180dce4c690637e953d37ae1710e132b29d50ede8b38ddf633c6cfe5106b053fd80eb9f74a5758e82947c55806782bb29f28047021b0c17bd3100b7b826f38bd9c057eacf7bd6c61eabaf04cb649a57b9e959d32adcc7e59f702432273b5cc4d0f5809aa58e2ee1c7eb2a33c6c5081979969e9a8105c708c820ce4b6c0fd562a8e20f60e85198df609ab299ac716d1f89a398d89cac48b18fbf136c8253ce926348b7355a4bc6c8960e7b054577b06f85149e3658b58dc3c5b5490e3d3a572a5048f56193913ae1f7ceaa4eaa8e2d2858291eb483a587565fa230f5acf5737a01426f79eee8af154dce3ec510771bebd41f6e53ab21890b9e50898e0a711b25a666d8226d4efce6c8a44b39ff1cbac9af4f1c8b0be25421285ac1be59aa23f5bd316009cd3d2e16b45126ea60860fc79ab53e6a5ea81e5b8371d15488cc357ff482c68279eb87bb65649120cc91bcf6c91c16615790f1fb5c7aa3d2c8042eaae6b1612c1f7ad016f5e992dadbdcfa2afcc366262711391f2904495e090826ada44c61cc36437c5c0267d1f883764dedd37a4b7a1ef2231859ba805741d938a141737612654dd5e5ed2c496d66f24cf92a2ce6030dc841008bd098e6498a1d8589a0c5b916d11c596e1c4f06af772bc0341e7038fea7e2db376d7c0433203bc4c947b3fee14689f7f13426f0d9ad241fb1b14a8e1198f8bf3d4d7a939f716057962f71f1de8460d9e109783aa1f9fe781564cfe32a4e501c61ef17f77f82650c7ed7edca23b6917cc06912c7544021f337d38031beadba643b1fef240d71b8cd39179c83a8a4a55c252b7f67b1e4c0843ef84bdbfbb3ca2b058e898bff6ca0ae77a600dd01bb0f87289418bae8479f59efad5a434352d7f3e19c30e7bbe862eacbac9fbbb39569c9c58bb340a0249363d7325b399d131f9a1f86f217ae2b550ae5f5b831c3f8cf4bcbec20f29a9b5690ff2d337566115e6098c3b72deeaac78b912cba08fbb6046fab41a3871c284b56beede9e47a3c57bb1674d9d4b2437f588a97874375fa071875a04fc5785220509b2a0819a714a0a954a83f975868f6a4d9d8518ebdb852b00b4fe0f56c3465caa76c48268f3a17a57509245eb11ac65384552047eb0c2dc275acaabd358d9c716fbb0ce11f015ecfccd7ba3345974d6f2a5dc3083269d50f9b296d9cdca76b37a531b043acaeb989e8dd1a66eb172aa92af8aa82cf50b88898ba364fed84210ccf55ec37d1fa52726517aef412a8416c871dc40ea47a4d4879f163cbacea42c192da08133d94f9f2960afbb7d366b70d5f6efdb09e3e33dc2bdc7dcb33c49cbc9bd7e114bc77cb874ffa8717b40bb7761bcf34296f08fc3a4d82eea3f154c0feacca4bd31d35040d67d1ff47d37de4819a3b39ec4c5c34eb216452bd4efdbd9e5abdbfd10df64148f1be518148fe74959e711fe545e072079ba1a169b44e7bf47d1ae8ed5f569e9c4a28d57a9631ed7c9bc3b5a642ce40b71c90d9586d2143b50b673067b5571060e2b1617404f98c7db7f9a30e2545f2386ce0f76be480256ef8131d0055ad0d74810b70f3cc4e9939bc060ba15d14e95b73d7452fdbab0a44f77b050c71e748380b0db6a527db5e44b350d2ac90f4b1b6b2970ae6c7a2ea000a31820f2e939e5aca32beacd3397dfb6648362d4ebcfcbbd7668f3ab01f32a2c1298a034f27ba3348cc7ae56144919e779b6f09b8d532bf3076dbcf5f5355a7237612878c46fcddc67e7aaa9c544f9c9b4c860f78870ed9892b129f7c76e1cbc3e564d70f5be65462238c00d8a3f8a39412ff73d9dd320d3522a0ec2c9f9f63c2c1e6860694411adb52cf80048bda0d212723d49353b649ddedafe192e188ac6a75a83fe2aa79673bf6658babec89de5c82aaa651bc6f86013286d9d6354a17a7c0035a22c5ef46d0ac785fd4eb250f475991cab8a86d08c471f0ed38220940a6043c8adb64ca5e649835f64aa1fe8eaa27c2e018afa9cdd4b5cafc22b44cbdffc041f1adffc47e8e7cca408e1502045ddd49b46903a3397427df8b443e71232d168bd2cbf836e588f1dd7a41dac85dab6bac595407a052ed7f0c6879824150e453c341040b4797c6df7aee67a0bfdcb4e784b6f1c99f76cf3a4a2784df15d276935fc394727994d484d2f5f62374412ab1a5f30533380220dfeebfd56560948b7537bbfb955471f7cc3a54e7e415ab32f6fb559ef2de9eadba06b0e4d57a76d76cfa4119a7612e1bcd35836f776322d7a461e49c1785aacb9ea3b479698ae48c0c63b89c9305513452b3cfc84acae888c7b5493aa4dd8ae872063c9e40df922a2046f1215744a72199ec972f25aea5146bba8f591c2be6ff3df093279e66f9e5da8f784729009c8f3629dfe5bf3204b7a2ce6737a028315f75e8bed0a3740a277add9f6166882434f52babd9ed783d3928c7e8f7b553babcce11a9154c2fbfc8b0782e30ac3fbb50a4142433c7c704b1c7006445c5b20a2ec1b6428141a0ca1e36e6a35a901459b98dd71d5102ca8c1aacb0ae70912e110b53cf830538c6456ab4b4e52acf7670ce9bb5500466f3d83fea8ee0812e4494f8c38b89a84d8b3921458e779c8bc0a50d18649315247215b36d6c72c81870fa593e6ca1fa514327083c7b6140726be7de47af8c68720d1ef77b803d85cea03a83e54ed06f57ae8dba7f5dbbed8bbfa8edb8021ab8684df0c94df4da54e7911294d18b7f78a7c2191accab9d29d27357ed64c9ac7fa16cb38c9070d134b6bf11cf061ff0053fc6e9c4cafce12d26f6f8ddd7d5bd99f5b2bb63c9459647ce7f4ca625d253dde33e1e3165b3934dc203c852f2c46c4b13dac9e79ba090cdea7a04612b9046e87085c6c503b8be540a344076f912345793560e9767fb5fb6fdc9888189091b5bd225f7a2a68f8ca6b776b742d8ce016ddd9671a1171e08eccb1263ffdaf42ed245c7e83c032b82fbd8c60b7473b1f33a582a4020a60c80312c029fdf474ff9723b06e8a9132100e531bd457f2c2452c57ea26de8be3f80a478748cb7cd0774e1c90688842f277bd2da40a7f6be3a36c47502e184b5c4ecaebc1a5d62f478e6f032ef256dc39f1e81b615acefca64eaf6ebcaa9bd8cb137b4af8d4ee6911933060a95e8bfe0490d743a17f36482d5d84ad0185fb18a0437860aa1ef6ad40463fe6997dcdbaaba66ed8c75a0e682cd01798c884279ebf51cbf79a902f65385ebfaa21db0a46703e7b9de76f93a9afb85f62a853d79837ae05e8c3b93c65fa7e2e7dbad7d7975075cc63f220e8dad34e308d40f5f106a8f87420a7233755471e35d8d9d6f2229455eb52c767318040f27f6a95a89af3c676148bde2f4dd3ab64344db223887075967104585bc1da66490fc4cb7118569c191921382b8a94ebf399b9bb41d22ada35a501ae943187d1d0bdbe5914673031fb89a177f397b8247e2744fbe2427132d51787f511775c7979e1b6248a282ca366726f2b06eeb4c7c5f4c3a12d2d638edf1aa10976b86861d71a513198d64302dcedc24649bd8a353353fe95dd2cf0f35f1b345a39f977cfebcdc4c6a512ad0850f5e7eaf0a82620235a94b95a30f15891eef32c18667bff0059d57659a511548389e78e0460f5a9b00b5cd0449f8767498174575197b9c0d31e89a970136cf0b4f2b457bc834600102c636f240c4d40ddd4945c2c52649b0cd07285774fac2ba13392f20e7aeb85ae7a87c701f8d57eacb7b8d0e59edf"], 0x10a0}}, {{&(0x7f0000002f80)=@ipx={0x4, 0x8000, 0x2, "8cac58177402"}, 0x80, &(0x7f0000003040)=[{&(0x7f0000003000)='V(', 0x2}], 0x1, &(0x7f0000005600)=ANY=[@ANYBLOB="2dfeffffffffffff2900000001000000b916022e3bd2d85724a9e8fdeda33936e8d7b1f306eb5b109c9124af1c5a3db1b98d4483f9b0faf41ddfea7fb9115c9926a2ead5f289e0aff3abbab9dbc8babf0a91ccc6b4a12da27ba42cae28883ebe4bdc7d8b9828053eeefbb71c814b9ff06b0000000000000048000000000000000701000000020000fb05d4dce7c81b81780f306002340158a9a22bc62b66c54c8d532d5d0de1cb5d40cae0aa2b924effd70000bab807772bbf12000000000000b8000000000000000a0100000900819d0a3197c3cb9e0bd46e258c928ac35bb7f14e8fbdbfeba73e1b0186b829a3e51022db9e9a2f8484957a720c4a985e256f98418632ea7df2d3f86f85bb47a09ca84728154c4378c3862cb3c402eeb878c9363692f3e798f6bbcabe596ed1d449298ac2d7d09b10fdec97455001e6370ca5d6cd706d6239ab3b413373cd6c356bd567023d05b87456d2f2b9ce17e5a493add920bdaa9447019bd5361c5cc4599d6e4dbf21ea0dc3446070000000000000000e0100003e0f00005e564641ee518de1bae7f41385df4925b11160975c316db414699434456cb8c1da1f75e55d8084e24f2a81919b0a445a868fee0d74235082c0a62cf3eb0ebc509fe51404658cc6cec3cdc5815e1925340f084677aab78c46d370000000000000a80000000000000000000000690e0b788b1d302d9e39000043758ecd1f627b61daaf42e1677b26017905f8eccc09c60b6c7daf180955f2229e6fa62ab4f2cbbc58cd00176b34628c214d58e25806289ead061c602098c02488cc88aed83844f4804ed1f18bbbac4f48c8b6bc7ce32ff8d814765372677894d23ffad821a8c63a883c9df8ad9ebe551ff9e65f9f11e68be77406ceaf7300b5fd4958c3c3c8fd26834e000000000000c0000000000000001401000006000000c036573044fecf7374135991472df834f43de8f2567919c2a13a86d76b9fa51a55e167a832487fb4fe7d145a01c160bb4f0a649243d53b4b77d2ff199121bad428c47d243c4b59a11397fb0feac2ee35cdcdca0cb2c87d9ee065c4247b5e8830970601166588ebb681148eef3973c71c080317c2eb20642ea49d433d0aa0f492ffff000037bd24adc4bbf0e123318b3bcbe0c60c2735b78f341405812c29b590daa1e1d400c1e8ae2e000198f5bb7d6f685f0c7b5f90ad78ae01b6a8de9ca8cc10742081baaee650e9609e2ccc9ed54723f4efc0af6479367f92437d00e88f458461a3138b05ea935f4a1c90e65fcaf71dba85ee04b451a02601e6f0e888d4ff4d52a347c776e3b7a382c5ebc371bbb1ffac3dccd7c957a8b6d9333d5d9440c12b95c68d0ee296f4bfd667e3fb5c7bf5bd43119441117d053206d5de1ca714198a899d762c6c911c19db33206fea5295373d94f343665dcfa99bc5808164b4c588c2f8c1957f5ec5e49d4e67c6fae15cb41a66f968a3731537fa5aad68d16a034cf97d3d3f081790d7a641452d49f4e61f6285d31cd8e5b2191a00e58f6d47bdb41b7ec5eb90f11361d6782b862208c719a162123c542ae8e126bc25c75f6a4d5cd90a8714bed818e113ba7ee3040ab8121ac6c81963f11319ffef2bf3e088e20521e9e9827b2e8e03e85f8ce8d552cf95811d3665b028c906f54126b77f3d8e51689153b8e0bb1f11e9e85c4f2adbf27a6d0d"], 0x350}}, {{&(0x7f0000003400)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'ccm-aes-ce\x00'}, 0x80, &(0x7f0000004a00)=[{&(0x7f0000003480)="cbc7e78a349162e7da9171ad9026eb31d3dd4228c9c77c8e1e47adb8d9a451f586a537695edcf066d73084c50ef9e23718a6259a23a1b21c36c21d4fe2a95b99abb913171c319ad270add97b82fa2fccd25b14a0b3b1a76d64d51bcc40e1d64d04cc88616b02617354c7be7b56c85aaedda95e5873313a86fb560b693c5e92c515f6d6f87d171463020090955d368496437a13a61e5301e4d20ab2d2c8c16ef551552bb040c2af88b300c5", 0xab}, {&(0x7f0000003540)="0517d58512bbb99e4c1b6bab99cd576e43efad651fd048a0eb5341437cbb6f73fe23d22b171418e2eeb075bb2aa83269155bd6f62896180199a493d2a994d1b469230dc7a4d36d1c20745281621001374a5e8e98f64209777d1b092a91445e90ef9b205a9407ecb0f23c971c72d928b6276537ccca0f3290d3e90bce5fb60ecbc7f0652dd0ec5b2a984834d748f0fa7186038470897ea04c405f2352223de7a2cde4653367ec4f60261a20419f64362f49779488189183e3aa7f82db298d33b875a88cfea5a909313ce9b0f1c06b1a141d79a8c408fd6a5abd22fa0125bbdd3c13900e6eb999c17a", 0xe8}, {&(0x7f0000003640)="baacba29180af3139eddc36755aa3229d1da2646dc1aff3d7e4d60a57daba1de2c1a88f0966edc83742a2c109b06f44db42a4dcbd5829ef06fc6da2052057e96177fc833427218b5f4e6ec3ddd6012ecc115ccbbc964244698e45d64e6cda5565c4f477437788e9f6c4fd46a731d37dada6d199215c53a98025f124b0d8e3f07298fc0e8fbd32ca5c14f2773db7f82745441209ee3a60989695805da1356e0104185eeeb23d0481c8fe360c6fc0c6d49f6bf", 0xb2}, {&(0x7f0000003700)="721ef840eef86a31383ac31cbd121b3f4e99ab4dbe9c7db24801ac92ee2f8a22601d54d7b1e2590071c8c72f93033284aefc4dc4670486f998131a34b7cf65fc4c361fce5e2c9f1c76f3e51751076439d5bf492285d6cb5b4cae458b352eb558e5dc4e283e91750ec30e08449d1a081c291eccc5e0b96206f0ff689ca870504a454c86e1cc9e5d4b21014b591d66ac5e9a9894c76743f234b6077f27acdcfeb7d8b692c89a053f3fc2331d9f93de8d29bfb57a72492420136e81a61baaac2f794e4e13b1270973b78f88e274a7c487d50573a0b7d3a8b33761d08383e5fe33e71fa657bdd66809618cf43e9efc7389b33f7d00b1ff710773b7eab3", 0xfb}, {&(0x7f0000003800)="a35446de0fc062507ce7715eefac06c02f695901b6ef83f76fe74d416455601ca20adb6ff44054aa4c70eedf1d1f6b17e5b28898ea1ee6e3722ce97d9626e6a2cff975142a1db1c32e1f42cceb6325b240ebffd0a6a84dff78df7b9a46075539aa321d3af3b10fd437f2766df0e4f06c5dffd0796467b9c2751f8e46e931d2d1d37ec4b61d716fe9ea9eefa1f12908c2856ec4ed108fdf36f81b6e1c037014fba2bfeea9064e6028be30cc69c12be2d5f508abec54708b025aea71eb05f7c5d9baa729fc34c8d2eea2cbb44daec0a39b429e56d2c23ddd38a579abdc3d0cc1739a0a74f5e26692f3fbb8b5f8e7024b1840a600d49a3ea913456a7379b6536ab83deed88515e50f6457d5190d4602014a8d1be2e54a5f95cdc49a1e4b395cc599d6f5a4f1031601ce05fd26546bf4164918763781304367c786cbf362345e3f0afa8cbc11014224c0f7c90dfabe1c15d1c59f4291a30d7e78c03a8d8bc2ab5b44aeb30af81095a0b730b0193fb6041a7179f8cbc888b14d8d8680f32200df147b8fbe1c2450164913c3e6e855767d350456827a127b8575f6e382b20ad5a9f86ebed1a4e4bb6ebb7f536f0e533455787934787e38cc8b242c840bde12f5f759972edae4fa15930201101ef97a30a212cdf5e4c5f5c2148234f593ca1dea5631f4e588eaddb48fdc3b84c67af7355a726dd234a308bd4aaa8528b1bf341f94df4ad0195c939d3543e953079d90184931f7e1fca453f75f092f77c557c029f1af30c4dc69f59771680884532301bfe1204d6fdb6945a9d6beb50566ceaad850f24a31371c8f3f06ab712912c0310130d2c9bd3909bdc200b32c34aeb3c0b49373b9260b7e5152065efb5f31997c38c96c8aae08b4c0e7938d109e7ef27e951720bc7c5467bf09dc5b9afe756011426cf6fa2e1756064337fabb40ad637f7c5c1f04fecb96a4302c48a416254f9e6dfa5b3859bea14b8d096e345ece09555b8a8e22ab51b372eadb605c1efa78cef6e564b696ff534961cf5677209f64e2ac0274e54cba9ae26731fe6cd3e534bb46f219b663aa75fa6c93c6d457f2e27e674a55152dc1dda9561d7368b5f41a81600269d4527b06b10428379ed3c5f2a288dd22ec9f0bf9d91cc94dacfa2c130580cc8cf2cf1aae2c3375a90d813030600d8155ba57e3d14cac3cc9b96dbb5eb5ad246933f0310cb7cde91af1db9d8b76856ce810b796be1fa2d2650b024dbbfac3b6dd00d408f1c8b1e8d422957e7cd2d8fd63428052fab7d6e862920ec5d25d72ab603833b3d6980370a4e265f1d894708176f086eb28574968f8f1844da7229b922ee4a4405d3ab2aea408dfa3b11149c83f0aec64b6b2e02dc09fe4780ec05975fb071a771a3b233769e7dc111d79ad0b61f375b324a45faae21a5e08f4db60e106ca68c6cc1668dc27e1ef86ef0a643e61d887078e316928131944654517d3e0c4898eacfaaa357b4af87394061079b99998ae37761b45062947bccc3f22459aab18d06401bbed9efe433fc549fd5bb1c1727ab9f763bc0fb12dd4fc2766bb80ef27effaec8e9656c1f26b2df07e498c6e3a4d4dc5a9ec10d26df8792ea4bfb664ca0d5ce9b67eac01dcd0590de5eb72e7a1dd3efe893919f05876b87f3cb4f94ad21ee998a38d959e68f8dc70aaae65f692704f42159fafe1cef52622dac5424b332a90a8eb58fd942ca0380e5cb50e4b54f02292b04110a9043a7820e9dbb553ed12a0249d466e3e5f1dd6f7a3d77a32775b823623187fd2675d3c235fe5a3058f0bcbba67dc5a6622c7c287703780e50595fe6bfc42b0813d073f245d05c077bb9629531b3bd75c71e84dbaa0a161026fdb411ee48595d768f2ec62fdf5dd7030980280d7ea9c7e4ae621afeb25b980f8d26b4768ecec0ad128738090ef7568241cf0b464f782e40820b77b8fb110961de8cda443ac0abf76e686af5080b361c0b653fec9d223aea632eb1bb682e2a303d606350580cc58fc09e45e8eb17764b6bc8c6b31fee3277289a7198dbd09b4a2b6ef3544e0574f0c2357921dce1799e6c47d0610feb9a0bc6b819ca746ae5303c9e9b04abdbd08967a5c32d112930f205ce2eb439815333f82b74bf8e63ef8d3400c58fb86a8004c25ef346a4f38b3652b321b3a93bc61375835d093e15b948b7b332204d0d44beb6f6fe4230365648a45f2391eabe7b960e1b8516d2544ca631f4cdb3449fb7640eaf70e14169c681de6f57d421cee7db37a1065100957d1e5e4bca7e082cdb6dc53dbfc10cd2c83e8be9f81af4514cefa57177ee5ce514def2cab221d8c0a9c286d65ce4f6f759a24c9e277dabff602330aed9628091a4c0ff82c6f43d0fc6b6a72720e61512dfa7367d7c223a37e0f97c152e1b94073e9de70b4ef2741af11fb6fb10ed40eac30a49da27ecc9aa149ba3913d5dbaa3d51e6338927f220d127983599255c5eaa79605fb39f2ff6bf99d9ef88411d44fa35ec5e5a6b245c896eaaf801f3fff2311117bdd8b0e6912410f928959ae2cf45ca23b46e47bae9758a565e7a0f95d62c8fbe1c241f7a016401eb237ecc9a324eb955acd7a37a2e54ebf3d801a22c237931dd0443e921a2885b9417e29be58e4814c4a01d1995c1ee55daf09d704bb40ee6dcb09f24833ae8ef7e9edb4c3490b33119e72a9cc460c652d5397c7483a6460ce3197fc75df5e87c857628066fb071e57666e8c7fd6f965ff51f6deb8c067a4ae41278035adf4e47528c225e331bd125cddfaf40af0fae50380b42e2d12fa89806cf2418e6aa26b731b3eb40bfe5a4ca197141e62bd75a183041e963568f0bfe083a3253f916cf775983514fa73f01ad4f6694b820fc4fbba2bd4e16f395a9b0f178c98c6a0884fcf751118fb108a7d4c707f21c903ee0303451bab268fa682c8fa1bb7e46748931f6d7fb225644292f59a8cd6fdd3709fb7b47554fdf2d416e1638971a3b9061946dab24fa896b1c4c72ea5d3f70caa3d480834b4ceb1d41ad3ff6bb57ac522326ae10c03051a6499a6210d3a3f45886d35fed82fe4f9af53d760c214847ab1a26338e8aea9ac770a92b30f5b410586c29677d843d1c0c198fcb6ce42be3eced4ada06857ef4e3d75f2fa1b9598527962a9a2d88322b5f9fb9e46c605f85c3dea8a84f8927b1227c98c4b1f142a4f0474e2597813ab03580c993fbe91ca522d98d231ed7116d70db1bf634a97523f6813aeacb91b3a0d53975152728b75c9e0be67cf59e0856667f8820a668f1ce1a19806ba85fe59d5e394b716a85bfb732889b6a4726965da64c4f6019c8ae9f179b21678ffd578100bd898e0c48fc659cd1e3eb03887394d9632dcd71a3bc77c4fe0b8c6f9e23ecba7c340a4a9a43d094da9cfd161d2e1c30e86562ae3e764021dd7984292056077e3608b7862f4da4595972f6ddb91c309d534aea4eaf9b779c960eff3430b70e13f94eae6f1a175698b4004149186acb6520de2fe8857aecd142c73a7776d03203cab410cec53d946d1614c8757abdc2df90b9a10f0824c04c15b3e224c40ccdf82e5fb144784e388d6dccc54e9df0ea221af6307cc2e68c3b81cfac910a6318e7bbc02d6f370455713dd4c60c2ac5cf72fb0654c567d7c70aef43f2bed86f37fffe855745be4e9bf4d14b3356e91fca422852bcb350b196114ab9dc53ab7d2568a45489926cc2c46e8ef5a5b9dfa49683ae0cf023c568f8b55873a0391a7b083d8955a696fe0ec5fbc0f55d9dfe4f2c938e433bfc672b82b1c50eeeb8c98628855d77061e2c84ebc953d3517f4b769a30ad8fb084f50c85ae54d5ba4c2d984a720b6a828268eb2cd93004b9232eb9222a606b380caf8ae1fa6d34848d9503870d1360d5eb4032cd10f8f0d8fba8c8767c9d2cc4e471ba951a4176014b74c957b81c07c5c25850d0da7348426d0f5fd43ea25a90a6f889a7a4b7d4494a8bbafc04b1e56215a7a6d279865bd5320fff46ef47ea61e7c8bd2beb9bd7024f3e55246e2ce072b524ed9ba5b398937ce68a91b397c3374888623fe243f7e2b49099544a0bbb4da5cff5d3709f6ed8b36518ed01839a8833078fb846a878c1376d8079d0f8c33419da2107049cd4693e4171e287c5aafb0e88cc28df7c2c9ebd829cad65de00adc1bc1f5d0a4c3056154e262c74d4bd91cfcccb9c86ebbb624ed7cc7757b93c9cf8805ba9569140d942bfc172ada0d8db263fe0af2ae5bc7458471b749e5f6ab6d250801fbc976a4aa2bbb2347072750e13628053aa8a7c19f852af46ac8454b2f4311613ef8c3853bb68a567ab030755755ed0ec67e8727d72241d72ce8c50c9aabe4f225ba5f81d62b4571f1de3e1cee78f94771441c1d34c02420210a358b827245c2a4200644d7c0c0134b527cdf07bdae43ab15995bd5889b482c0134907b096c0f0acaf094680a57bbb6e413c38108c5b31543f4bffe2177d00a8c2b109bf385d01f51b6e85ebfc3cf275d74d899cf1a22bf6488e9341ae7870e00d1cf0b95d24c1fa2aaf8387dc4dded6b89bb4fd725231a8c429840192748ed0c95e4ffd91913a2a7c917541f36e4f2564aa5f6161791001ca3179f3bec7fffb03466fda3404dc7020425973a873ae03e29a671efed231e5ca85221329e43791e879943b984d4aa77edbfc656fece0f43c34d8a800b7c468c446848054b21773158689be608aa91d6ca296ab2b4647d33ac55c78359f4990902a85b3653b65337db8cd0e195ca5700419bd7c1479bea03d683c2ae1ba776cb801b0c14663b951bced9048cbaabfadf99b02ccb75df3241aa3f0003a3e65a781f953d23ba2806d54a351e0b65ed4b7b0157e0ee25e6d48932398d17d64499dcd1dbec34121ab1e554a02ad898c47df8fdc0b7acc402b07a44565781c9d0605f10c6414213098ea92064183f345c2d0169cddea1a7f75116b5192578d49d8e2a33dc8e2c16c3f48e999c33a82687eacd63370ba64a14fc4a6fe55f8a65de3589dbfffdc0f55d98d03905c233d5cdd7e15219a713955580b4f7948600734d43563e02ad432e6449a30d82d5903aa0d56a89e894442c660b74cf1acc99f10b58ed9e0faddc69fe5a63df098acf8545be1fadacc406599acd8a88ccc2f8f6d062fec1e120f2c5b2642f4ef5c6e40f4a904a40cbd1866ad0ebd581262ee18b711a820760d26e92a2c8075e34dae505d990b9f9e5b07295bc0634e228be0752e73167984618050e46e11a04b4abd2ea7a749021a99cac575d6d3ec45c5dc92c33da0744c34942f4e003f51abf5fc390c4ab60e388d0a8fdc9fda26ca16cddf249a021b167ef4681b2837c27411cab58f3ff3512829c41fb4e116957235b4dcae5fc63b6a751f33d5825ce197b8b31c68570e072046dc2aee2c9128b78ece756e04a1a79a232ce5c826226a9f77daf2415f51c7d8221d42810ca94490398ed314acd7882191480b41c263febccbe1cd7b80d5d03353a25175a2c741a40f967f2a3a26661deef5249c2b94513cc7647dd915840be98381fb0c506276cd985d25055d6e4b298c12cb7d202443e2d1c279c2d47d4ab622396d31fd6645d15c834d9aed2a352552c1438f8e3d1b1b31a43d1a9e7830360176fa0f85ab79dc762c77a614604bb2dcdf2e7fc693c07c8e90875271373c7718ecf222721be241ab303a9eb4cbaf610ac8ac104af37d77abcd2bb4dc4b179a246152d563bb5b5b468e2efe2c0d110fec6ae5cad337609820be40248deea346e5415f5fdd26a1460fd451236d491b6c34670dc3d8be97693b8114383e1b3d85843dab5bda9173fcf7", 0x1000}, {&(0x7f0000004800)="23038f8fbbe48a82caf54207cabcf651c1820bf9dcf6ea5b05696253b4723fb1d41e94d01063f82b02a6589dc84cf25ca94f47008e284b7da87a0d9a9dce98510f786536bdb56840a7803ba4279c07325c050cd56dcfd82c356d15f0ab70d32e50ae5d4594e8d953d73b57dd7e55d7a97be7050265b75aef6736cae74bc01244498b9642462dd220517a9bd64ab72121aab96c08cb428d3d3c1fa6236ba64898fa91ae4a9e01161ea2e7ff30effc8dd4aa546a0b6834236c739816095820fb9fca56d0791a7545c1e70307", 0xcb}, {&(0x7f0000004900)="36d5472e28aadab2e0bc9dc07c2575b3827ec5023ad7da1490609e2ed1974248e19bd97b81a876c444ac9dfe88ae371aa5af3a5a31bc79ec59d4939d0685c7ac9363bf742bb854da996c98606877bba76b5518fced81180fcc6cb7e7001a07d0db96bfdc3edbac3b5124bd2b5de66c3ebbf7fd51ea", 0x75}, {&(0x7f0000004c00)="f1729f121a8474900ff8a20400000000000000eb117532fbb0b30ae4279e1e79109b903329e1d179ec540420e2b1e7e65e7c1a19e06674fd8011cfe104f3f78a548684b973914cc89927c955741ac4423a2283c84834336fbd7e90f5e2f91a96c0ad61800277e6e4681d164448d0830b32148553112ac07298f1f215e016e2931c4308fc01915312602272b6a8b332cf2d82e1a3be6d6fd03aa219839ccb50c8f3c2f51b7770ade8b912b9cb75d2db1f5c5e0a4fdcc538b18be6116203e1de74279b2ae87576ff07c0da8426ad3dd3fec135d6450835f4b2c504a29bac4717456f0084634b1754daebd9ea", 0x73}], 0x8, 0x0, 0x195}}], 0x6, 0x40) [ 220.035601] audit: type=1400 audit(1573248735.302:140): avc: denied { map } for pid=10178 comm="syz-executor.4" path="/dev/dsp" dev="devtmpfs" ino=15709 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sound_device_t:s0 tclass=chr_file permissive=1 [ 220.095719] FAULT_INJECTION: forcing a failure. [ 220.095719] name failslab, interval 1, probability 0, space 0, times 0 [ 220.107142] CPU: 1 PID: 10189 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 220.114157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 220.123505] Call Trace: [ 220.123524] dump_stack+0x138/0x197 [ 220.123542] should_fail.cold+0x10f/0x159 [ 220.123554] ? ebitmap_cpy+0xcd/0x270 [ 220.123571] should_failslab+0xdb/0x130 [ 220.123587] kmem_cache_alloc+0x47/0x780 [ 220.123604] ? __might_fault+0x110/0x1d0 [ 220.123629] ebitmap_cpy+0xcd/0x270 [ 220.129911] ? hashtab_search+0x196/0x230 [ 220.129929] mls_compute_sid+0x22f/0xd60 [ 220.129939] ? mls_convert_context+0x6a0/0x6a0 [ 220.129956] security_compute_sid.part.0+0xa8f/0x10f0 [ 220.129968] ? get_pid_task+0x98/0x140 [ 220.137969] ? compute_sid_handle_invalid_context+0x270/0x270 [ 220.137981] ? lock_downgrade+0x740/0x740 [ 220.138002] ? find_held_lock+0x35/0x130 [ 220.145996] security_transition_sid+0xd6/0x130 [ 220.146011] selinux_socket_create+0x36d/0x4d0 [ 220.146023] ? selinux_ib_free_security+0x20/0x20 [ 220.153676] security_socket_create+0x83/0xc0 [ 220.153692] __sock_create+0x67/0x620 [ 220.153703] SyS_socket+0xd3/0x170 [ 220.153713] ? move_addr_to_kernel+0x60/0x60 [ 220.153730] ? do_syscall_64+0x53/0x640 [ 220.153739] ? move_addr_to_kernel+0x60/0x60 [ 220.153750] do_syscall_64+0x1e8/0x640 [ 220.153757] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 220.153773] entry_SYSCALL_64_after_hwframe+0x42/0xb7 21:32:15 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) socket(0x0, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000000), 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:32:15 executing program 2 (fault-call:3 fault-nth:2): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 220.162032] RIP: 0033:0x45cd67 [ 220.162038] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 220.162050] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 220.162056] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 220.162061] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 [ 220.162067] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 220.162073] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 220.217785] devpts: called with bogus options [ 220.313176] bond0: Releasing backup interface bond_slave_1 [ 220.348674] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 220.359882] FAULT_INJECTION: forcing a failure. [ 220.359882] name failslab, interval 1, probability 0, space 0, times 0 [ 220.371381] CPU: 0 PID: 10212 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 220.378591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 220.387937] Call Trace: [ 220.387955] dump_stack+0x138/0x197 [ 220.387974] should_fail.cold+0x10f/0x159 [ 220.387983] ? ebitmap_cpy+0xcd/0x270 [ 220.387999] should_failslab+0xdb/0x130 [ 220.388014] kmem_cache_alloc+0x47/0x780 [ 220.410164] ? __might_fault+0x110/0x1d0 [ 220.414236] ebitmap_cpy+0xcd/0x270 [ 220.417858] ? hashtab_search+0x196/0x230 [ 220.422004] mls_compute_sid+0x22f/0xd60 [ 220.426059] ? mls_convert_context+0x6a0/0x6a0 [ 220.426076] security_compute_sid.part.0+0xa8f/0x10f0 [ 220.426089] ? get_pid_task+0x98/0x140 [ 220.439724] ? compute_sid_handle_invalid_context+0x270/0x270 [ 220.439736] ? lock_downgrade+0x740/0x740 [ 220.439761] ? find_held_lock+0x35/0x130 [ 220.439776] security_transition_sid+0xd6/0x130 [ 220.439790] selinux_socket_create+0x36d/0x4d0 [ 220.439805] ? selinux_ib_free_security+0x20/0x20 [ 220.467941] security_socket_create+0x83/0xc0 [ 220.472431] __sock_create+0x67/0x620 [ 220.476232] SyS_socket+0xd3/0x170 [ 220.479779] ? move_addr_to_kernel+0x60/0x60 [ 220.484177] ? do_syscall_64+0x53/0x640 [ 220.488145] ? move_addr_to_kernel+0x60/0x60 [ 220.492551] do_syscall_64+0x1e8/0x640 [ 220.496426] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 220.501266] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 220.506448] RIP: 0033:0x45cd67 [ 220.509629] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 220.517328] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 220.524586] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 220.531842] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 [ 220.539100] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 220.546358] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 220.553951] protocol 88fb is buggy, dev hsr_slave_0 [ 220.559011] protocol 88fb is buggy, dev hsr_slave_1 21:32:15 executing program 2 (fault-call:3 fault-nth:3): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 220.564172] protocol 88fb is buggy, dev hsr_slave_0 [ 220.569228] protocol 88fb is buggy, dev hsr_slave_1 [ 220.649840] FAULT_INJECTION: forcing a failure. [ 220.649840] name failslab, interval 1, probability 0, space 0, times 0 [ 220.663050] CPU: 1 PID: 10218 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 220.670079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 220.679429] Call Trace: [ 220.682021] dump_stack+0x138/0x197 [ 220.685656] should_fail.cold+0x10f/0x159 [ 220.689813] should_failslab+0xdb/0x130 [ 220.693798] kmem_cache_alloc+0x2d7/0x780 [ 220.697956] ? security_transition_sid+0xa4/0x130 [ 220.702812] ? sock_destroy_inode+0x60/0x60 [ 220.707132] sock_alloc_inode+0x1d/0x260 [ 220.711193] alloc_inode+0x64/0x180 [ 220.714831] new_inode_pseudo+0x19/0xf0 [ 220.718815] sock_alloc+0x41/0x280 [ 220.722356] __sock_create+0x8f/0x620 [ 220.726158] SyS_socket+0xd3/0x170 [ 220.729701] ? move_addr_to_kernel+0x60/0x60 [ 220.734111] ? do_syscall_64+0x53/0x640 [ 220.738086] ? move_addr_to_kernel+0x60/0x60 [ 220.742505] do_syscall_64+0x1e8/0x640 [ 220.746431] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 220.751283] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 220.756468] RIP: 0033:0x45cd67 [ 220.759653] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 220.767368] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 220.774810] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 220.782078] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 [ 220.789352] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 21:32:16 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:32:16 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) socket(0x0, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000000), 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 220.790209] overlayfs: filesystem on './file0' not supported as upperdir [ 220.796618] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 220.798758] socket: no more sockets 21:32:16 executing program 1: perf_event_open(&(0x7f000001d000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x2}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x0) wait4(0x0, 0x0, 0x0, 0x0) r0 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhci\x00', 0x2) read(r0, &(0x7f00000002c0)=""/198, 0xc6) write$vhci(r0, &(0x7f0000000000)=@HCI_VENDOR_PKT, 0x2) 21:32:16 executing program 2 (fault-call:3 fault-nth:4): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:16 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) setsockopt$inet6_dccp_int(r3, 0x21, 0x2, &(0x7f0000000100), 0x4) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r4, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r4, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\n\x00!!\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r5 = fcntl$dupfd(r4, 0xc0a, r2) ioctl$TUNSETPERSIST(r5, 0x400454cb, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x8) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:32:16 executing program 3: bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0xfffffd57) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000008c0)='./cgroup.cpu//y\xf3l\x00@\x05:$\x92\t71\xf7|6\xaf@W\xda\xea\xf2\x897~', 0x1ff) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) close(0xffffffffffffffff) gettid() recvmsg(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000100)=r2, 0x4) syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x2, 0x2) write$cgroup_int(r1, &(0x7f0000000200), 0x400000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) gettid() socket$kcm(0x29, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/avc/hash_stats\x00', 0x0, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f00000003c0)=""/247) setsockopt$inet6_MCAST_LEAVE_GROUP(r4, 0x29, 0x2d, &(0x7f0000000240)={0x80000001, {{0xa, 0x4e21, 0xd57, @remote, 0x6}}}, 0x88) [ 221.057056] FAULT_INJECTION: forcing a failure. [ 221.057056] name failslab, interval 1, probability 0, space 0, times 0 [ 221.069743] CPU: 0 PID: 10238 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 221.076770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 221.086146] Call Trace: [ 221.088734] dump_stack+0x138/0x197 [ 221.092351] should_fail.cold+0x10f/0x159 [ 221.096484] should_failslab+0xdb/0x130 [ 221.100444] kmem_cache_alloc_trace+0x2e9/0x790 [ 221.105094] ? kmem_cache_alloc+0x611/0x780 [ 221.109413] ? security_transition_sid+0xa4/0x130 [ 221.114247] ? sock_destroy_inode+0x60/0x60 [ 221.114264] sock_alloc_inode+0x63/0x260 [ 221.122672] alloc_inode+0x64/0x180 [ 221.122684] new_inode_pseudo+0x19/0xf0 [ 221.122696] sock_alloc+0x41/0x280 [ 221.122707] __sock_create+0x8f/0x620 [ 221.122721] SyS_socket+0xd3/0x170 [ 221.122731] ? move_addr_to_kernel+0x60/0x60 [ 221.122741] ? do_syscall_64+0x53/0x640 [ 221.122750] ? move_addr_to_kernel+0x60/0x60 [ 221.122761] do_syscall_64+0x1e8/0x640 [ 221.122770] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 221.122791] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 221.130363] RIP: 0033:0x45cd67 [ 221.130369] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 221.130380] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 221.130386] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 221.130393] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 [ 221.130399] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 221.130405] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 221.137801] socket: no more sockets [ 221.248675] bond0: Releasing backup interface bond_slave_1 [ 221.272569] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 221.350131] protocol 88fb is buggy, dev hsr_slave_0 [ 221.355266] protocol 88fb is buggy, dev hsr_slave_1 [ 221.360382] protocol 88fb is buggy, dev hsr_slave_0 [ 221.365430] protocol 88fb is buggy, dev hsr_slave_1 [ 221.967474] bond0: Releasing backup interface bond_slave_1 [ 221.976210] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 222.310074] Bluetooth: hci0 command 0x1003 tx timeout [ 222.315359] Bluetooth: hci0 sending frame failed (-49) [ 224.390141] Bluetooth: hci0 command 0x1001 tx timeout [ 224.395437] Bluetooth: hci0 sending frame failed (-49) [ 226.470099] Bluetooth: hci0 command 0x1009 tx timeout 21:32:26 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000008800000088000000050000000900000002000006040000000a00000039e1000005000000c1ffffff0a0000000600000604000000080000008d00000009000000ff0700000900000000000000100000000400000004000000650000000d000000010000001000000000000008220000000600000002000005000b00000e0000000400000001000000070000000500000000000000005ff53000"], &(0x7f0000000240)=""/226, 0xa5, 0xe2, 0x1}, 0x20) r4 = dup2(r3, r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000080)={0x11, 0x6aff}, 0x8) r6 = socket$bt_rfcomm(0x1f, 0x3, 0x3) bind(r6, &(0x7f0000000100)=@nl=@unspec, 0x80) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:32:26 executing program 2 (fault-call:3 fault-nth:5): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:26 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) socket(0x0, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000000), 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:32:26 executing program 0: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000080)={0x0, 0x7, 0x0, 0xd9, "89f0c1a17e2861d5334bdb4a1329a7454e5c989ba11b6f63263066a2410a6ef2"}) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e00000010000fbffffff9078"], 0x0) 21:32:26 executing program 3: bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0xfffffd57) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000008c0)='./cgroup.cpu//y\xf3l\x00@\x05:$\x92\t71\xf7|6\xaf@W\xda\xea\xf2\x897~', 0x1ff) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) close(0xffffffffffffffff) gettid() recvmsg(0xffffffffffffffff, 0x0, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40086602, 0x400007) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000100)=r2, 0x4) syz_open_dev$vbi(&(0x7f0000000080)='/dev/vbi#\x00', 0x2, 0x2) write$cgroup_int(r1, &(0x7f0000000200), 0x400000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) gettid() socket$kcm(0x29, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/avc/hash_stats\x00', 0x0, 0x0) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$DRM_IOCTL_GET_STATS(r5, 0x80f86406, &(0x7f00000003c0)=""/247) setsockopt$inet6_MCAST_LEAVE_GROUP(r4, 0x29, 0x2d, &(0x7f0000000240)={0x80000001, {{0xa, 0x4e21, 0xd57, @remote, 0x6}}}, 0x88) [ 230.906319] FAULT_INJECTION: forcing a failure. [ 230.906319] name failslab, interval 1, probability 0, space 0, times 0 [ 230.924395] CPU: 1 PID: 10269 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 230.931451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.940816] Call Trace: [ 230.943420] dump_stack+0x138/0x197 [ 230.947058] should_fail.cold+0x10f/0x159 [ 230.951219] should_failslab+0xdb/0x130 [ 230.955205] kmem_cache_alloc+0x2d7/0x780 [ 230.959360] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 230.964820] selinux_inode_alloc_security+0xb6/0x2a0 [ 230.969936] security_inode_alloc+0x94/0xd0 [ 230.974264] inode_init_always+0x552/0xaf0 [ 230.979191] alloc_inode+0x81/0x180 [ 230.982843] new_inode_pseudo+0x19/0xf0 [ 230.986821] sock_alloc+0x41/0x280 [ 230.990369] __sock_create+0x8f/0x620 [ 230.994171] SyS_socket+0xd3/0x170 [ 230.997718] ? move_addr_to_kernel+0x60/0x60 [ 231.002135] ? do_syscall_64+0x53/0x640 [ 231.006111] ? move_addr_to_kernel+0x60/0x60 [ 231.010523] do_syscall_64+0x1e8/0x640 [ 231.014413] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 231.019263] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 231.024449] RIP: 0033:0x45cd67 [ 231.027641] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 231.035356] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 231.042621] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 231.049890] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 21:32:26 executing program 2 (fault-call:3 fault-nth:6): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 231.057151] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 231.057158] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 231.064202] net_ratelimit: 4 callbacks suppressed [ 231.064205] socket: no more sockets [ 231.064566] protocol 88fb is buggy, dev hsr_slave_0 [ 231.147612] FAULT_INJECTION: forcing a failure. [ 231.147612] name failslab, interval 1, probability 0, space 0, times 0 [ 231.164388] CPU: 1 PID: 10283 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 231.171420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.180763] Call Trace: [ 231.183354] dump_stack+0x138/0x197 [ 231.186999] should_fail.cold+0x10f/0x159 [ 231.191161] should_failslab+0xdb/0x130 [ 231.195147] __kmalloc+0x2f0/0x7a0 [ 231.198696] ? trace_hardirqs_on_caller+0x400/0x590 [ 231.203711] ? sk_prot_alloc+0x171/0x2a0 [ 231.207766] sk_prot_alloc+0x171/0x2a0 [ 231.211645] sk_alloc+0x39/0xd70 [ 231.215004] __netlink_create+0x6a/0x280 [ 231.219051] ? genl_family_attrbuf+0xf0/0xf0 [ 231.223447] netlink_create+0x2ef/0x510 [ 231.227405] ? genl_unbind+0x190/0x190 [ 231.231279] __sock_create+0x2f6/0x620 [ 231.235168] SyS_socket+0xd3/0x170 [ 231.238700] ? move_addr_to_kernel+0x60/0x60 [ 231.243091] ? do_syscall_64+0x53/0x640 [ 231.247058] ? move_addr_to_kernel+0x60/0x60 [ 231.251464] do_syscall_64+0x1e8/0x640 [ 231.255337] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 231.260184] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 231.265364] RIP: 0033:0x45cd67 [ 231.268535] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 231.276230] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 231.283498] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 231.290765] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 21:32:26 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) socket(0x0, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000000), 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:32:26 executing program 2 (fault-call:3 fault-nth:7): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 231.298034] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 231.305302] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 231.377863] FAULT_INJECTION: forcing a failure. [ 231.377863] name failslab, interval 1, probability 0, space 0, times 0 [ 231.389289] CPU: 1 PID: 10291 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 231.396304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.405649] Call Trace: [ 231.408238] dump_stack+0x138/0x197 [ 231.411881] should_fail.cold+0x10f/0x159 [ 231.416037] should_failslab+0xdb/0x130 [ 231.420023] kmem_cache_alloc_trace+0x2e9/0x790 [ 231.424693] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 231.430148] selinux_sk_alloc_security+0x5a/0x190 [ 231.434992] security_sk_alloc+0x7d/0xb0 [ 231.439060] sk_prot_alloc+0x190/0x2a0 [ 231.442955] sk_alloc+0x39/0xd70 [ 231.446317] __netlink_create+0x6a/0x280 [ 231.450378] ? genl_family_attrbuf+0xf0/0xf0 [ 231.454792] netlink_create+0x2ef/0x510 [ 231.458765] ? genl_unbind+0x190/0x190 [ 231.462659] __sock_create+0x2f6/0x620 [ 231.466550] SyS_socket+0xd3/0x170 [ 231.470097] ? move_addr_to_kernel+0x60/0x60 [ 231.474504] ? do_syscall_64+0x53/0x640 [ 231.478478] ? move_addr_to_kernel+0x60/0x60 [ 231.482900] do_syscall_64+0x1e8/0x640 [ 231.486786] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 231.491654] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 231.496844] RIP: 0033:0x45cd67 [ 231.500027] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 231.507732] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 231.514993] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 21:32:26 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000032000/0x18000)=nil, &(0x7f0000000280)=[@text32={0x20, &(0x7f00000000c0)="b9800000c00f3235010000000f309a090000006500660f3882af724d00002ed8ddc74424008fc4bd87c7442402c43a727fc7442406000000000f011424f30f090f013a360f06c4c18d72d68366baa100ed", 0x51}], 0x1, 0x0, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x2, 0x0, 0x40000004, 0x0, 0x9, 0x0, 0x4cb]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x3, 0x73, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 231.522244] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 [ 231.529493] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 231.536830] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 21:32:26 executing program 2 (fault-call:3 fault-nth:8): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 231.655418] FAULT_INJECTION: forcing a failure. [ 231.655418] name failslab, interval 1, probability 0, space 0, times 0 [ 231.666765] CPU: 1 PID: 10300 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 231.673776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.683129] Call Trace: [ 231.685717] dump_stack+0x138/0x197 [ 231.689348] should_fail.cold+0x10f/0x159 [ 231.693506] should_failslab+0xdb/0x130 [ 231.697488] kmem_cache_alloc+0x47/0x780 [ 231.701563] ? SyS_socket+0xd3/0x170 [ 231.705270] ? do_syscall_64+0x1e8/0x640 [ 231.709316] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 231.714667] ebitmap_cpy+0xcd/0x270 [ 231.718277] ? hashtab_search+0x196/0x230 [ 231.722411] mls_compute_sid+0x22f/0xd60 [ 231.726453] ? mls_convert_context+0x6a0/0x6a0 [ 231.731030] security_compute_sid.part.0+0xa8f/0x10f0 [ 231.736232] ? compute_sid_handle_invalid_context+0x270/0x270 [ 231.742102] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 231.747186] ? __debug_object_init+0x171/0x8e0 [ 231.751754] security_transition_sid+0xd6/0x130 [ 231.756406] selinux_socket_post_create+0x559/0x680 [ 231.761405] ? selinux_sb_copy_data+0x390/0x390 [ 231.766054] ? trace_hardirqs_on+0xd/0x10 [ 231.770192] security_socket_post_create+0x8b/0xc0 [ 231.775111] __sock_create+0x4a1/0x620 [ 231.778981] SyS_socket+0xd3/0x170 [ 231.782505] ? move_addr_to_kernel+0x60/0x60 [ 231.786892] ? do_syscall_64+0x53/0x640 [ 231.790844] ? move_addr_to_kernel+0x60/0x60 [ 231.795232] do_syscall_64+0x1e8/0x640 [ 231.799108] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 231.803936] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 231.809105] RIP: 0033:0x45cd67 [ 231.812283] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 231.819972] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 231.827221] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 231.834469] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 [ 231.841728] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 231.848985] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 21:32:27 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) socket(0x0, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000000), 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:32:27 executing program 3: [ 231.856450] protocol 88fb is buggy, dev hsr_slave_0 [ 231.861564] protocol 88fb is buggy, dev hsr_slave_1 [ 231.866758] protocol 88fb is buggy, dev hsr_slave_0 [ 231.871858] protocol 88fb is buggy, dev hsr_slave_1 [ 233.110112] Bluetooth: hci0 command 0x1003 tx timeout [ 233.115401] Bluetooth: hci0 sending frame failed (-49) [ 235.190343] Bluetooth: hci0 command 0x1001 tx timeout [ 235.195640] Bluetooth: hci0 sending frame failed (-49) [ 237.270326] Bluetooth: hci0 command 0x1009 tx timeout 21:32:36 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000008800000088000000050000000900000002000006040000000a00000039e1000005000000c1ffffff0a0000000600000604000000080000008d00000009000000ff0700000900000000000000100000000400000004000000650000000d000000010000001000000000000008220000000600000002000005000b00000e0000000400000001000000070000000500000000000000005ff53000"], &(0x7f0000000240)=""/226, 0xa5, 0xe2, 0x1}, 0x20) r4 = dup2(r3, r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000080)={0x11, 0x6aff}, 0x8) r6 = socket$bt_rfcomm(0x1f, 0x3, 0x3) bind(r6, &(0x7f0000000100)=@nl=@unspec, 0x80) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:32:36 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = accept$unix(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000040)=0x6e) r2 = syz_open_pts(0xffffffffffffffff, 0x200) ioctl$KDSETMODE(r2, 0x4b3a, 0x9) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1f}) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x10000, 0x5, 0x10002, 0x3ff, 0x0, 0x80007, 0xffffffff}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:32:36 executing program 2 (fault-call:3 fault-nth:9): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:36 executing program 1: 21:32:36 executing program 3: 21:32:36 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) socket(0x0, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000000), 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:32:36 executing program 1: [ 241.176297] FAULT_INJECTION: forcing a failure. [ 241.176297] name failslab, interval 1, probability 0, space 0, times 0 [ 241.187707] CPU: 1 PID: 10328 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 241.194731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.204085] Call Trace: [ 241.206675] dump_stack+0x138/0x197 [ 241.210319] should_fail.cold+0x10f/0x159 [ 241.214470] ? ebitmap_cpy+0xcd/0x270 [ 241.218284] should_failslab+0xdb/0x130 [ 241.222265] kmem_cache_alloc+0x47/0x780 [ 241.226323] ? SyS_socket+0xd3/0x170 [ 241.230044] ? do_syscall_64+0x1e8/0x640 [ 241.234104] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 241.239477] ebitmap_cpy+0xcd/0x270 [ 241.243103] ? hashtab_search+0x196/0x230 [ 241.247257] mls_compute_sid+0x22f/0xd60 [ 241.251324] ? mls_convert_context+0x6a0/0x6a0 [ 241.255921] security_compute_sid.part.0+0xa8f/0x10f0 [ 241.261112] ? compute_sid_handle_invalid_context+0x270/0x270 [ 241.261129] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 241.261142] ? __debug_object_init+0x171/0x8e0 [ 241.261162] security_transition_sid+0xd6/0x130 [ 241.261177] selinux_socket_post_create+0x559/0x680 [ 241.261189] ? selinux_sb_copy_data+0x390/0x390 [ 241.261201] ? trace_hardirqs_on+0xd/0x10 [ 241.261214] security_socket_post_create+0x8b/0xc0 [ 241.261228] __sock_create+0x4a1/0x620 [ 241.303982] SyS_socket+0xd3/0x170 [ 241.307530] ? move_addr_to_kernel+0x60/0x60 [ 241.311937] ? do_syscall_64+0x53/0x640 [ 241.311949] ? move_addr_to_kernel+0x60/0x60 [ 241.311962] do_syscall_64+0x1e8/0x640 21:32:36 executing program 3: 21:32:36 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) socket(0x0, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000000), 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:32:36 executing program 3: 21:32:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) close(r0) [ 241.311971] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 241.311986] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 241.311994] RIP: 0033:0x45cd67 [ 241.311999] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 241.312015] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 241.312020] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 241.312026] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 [ 241.312031] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 21:32:36 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000080)={0x1, 0xbb, 0x1, 0x0, 0x0, [{r0, 0x0, 0x400}]}) r1 = socket$isdn_base(0x22, 0x3, 0x0) bind$isdn_base(r1, &(0x7f00000000c0), 0x6) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 241.312036] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 241.535523] Bluetooth: hci0 sending frame failed (-49) [ 243.590141] Bluetooth: hci0 command 0x1003 tx timeout [ 243.595437] Bluetooth: hci0 sending frame failed (-49) [ 245.670167] Bluetooth: hci0 command 0x1001 tx timeout [ 245.675519] Bluetooth: hci0 sending frame failed (-49) [ 247.750168] Bluetooth: hci0 command 0x1009 tx timeout 21:32:47 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000008800000088000000050000000900000002000006040000000a00000039e1000005000000c1ffffff0a0000000600000604000000080000008d00000009000000ff0700000900000000000000100000000400000004000000650000000d000000010000001000000000000008220000000600000002000005000b00000e0000000400000001000000070000000500000000000000005ff53000"], &(0x7f0000000240)=""/226, 0xa5, 0xe2, 0x1}, 0x20) r4 = dup2(r3, r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000080)={0x11, 0x6aff}, 0x8) r6 = socket$bt_rfcomm(0x1f, 0x3, 0x3) bind(r6, &(0x7f0000000100)=@nl=@unspec, 0x80) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:32:47 executing program 3: prlimit64(0x0, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2}, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000380)=[{&(0x7f0000000100)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r0) setsockopt$ALG_SET_AEAD_AUTHSIZE(0xffffffffffffffff, 0x117, 0x5, 0x0, 0x6) r1 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0) r2 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) write$9p(r1, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e", 0x14a) sendfile(r1, r2, 0x0, 0x10000) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 21:32:47 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) close(r0) 21:32:47 executing program 2 (fault-call:3 fault-nth:10): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:47 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0x222820, 0x0) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x14, &(0x7f0000000040)={r4}, 0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000000c0)={r4, @in={{0x2, 0x4e22, @remote}}, 0x774f, 0x4, 0x4, 0x6d7, 0x80}, 0x98) 21:32:47 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) socket(0x0, 0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000000), 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 252.029347] FAULT_INJECTION: forcing a failure. [ 252.029347] name failslab, interval 1, probability 0, space 0, times 0 [ 252.041000] CPU: 0 PID: 10366 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 252.048018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.048024] Call Trace: [ 252.048040] dump_stack+0x138/0x197 [ 252.048059] should_fail.cold+0x10f/0x159 [ 252.048070] ? ebitmap_cpy+0xcd/0x270 [ 252.048086] should_failslab+0xdb/0x130 [ 252.063635] kmem_cache_alloc+0x47/0x780 [ 252.063646] ? SyS_socket+0xd3/0x170 [ 252.063657] ? do_syscall_64+0x1e8/0x640 [ 252.063668] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 252.063684] ebitmap_cpy+0xcd/0x270 [ 252.096344] ? hashtab_search+0x196/0x230 [ 252.100477] mls_compute_sid+0x22f/0xd60 [ 252.104517] ? mls_convert_context+0x6a0/0x6a0 [ 252.109085] security_compute_sid.part.0+0xa8f/0x10f0 [ 252.114264] ? compute_sid_handle_invalid_context+0x270/0x270 [ 252.120139] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 252.125223] ? __debug_object_init+0x171/0x8e0 [ 252.129794] security_transition_sid+0xd6/0x130 [ 252.134447] selinux_socket_post_create+0x559/0x680 [ 252.139456] ? selinux_sb_copy_data+0x390/0x390 [ 252.144125] ? trace_hardirqs_on+0xd/0x10 [ 252.148262] security_socket_post_create+0x8b/0xc0 [ 252.153182] __sock_create+0x4a1/0x620 [ 252.157067] SyS_socket+0xd3/0x170 [ 252.160594] ? move_addr_to_kernel+0x60/0x60 [ 252.164985] ? do_syscall_64+0x53/0x640 [ 252.168939] ? move_addr_to_kernel+0x60/0x60 [ 252.173333] do_syscall_64+0x1e8/0x640 [ 252.177201] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 252.182032] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 252.187199] RIP: 0033:0x45cd67 [ 252.190367] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 252.198074] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 252.205331] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 252.212584] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 [ 252.219838] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 252.227091] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 21:32:47 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) close(r0) 21:32:47 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000200)={0x1, {{0x2, 0x4e24, @multicast1}}, 0x0, 0x4, [{{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @local}}, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @multicast1}}]}, 0x290) 21:32:47 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f0000000080)={0x8, 0xfffffff7, 0x1, 0x5}) socket(0x5, 0x5, 0x40) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x0, 0x401}, 0x1c) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r5, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f00000000c0)=0x5, 0x4) syz_emit_ethernet(0x2, &(0x7f0000000580)=ANY=[@ANYPTR64=&(0x7f00000005c0)=ANY=[@ANYRESHEX=r5, @ANYPTR, @ANYRES32=0x0, @ANYBLOB="7aaa1dbef5cb5e5e87d4cebe7247492bf8b0eab002552f0eca468a6c019661b7fb4a1c1ba39baf52affcf13eec8c246471a36361f95a0453a965675a64d1e0bc00b24ebacba2516165871fc24163bba68939426554c1eedbe6564b5e780aef124eedd6122eb7f31b9c3b2f899619d262f0cef8092dd11eb9e24ee4e36563373df0d16a2ee832bf959adbf9c51a83d02ad710926c94a441c1dae11714c092f5fb1ee550707ea655ac4b030c2feb3df46a0dbb9e87dce4d719bbc7c2c4f229b33a0501a8db8fc0021ef08ed34bc3947466e4cef5b6e548d66d8de13bc8edb082", @ANYBLOB="070b691f52ad95d17dd45442ea86ce7f4d82dd0715d32c71d75544676610b597d7387c9a635ca81cbfc196f730cf2a6301d0b238fe0e01105984e6cfb71c2018378cf443c667174b8f8db6b984bc5f40c33da85b86a17ebd20d853e47e", @ANYBLOB="5ec4c3bb5e713b3e1fd1e48fbbdb76265179073191de4f578895cd2090693d857419b03e24d0f698d6216f373ccc9f06127e6d772ea3c2aa259d18c7e2e8cf3c2301a702d6a5587046c164d36e0d0d349ec4eec0cc0b3e0e8684812792c38a6fd549a351965030722b2f", @ANYRES64, @ANYRES16], @ANYPTR64=&(0x7f0000000540)=ANY=[]], 0x0) 21:32:47 executing program 2 (fault-call:3 fault-nth:11): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:47 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) socket(0x0, 0x0, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:32:47 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) close(r0) sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0) [ 252.488279] FAULT_INJECTION: forcing a failure. [ 252.488279] name failslab, interval 1, probability 0, space 0, times 0 [ 252.502655] CPU: 0 PID: 10399 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 252.509697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.519045] Call Trace: [ 252.521638] dump_stack+0x138/0x197 [ 252.525257] should_fail.cold+0x10f/0x159 [ 252.529390] should_failslab+0xdb/0x130 [ 252.533347] kmem_cache_alloc+0x2d7/0x780 [ 252.537480] __d_alloc+0x2d/0x9f0 [ 252.540913] d_alloc_pseudo+0x1e/0x30 [ 252.544696] sock_alloc_file+0xd5/0x2f0 [ 252.548667] ? sock_poll+0x220/0x220 [ 252.552362] sock_map_fd+0x36/0x80 [ 252.555885] SyS_socket+0xf1/0x170 [ 252.559403] ? move_addr_to_kernel+0x60/0x60 [ 252.563789] ? do_syscall_64+0x53/0x640 [ 252.567742] ? move_addr_to_kernel+0x60/0x60 [ 252.572132] do_syscall_64+0x1e8/0x640 [ 252.575998] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 252.580825] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 252.585994] RIP: 0033:0x45cd67 [ 252.589162] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 252.598678] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 252.605940] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 252.613205] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 [ 252.620459] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 252.627718] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 252.640432] protocol 88fb is buggy, dev hsr_slave_0 [ 252.645535] protocol 88fb is buggy, dev hsr_slave_1 [ 252.650667] protocol 88fb is buggy, dev hsr_slave_0 [ 252.870105] protocol 88fb is buggy, dev hsr_slave_0 [ 252.875205] protocol 88fb is buggy, dev hsr_slave_1 [ 252.880316] protocol 88fb is buggy, dev hsr_slave_0 [ 252.885465] protocol 88fb is buggy, dev hsr_slave_1 [ 254.390142] Bluetooth: hci0 command 0x1003 tx timeout [ 254.396122] Bluetooth: hci0 sending frame failed (-49) [ 256.470119] Bluetooth: hci0 command 0x1001 tx timeout [ 256.475454] Bluetooth: hci0 sending frame failed (-49) [ 258.550164] Bluetooth: hci0 command 0x1009 tx timeout 21:32:58 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000008800000088000000050000000900000002000006040000000a00000039e1000005000000c1ffffff0a0000000600000604000000080000008d00000009000000ff0700000900000000000000100000000400000004000000650000000d000000010000001000000000000008220000000600000002000005000b00000e0000000400000001000000070000000500000000000000005ff53000"], &(0x7f0000000240)=""/226, 0xa5, 0xe2, 0x1}, 0x20) r4 = dup2(r3, r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000080)={0x11, 0x6aff}, 0x8) socket$bt_rfcomm(0x1f, 0x3, 0x3) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:32:58 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000200)={0x1, {{0x2, 0x4e24, @multicast1}}, 0x0, 0x4, [{{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @local}}, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @multicast1}}]}, 0x290) 21:32:58 executing program 3: r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x400) connect$rxrpc(r0, &(0x7f0000000080)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1e}}}, 0x24) sendmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000010010000010000007700b7d2e1107a3ce6e825e406d58937e7e899e0524843c9577f89f71ebddf077798b47ab4a76907477a209522adca7e5454b7dec9d9a67305c04a8ccffca56ccbcabfb25cc94628348a24593c5dbdf200796a8fd217367c017f76f171c8693ac43b77471be914707d2c3545b812f7f58f436706f17b26aebac8e1ae913379902436610c52b724993141a5cb7a0a9c3dca0a16787a4d0c82e2d9829219e3d981d196f1b71fe49c1a256c49aacd6b000000002150a4058a8e4347e13f94be6d87fc7ecdafb88b1a5cde17a53552e6797c056103b8d9e4eac3f0076580f6e76aec101fc935e5c25fac970f73d3fe7d1f036c1e5b40464269b3a1071ab907d236e91a85b6e2a13b6b5eb5b800"/293], 0x18}}], 0x1, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$VIDIOC_DBG_S_REGISTER(r1, 0x4038564f, &(0x7f0000000040)={{0x4, @addr=0x7fff}, 0x8, 0x96f3, 0x9}) recvmmsg(r0, &(0x7f00000031c0)=[{{0x0, 0xf000000, 0x0, 0x0, 0x0, 0x78}}], 0x371, 0x0, 0x0) 21:32:58 executing program 2 (fault-call:3 fault-nth:12): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:58 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:32:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c000000000000010000000001e000000100004e26000890787443c76a0250cef9cc8da7857c3b515b31bcb438a01844f286ce2b362fda316d2c678469ba9c6fdae10831aa2e16fe26eba0a6bfd070b9d3dff0f2d1bc914ed3eb25723dce57ad2baef9b637dc1722ff488400caeeae9698e45dac5129e228ace5cd5b1f82afc9c2f5c91690b3513d0f037474"], 0x0) [ 262.918729] FAULT_INJECTION: forcing a failure. [ 262.918729] name failslab, interval 1, probability 0, space 0, times 0 21:32:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r1, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0x0) add_key$user(&(0x7f0000000080)='user\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000280)="3d80d569b546ce1d765d48cb41d26818efa96a033ee0f99fd045b0a8c40848cc3842bec010ec4bc852027beebb0cf933186eb961c8c66e7e3df1215685a9e28fcae32ac6bdf17ec9e8b7e12dcda1777fe63ec68b7e01bf723dcb7d4eae2282434369e718b71b5cb4d16a9507863679369229a3430bc60313b7404d439c5100440c28fa3b449df3395f474ec257cacc5a762a06daecc3787f4af11eea43493844", 0xa0, r2) ioctl$sock_ifreq(r1, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\n\x00!!\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) socket$isdn_base(0x22, 0x3, 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:32:58 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000200)={0x1, {{0x2, 0x4e24, @multicast1}}, 0x0, 0x4, [{{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @local}}, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @multicast1}}]}, 0x290) [ 262.962236] CPU: 0 PID: 10419 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 262.969328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.978687] Call Trace: [ 262.981285] dump_stack+0x138/0x197 [ 262.984924] should_fail.cold+0x10f/0x159 [ 262.989083] should_failslab+0xdb/0x130 [ 262.993066] kmem_cache_alloc+0x2d7/0x780 [ 262.997234] ? lock_downgrade+0x740/0x740 [ 263.001390] get_empty_filp+0x8c/0x3f0 [ 263.005293] alloc_file+0x23/0x440 [ 263.008841] sock_alloc_file+0x11c/0x2f0 [ 263.012901] ? sock_poll+0x220/0x220 [ 263.016616] sock_map_fd+0x36/0x80 [ 263.020149] SyS_socket+0xf1/0x170 [ 263.020162] ? move_addr_to_kernel+0x60/0x60 [ 263.020172] ? do_syscall_64+0x53/0x640 [ 263.020180] ? move_addr_to_kernel+0x60/0x60 [ 263.020191] do_syscall_64+0x1e8/0x640 [ 263.020199] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 263.020214] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 263.020222] RIP: 0033:0x45cd67 [ 263.020227] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 263.028158] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 263.028164] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 263.028169] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 [ 263.028175] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 263.028181] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 263.032296] protocol 88fb is buggy, dev hsr_slave_0 [ 263.032342] protocol 88fb is buggy, dev hsr_slave_1 21:32:58 executing program 2 (fault-call:3 fault-nth:13): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:32:58 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 263.032407] protocol 88fb is buggy, dev hsr_slave_0 [ 263.032452] protocol 88fb is buggy, dev hsr_slave_1 [ 263.125371] bond0: Releasing backup interface bond_slave_1 [ 263.197514] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 263.209055] FAULT_INJECTION: forcing a failure. [ 263.209055] name failslab, interval 1, probability 0, space 0, times 0 [ 263.239255] bond0: Releasing backup interface bond_slave_1 [ 263.246464] CPU: 1 PID: 10444 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 263.253501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.262853] Call Trace: [ 263.265444] dump_stack+0x138/0x197 [ 263.269080] should_fail.cold+0x10f/0x159 [ 263.273237] should_failslab+0xdb/0x130 [ 263.277219] kmem_cache_alloc+0x2d7/0x780 [ 263.281370] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 263.286825] ? check_preemption_disabled+0x3c/0x250 [ 263.286841] selinux_file_alloc_security+0xb4/0x190 [ 263.286853] security_file_alloc+0x6d/0xa0 [ 263.286867] get_empty_filp+0x162/0x3f0 [ 263.286877] alloc_file+0x23/0x440 [ 263.286892] sock_alloc_file+0x11c/0x2f0 [ 263.286900] ? sock_poll+0x220/0x220 [ 263.286913] sock_map_fd+0x36/0x80 [ 263.286922] SyS_socket+0xf1/0x170 [ 263.286932] ? move_addr_to_kernel+0x60/0x60 [ 263.327964] ? do_syscall_64+0x53/0x640 [ 263.331944] ? move_addr_to_kernel+0x60/0x60 [ 263.336358] do_syscall_64+0x1e8/0x640 [ 263.340248] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 263.345097] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 263.350286] RIP: 0033:0x45cd67 [ 263.353476] RSP: 002b:00007f48dde7a9c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 263.361185] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 000000000045cd67 [ 263.368457] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 263.375718] RBP: 000000000075bf20 R08: 000000000000000b R09: 0000000000000000 21:32:58 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:32:58 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000200)={0x1, {{0x2, 0x4e24, @multicast1}}, 0x0, 0x4, [{{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @local}}, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @multicast1}}]}, 0x290) [ 263.382985] R10: 0000000000000064 R11: 0000000000000202 R12: 00007f48dde7aa40 [ 263.390256] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 263.400253] protocol 88fb is buggy, dev hsr_slave_0 [ 263.405356] protocol 88fb is buggy, dev hsr_slave_1 [ 263.427400] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 265.190098] Bluetooth: hci0 command 0x1003 tx timeout [ 265.195409] Bluetooth: hci0 sending frame failed (-49) [ 267.270119] Bluetooth: hci0 command 0x1001 tx timeout [ 267.275415] Bluetooth: hci0 sending frame failed (-49) [ 269.350123] Bluetooth: hci0 command 0x1009 tx timeout 21:33:09 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000080)=""/24, &(0x7f00000000c0)=0x18) 21:33:09 executing program 2 (fault-call:3 fault-nth:14): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:33:09 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:09 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:09 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000008800000088000000050000000900000002000006040000000a00000039e1000005000000c1ffffff0a0000000600000604000000080000008d00000009000000ff0700000900000000000000100000000400000004000000650000000d000000010000001000000000000008220000000600000002000005000b00000e0000000400000001000000070000000500000000000000005ff53000"], &(0x7f0000000240)=""/226, 0xa5, 0xe2, 0x1}, 0x20) r4 = dup2(r3, r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000080)={0x11, 0x6aff}, 0x8) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:33:09 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:33:09 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:09 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 273.819106] FAULT_INJECTION: forcing a failure. [ 273.819106] name failslab, interval 1, probability 0, space 0, times 0 [ 273.884165] CPU: 1 PID: 10471 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 273.891219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.900571] Call Trace: [ 273.903168] dump_stack+0x138/0x197 [ 273.906806] should_fail.cold+0x10f/0x159 [ 273.910969] should_failslab+0xdb/0x130 [ 273.914954] kmem_cache_alloc_node+0x287/0x780 [ 273.919553] __alloc_skb+0x9c/0x500 [ 273.923183] ? skb_scrub_packet+0x4b0/0x4b0 [ 273.927508] ? netlink_autobind.isra.0+0x1c9/0x290 21:33:09 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 273.932437] netlink_sendmsg+0x874/0xc60 [ 273.932453] ? netlink_unicast+0x640/0x640 [ 273.932469] ? security_socket_sendmsg+0x89/0xb0 [ 273.932480] ? netlink_unicast+0x640/0x640 [ 273.932490] sock_sendmsg+0xce/0x110 [ 273.932500] ___sys_sendmsg+0x70a/0x840 [ 273.932510] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 273.932521] ? __fget+0x210/0x370 [ 273.940792] ? find_held_lock+0x35/0x130 [ 273.940803] ? __fget+0x210/0x370 [ 273.940820] ? lock_downgrade+0x740/0x740 [ 273.940833] ? __fget+0x237/0x370 [ 273.940847] ? __fget_light+0x172/0x1f0 [ 273.940857] ? __fdget+0x1b/0x20 [ 273.940866] ? sockfd_lookup_light+0xb4/0x160 [ 273.940877] __sys_sendmsg+0xb9/0x140 [ 273.949835] ? SyS_shutdown+0x170/0x170 [ 273.949848] ? fd_install+0x4d/0x60 [ 273.949868] SyS_sendmsg+0x2d/0x50 [ 273.949878] ? __sys_sendmsg+0x140/0x140 [ 273.969755] do_syscall_64+0x1e8/0x640 [ 273.969766] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 273.969783] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 273.969790] RIP: 0033:0x413ed1 [ 273.969795] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 273.969806] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 [ 273.969811] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 273.969817] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 273.969822] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 273.969827] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 21:33:09 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:09 executing program 2 (fault-call:3 fault-nth:15): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:33:09 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x100) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 274.237414] FAULT_INJECTION: forcing a failure. [ 274.237414] name failslab, interval 1, probability 0, space 0, times 0 [ 274.275773] CPU: 0 PID: 10497 Comm: syz-executor.2 Not tainted 4.14.152 #0 21:33:09 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getpeername$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0}, &(0x7f00000000c0)=0x14) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', r2}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) getsockopt$bt_sco_SCO_OPTIONS(r3, 0x11, 0x1, &(0x7f00000001c0)=""/137, &(0x7f0000000280)=0x89) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) bind$rxrpc(r1, &(0x7f0000000140)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e23, @multicast2}}, 0x24) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e080000100004e2600089078"], 0x0) 21:33:09 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 274.282836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 274.292186] Call Trace: [ 274.294781] dump_stack+0x138/0x197 [ 274.298420] should_fail.cold+0x10f/0x159 [ 274.302581] should_failslab+0xdb/0x130 [ 274.306569] kmem_cache_alloc_node_trace+0x280/0x770 [ 274.311677] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 274.317138] __kmalloc_node_track_caller+0x3d/0x80 [ 274.322072] __kmalloc_reserve.isra.0+0x40/0xe0 [ 274.326744] __alloc_skb+0xcf/0x500 [ 274.330358] ? skb_scrub_packet+0x4b0/0x4b0 [ 274.334690] ? netlink_autobind.isra.0+0x1c9/0x290 [ 274.339603] netlink_sendmsg+0x874/0xc60 [ 274.343646] ? netlink_unicast+0x640/0x640 [ 274.347865] ? security_socket_sendmsg+0x89/0xb0 [ 274.352615] ? netlink_unicast+0x640/0x640 [ 274.356828] sock_sendmsg+0xce/0x110 [ 274.360523] ___sys_sendmsg+0x70a/0x840 [ 274.364479] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 274.369223] ? __fget+0x210/0x370 [ 274.372658] ? find_held_lock+0x35/0x130 [ 274.376699] ? __fget+0x210/0x370 [ 274.380152] ? lock_downgrade+0x740/0x740 [ 274.384291] ? __fget+0x237/0x370 [ 274.387727] ? __fget_light+0x172/0x1f0 [ 274.391684] ? __fdget+0x1b/0x20 [ 274.395032] ? sockfd_lookup_light+0xb4/0x160 [ 274.399508] __sys_sendmsg+0xb9/0x140 [ 274.403290] ? SyS_shutdown+0x170/0x170 [ 274.407245] ? fd_install+0x4d/0x60 [ 274.410860] SyS_sendmsg+0x2d/0x50 [ 274.414380] ? __sys_sendmsg+0x140/0x140 [ 274.418422] do_syscall_64+0x1e8/0x640 [ 274.422292] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 274.427119] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 274.432288] RIP: 0033:0x413ed1 21:33:09 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 274.435461] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 274.443163] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 [ 274.450421] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 274.457679] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 274.464937] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 274.472188] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 274.710145] protocol 88fb is buggy, dev hsr_slave_0 [ 274.715222] protocol 88fb is buggy, dev hsr_slave_1 [ 274.720338] protocol 88fb is buggy, dev hsr_slave_0 [ 274.725579] protocol 88fb is buggy, dev hsr_slave_1 [ 276.150124] Bluetooth: hci0 command 0x1003 tx timeout [ 276.156053] Bluetooth: hci0 sending frame failed (-49) [ 278.230211] Bluetooth: hci0 command 0x1001 tx timeout [ 278.235503] Bluetooth: hci0 sending frame failed (-49) [ 280.310187] Bluetooth: hci0 command 0x1009 tx timeout 21:33:19 executing program 2 (fault-call:3 fault-nth:16): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:33:19 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000008800000088000000050000000900000002000006040000000a00000039e1000005000000c1ffffff0a0000000600000604000000080000008d00000009000000ff0700000900000000000000100000000400000004000000650000000d000000010000001000000000000008220000000600000002000005000b00000e0000000400000001000000070000000500000000000000005ff53000"], &(0x7f0000000240)=""/226, 0xa5, 0xe2, 0x1}, 0x20) r4 = dup2(r3, r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:33:19 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:19 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:19 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:33:19 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) arch_prctl$ARCH_GET_FS(0x1003, &(0x7f0000000080)) [ 284.671358] FAULT_INJECTION: forcing a failure. [ 284.671358] name failslab, interval 1, probability 0, space 0, times 0 [ 284.693602] CPU: 1 PID: 10526 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 284.700643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 284.709994] Call Trace: [ 284.712587] dump_stack+0x138/0x197 [ 284.716222] should_fail.cold+0x10f/0x159 21:33:20 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 284.720380] should_failslab+0xdb/0x130 [ 284.724355] kmem_cache_alloc+0x47/0x780 [ 284.728423] ? lock_acquire+0x16f/0x430 [ 284.732411] ? check_preemption_disabled+0x3c/0x250 [ 284.737430] skb_clone+0x129/0x320 [ 284.740971] netlink_deliver_tap+0x681/0x8f0 [ 284.745386] netlink_unicast+0x4b2/0x640 [ 284.749455] ? netlink_attachskb+0x6a0/0x6a0 [ 284.753878] ? security_netlink_send+0x81/0xb0 [ 284.758462] netlink_sendmsg+0x7c4/0xc60 [ 284.762529] ? netlink_unicast+0x640/0x640 [ 284.766764] ? security_socket_sendmsg+0x89/0xb0 [ 284.766776] ? netlink_unicast+0x640/0x640 [ 284.766787] sock_sendmsg+0xce/0x110 [ 284.766796] ___sys_sendmsg+0x70a/0x840 [ 284.766807] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 284.766817] ? __fget+0x210/0x370 [ 284.766829] ? find_held_lock+0x35/0x130 [ 284.766838] ? __fget+0x210/0x370 [ 284.775814] ? lock_downgrade+0x740/0x740 [ 284.775830] ? __fget+0x237/0x370 [ 284.775843] ? __fget_light+0x172/0x1f0 [ 284.775854] ? __fdget+0x1b/0x20 [ 284.775863] ? sockfd_lookup_light+0xb4/0x160 [ 284.775874] __sys_sendmsg+0xb9/0x140 [ 284.775884] ? SyS_shutdown+0x170/0x170 [ 284.827192] ? fd_install+0x4d/0x60 [ 284.830834] SyS_sendmsg+0x2d/0x50 [ 284.834372] ? __sys_sendmsg+0x140/0x140 [ 284.838442] do_syscall_64+0x1e8/0x640 [ 284.842504] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 284.847355] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 284.852543] RIP: 0033:0x413ed1 [ 284.855730] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 284.863442] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 21:33:20 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 284.870707] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 284.877975] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 284.885239] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 284.892509] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 21:33:20 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r3 = getpgrp(r2) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) tgkill(r3, r4, 0x23) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:33:20 executing program 2 (fault-call:3 fault-nth:17): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:33:20 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 285.046488] FAULT_INJECTION: forcing a failure. [ 285.046488] name failslab, interval 1, probability 0, space 0, times 0 [ 285.058582] CPU: 1 PID: 10553 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 285.065605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.074958] Call Trace: [ 285.077558] dump_stack+0x138/0x197 [ 285.081199] should_fail.cold+0x10f/0x159 [ 285.085356] should_failslab+0xdb/0x130 [ 285.089336] kmem_cache_alloc+0x47/0x780 21:33:20 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:20 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:20 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 285.093414] ? lock_acquire+0x16f/0x430 [ 285.097388] ? check_preemption_disabled+0x3c/0x250 [ 285.102404] skb_clone+0x129/0x320 [ 285.105946] dev_queue_xmit_nit+0x2d8/0x940 [ 285.110284] dev_hard_start_xmit+0xa7/0x8b0 [ 285.114608] ? check_preemption_disabled+0x10/0x250 [ 285.119634] __dev_queue_xmit+0x1d95/0x25e0 [ 285.123956] ? trace_hardirqs_on+0x10/0x10 [ 285.128201] ? netdev_pick_tx+0x300/0x300 [ 285.132351] ? skb_clone+0x129/0x320 [ 285.136073] ? memcpy+0x46/0x50 [ 285.139358] ? __copy_skb_header+0x2b8/0x3e0 [ 285.143768] ? __skb_clone+0x271/0x800 [ 285.147654] dev_queue_xmit+0x18/0x20 [ 285.151554] ? dev_queue_xmit+0x18/0x20 [ 285.151568] netlink_deliver_tap+0x62a/0x8f0 [ 285.151583] netlink_unicast+0x4b2/0x640 [ 285.151594] ? netlink_attachskb+0x6a0/0x6a0 [ 285.151607] ? security_netlink_send+0x81/0xb0 [ 285.159973] netlink_sendmsg+0x7c4/0xc60 [ 285.159990] ? netlink_unicast+0x640/0x640 [ 285.160006] ? security_socket_sendmsg+0x89/0xb0 [ 285.186081] ? netlink_unicast+0x640/0x640 [ 285.190313] sock_sendmsg+0xce/0x110 [ 285.194020] ___sys_sendmsg+0x70a/0x840 [ 285.197985] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 285.202725] ? __fget+0x210/0x370 [ 285.206160] ? find_held_lock+0x35/0x130 [ 285.210217] ? __fget+0x210/0x370 [ 285.213653] ? lock_downgrade+0x740/0x740 [ 285.217785] ? __fget+0x237/0x370 [ 285.221219] ? __fget_light+0x172/0x1f0 [ 285.225187] ? __fdget+0x1b/0x20 [ 285.228538] ? sockfd_lookup_light+0xb4/0x160 [ 285.233014] __sys_sendmsg+0xb9/0x140 [ 285.236811] ? SyS_shutdown+0x170/0x170 [ 285.240767] ? fd_install+0x4d/0x60 [ 285.244383] SyS_sendmsg+0x2d/0x50 [ 285.247911] ? __sys_sendmsg+0x140/0x140 [ 285.251962] do_syscall_64+0x1e8/0x640 [ 285.255837] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 285.260662] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 285.265882] RIP: 0033:0x413ed1 [ 285.269053] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 285.276740] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 [ 285.283991] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 285.291245] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 285.298505] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 285.305760] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 285.320254] protocol 88fb is buggy, dev hsr_slave_0 [ 286.950140] Bluetooth: hci0 command 0x1003 tx timeout [ 286.955438] Bluetooth: hci0 sending frame failed (-49) [ 289.030125] Bluetooth: hci0 command 0x1001 tx timeout [ 289.035414] Bluetooth: hci0 sending frame failed (-49) [ 291.110136] Bluetooth: hci0 command 0x1009 tx timeout 21:33:30 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000008800000088000000050000000900000002000006040000000a00000039e1000005000000c1ffffff0a0000000600000604000000080000008d00000009000000ff0700000900000000000000100000000400000004000000650000000d000000010000001000000000000008220000000600000002000005000b00000e0000000400000001000000070000000500000000000000005ff53000"], &(0x7f0000000240)=""/226, 0xa5, 0xe2, 0x1}, 0x20) r4 = dup2(r3, r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:33:30 executing program 2 (fault-call:3 fault-nth:18): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:33:30 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:33:30 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:30 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000040), 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sendmsg$inet6(r2, &(0x7f0000000500)={&(0x7f0000000080)={0xa, 0x4e23, 0x579, @remote, 0x100}, 0x1c, &(0x7f00000002c0)=[{&(0x7f00000001c0)="d7fda85d8289cd0edf906460dde2ab3abc3a5424a7e50531e01e4d66e0e104bb0ee28ea1f9c9861f87168f703dfc435baa98fb25c38dd7790eedea8858f521ddf5967fdab49c2d75a61712657d828b541c781db7be1c7c1a4d9c67dc2fdd6cf2d4eb96ab059f912a3bfe6b044d2530e2e036d23ca815aea086b70db8a0daeb46ef2c66e820e8e86366720e92caf91b0354766756b426cb577676c69e37e28242275244bc6a3fe424e55e76dee832981218e5083f58d62287e989029950c8b7bf84809ac11cfcff425572725363b079a68a5e48f8c2947548877bad98b7872f2d57b8c0122e1b076c", 0xe8}, {&(0x7f00000000c0)="a62615300f912aeee63074842522f0d3510b6de0ee1cd0c2e75cb076b7a4442c0df3ee0dfbab43d7177cdede14f07da2a6a5f0366c46f7f7b114a065e619763d2c1e231e43922cd8d9c0ee4fdcecc102bffe81c5a7a432a25832374f53a2ec3b", 0x60}, {&(0x7f0000000140)="9c71bbdbecc3da1d2e1e4a9c410448c0877a7fdbe102731e9aebaa8045f8324c7f8edae61883f59a59d54742db5c5a9d8241f4", 0x33}], 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="140000000000000029000000080000000101000000000000a00000000000000029000000370000000210000000000000c20400010000c2040000000004014a0728000000020802400002000000000000000100010000000000c1000000000000000900000000000000050200010748000022da1023000402000000000000009498000000000000ff0300000000000020000000000000000100010000000000000000000000000000000100000000000300000000000000001800000000000000290000003900000004000201000000001400000000000000290000003e00000005000000000000002400000000000000290000003200"/264, @ANYRES32=0x0, @ANYBLOB="0000000065fe7dbe8e7f1f8124de7ebd41583bc0a8418e501b736f64386f4ca72c0daeaffd1ee6f4fb43b4d4ff89e7794f7a0af7e726d936078d706987114c7bbae0ebd7b319599df82cd9efa8f296d238a061032ab6d23ea478dd20d7f0430b930815c1f9a1447d4ae301fe5cf2d7729d9cd5321b33e64d9d65002be06655701c84872be092c9c4d57ab4e37e0703c3b15f79de4d348fd4fcc1fc9adf33a2847ac6"], 0x110}, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:33:30 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:30 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 295.572867] FAULT_INJECTION: forcing a failure. [ 295.572867] name failslab, interval 1, probability 0, space 0, times 0 [ 295.589721] CPU: 0 PID: 10580 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 295.596761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.606108] Call Trace: [ 295.606125] dump_stack+0x138/0x197 [ 295.612309] should_fail.cold+0x10f/0x159 [ 295.612327] should_failslab+0xdb/0x130 [ 295.612341] kmem_cache_alloc_node+0x287/0x780 [ 295.612353] ? idr_get_next+0x111/0x170 [ 295.612369] ? idr_alloc_cmn+0x210/0x210 [ 295.612383] __alloc_skb+0x9c/0x500 [ 295.620474] ? skb_scrub_packet+0x4b0/0x4b0 [ 295.620492] ctrl_build_family_msg+0x3e/0xa0 [ 295.620504] ctrl_getfamily+0x1e0/0x400 [ 295.620517] genl_family_rcv_msg+0x614/0xc30 [ 295.620533] ? genl_unregister_family+0x6a0/0x6a0 [ 295.620544] ? trace_hardirqs_on_caller+0x400/0x590 [ 295.620557] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 295.629087] genl_rcv_msg+0xb4/0x150 [ 295.636728] netlink_rcv_skb+0x14f/0x3c0 [ 295.649379] ? genl_family_rcv_msg+0xc30/0xc30 [ 295.649390] ? netlink_ack+0x9a0/0x9a0 [ 295.649399] ? genl_rcv+0x1a/0x40 [ 295.658617] genl_rcv+0x29/0x40 [ 295.658627] netlink_unicast+0x45d/0x640 [ 295.658640] ? netlink_attachskb+0x6a0/0x6a0 [ 295.699837] ? security_netlink_send+0x81/0xb0 [ 295.704402] netlink_sendmsg+0x7c4/0xc60 [ 295.708452] ? netlink_unicast+0x640/0x640 [ 295.712708] ? security_socket_sendmsg+0x89/0xb0 [ 295.717446] ? netlink_unicast+0x640/0x640 [ 295.721669] sock_sendmsg+0xce/0x110 [ 295.725372] ___sys_sendmsg+0x70a/0x840 [ 295.729338] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 295.734075] ? __fget+0x210/0x370 [ 295.737514] ? find_held_lock+0x35/0x130 [ 295.741564] ? __fget+0x210/0x370 [ 295.745009] ? lock_downgrade+0x740/0x740 [ 295.749141] ? __fget+0x237/0x370 [ 295.752586] ? __fget_light+0x172/0x1f0 [ 295.756549] ? __fdget+0x1b/0x20 [ 295.759897] ? sockfd_lookup_light+0xb4/0x160 [ 295.764372] __sys_sendmsg+0xb9/0x140 [ 295.768170] ? SyS_shutdown+0x170/0x170 [ 295.772159] ? fd_install+0x4d/0x60 [ 295.775803] SyS_sendmsg+0x2d/0x50 [ 295.779330] ? __sys_sendmsg+0x140/0x140 [ 295.783388] do_syscall_64+0x1e8/0x640 [ 295.787280] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 295.792109] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 295.797278] RIP: 0033:0x413ed1 [ 295.800453] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 295.808162] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 [ 295.815412] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 295.822667] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 295.829925] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 295.837174] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 295.844911] protocol 88fb is buggy, dev hsr_slave_0 [ 295.850685] protocol 88fb is buggy, dev hsr_slave_1 [ 295.855888] protocol 88fb is buggy, dev hsr_slave_0 [ 295.861094] protocol 88fb is buggy, dev hsr_slave_1 21:33:31 executing program 2 (fault-call:3 fault-nth:19): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:33:31 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:31 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:31 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 295.986676] FAULT_INJECTION: forcing a failure. [ 295.986676] name failslab, interval 1, probability 0, space 0, times 0 [ 296.026479] CPU: 1 PID: 10598 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 296.033524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 296.042880] Call Trace: [ 296.045470] dump_stack+0x138/0x197 [ 296.049107] should_fail.cold+0x10f/0x159 [ 296.053271] should_failslab+0xdb/0x130 [ 296.057263] kmem_cache_alloc_node_trace+0x280/0x770 [ 296.062381] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 296.067841] __kmalloc_node_track_caller+0x3d/0x80 [ 296.072774] __kmalloc_reserve.isra.0+0x40/0xe0 [ 296.077450] __alloc_skb+0xcf/0x500 [ 296.081077] ? skb_scrub_packet+0x4b0/0x4b0 [ 296.085409] ctrl_build_family_msg+0x3e/0xa0 [ 296.089824] ctrl_getfamily+0x1e0/0x400 [ 296.093801] genl_family_rcv_msg+0x614/0xc30 [ 296.098216] ? genl_unregister_family+0x6a0/0x6a0 [ 296.103061] ? __dev_queue_xmit+0xd33/0x25e0 [ 296.107470] ? trace_hardirqs_on+0xd/0x10 [ 296.111619] ? __local_bh_enable_ip+0x99/0x1a0 [ 296.116212] genl_rcv_msg+0xb4/0x150 [ 296.119930] netlink_rcv_skb+0x14f/0x3c0 [ 296.123992] ? genl_family_rcv_msg+0xc30/0xc30 [ 296.128574] ? netlink_ack+0x9a0/0x9a0 [ 296.132457] ? genl_rcv+0x1a/0x40 21:33:31 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 296.135924] genl_rcv+0x29/0x40 [ 296.139203] netlink_unicast+0x45d/0x640 [ 296.143267] ? netlink_attachskb+0x6a0/0x6a0 [ 296.148147] ? security_netlink_send+0x81/0xb0 [ 296.152745] netlink_sendmsg+0x7c4/0xc60 [ 296.156813] ? netlink_unicast+0x640/0x640 [ 296.161058] ? security_socket_sendmsg+0x89/0xb0 [ 296.165803] ? netlink_unicast+0x640/0x640 [ 296.170025] sock_sendmsg+0xce/0x110 [ 296.173727] ___sys_sendmsg+0x70a/0x840 [ 296.177685] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 296.182421] ? __fget+0x210/0x370 [ 296.185924] ? find_held_lock+0x35/0x130 [ 296.189966] ? __fget+0x210/0x370 [ 296.193403] ? lock_downgrade+0x740/0x740 [ 296.197540] ? __fget+0x237/0x370 [ 296.200974] ? __fget_light+0x172/0x1f0 [ 296.204929] ? __fdget+0x1b/0x20 [ 296.208314] ? sockfd_lookup_light+0xb4/0x160 [ 296.212791] __sys_sendmsg+0xb9/0x140 [ 296.216575] ? SyS_shutdown+0x170/0x170 [ 296.220532] ? fd_install+0x4d/0x60 [ 296.224148] SyS_sendmsg+0x2d/0x50 [ 296.227665] ? __sys_sendmsg+0x140/0x140 [ 296.231708] do_syscall_64+0x1e8/0x640 [ 296.235574] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 296.240399] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 296.245566] RIP: 0033:0x413ed1 [ 296.248733] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 296.256418] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 [ 296.263666] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 296.270925] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 296.278190] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 296.285453] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 21:33:31 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') [ 296.310106] protocol 88fb is buggy, dev hsr_slave_0 [ 296.315248] protocol 88fb is buggy, dev hsr_slave_1 [ 296.320392] protocol 88fb is buggy, dev hsr_slave_0 [ 296.325435] protocol 88fb is buggy, dev hsr_slave_1 [ 297.750087] Bluetooth: hci0 command 0x1003 tx timeout [ 297.755370] Bluetooth: hci0 sending frame failed (-49) [ 299.830120] Bluetooth: hci0 command 0x1001 tx timeout [ 299.835430] Bluetooth: hci0 sending frame failed (-49) [ 301.910096] Bluetooth: hci0 command 0x1009 tx timeout 21:33:41 executing program 2 (fault-call:3 fault-nth:20): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:33:41 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:33:41 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000008800000088000000050000000900000002000006040000000a00000039e1000005000000c1ffffff0a0000000600000604000000080000008d00000009000000ff0700000900000000000000100000000400000004000000650000000d000000010000001000000000000008220000000600000002000005000b00000e0000000400000001000000070000000500000000000000005ff53000"], &(0x7f0000000240)=""/226, 0xa5, 0xe2, 0x1}, 0x20) dup2(r3, r1) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:33:41 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(0xffffffffffffffff, 0xc0305616, &(0x7f0000000080)={0x0, {0x3, 0x400}}) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = syz_open_dev$media(&(0x7f0000000100)='/dev/media#\x00', 0x7ff, 0x101100) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\n\x00!!\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r2, &(0x7f0000000140)={0x40000000}) syz_emit_ethernet(0x32, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaa2a91207a00810000003321ce9d87ce00ab45662a6dd5080045f4001c00000000000090787f000001e0000015597ca6702aa6ae6f4f36c47c"], 0x0) 21:33:41 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:41 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 305.797410] FAULT_INJECTION: forcing a failure. [ 305.797410] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 305.809270] CPU: 1 PID: 10629 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 305.816286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.825640] Call Trace: [ 305.828228] dump_stack+0x138/0x197 [ 305.831867] should_fail.cold+0x10f/0x159 [ 305.836029] __alloc_pages_nodemask+0x1d6/0x7a0 [ 305.840707] ? __alloc_pages_slowpath+0x2930/0x2930 [ 305.845741] cache_grow_begin+0x80/0x400 [ 305.849815] kmem_cache_alloc_node_trace+0x697/0x770 [ 305.854929] __kmalloc_node_track_caller+0x3d/0x80 [ 305.859865] __kmalloc_reserve.isra.0+0x40/0xe0 [ 305.864545] __alloc_skb+0xcf/0x500 [ 305.868170] ? skb_scrub_packet+0x4b0/0x4b0 [ 305.872500] ctrl_build_family_msg+0x3e/0xa0 [ 305.876913] ctrl_getfamily+0x1e0/0x400 [ 305.880892] genl_family_rcv_msg+0x614/0xc30 [ 305.885311] ? genl_unregister_family+0x6a0/0x6a0 [ 305.890153] ? __dev_queue_xmit+0xd33/0x25e0 [ 305.894561] ? trace_hardirqs_on+0xd/0x10 [ 305.898708] ? __local_bh_enable_ip+0x99/0x1a0 [ 305.903306] genl_rcv_msg+0xb4/0x150 [ 305.907025] netlink_rcv_skb+0x14f/0x3c0 [ 305.911086] ? genl_family_rcv_msg+0xc30/0xc30 [ 305.915668] ? netlink_ack+0x9a0/0x9a0 [ 305.919558] ? genl_rcv+0x1a/0x40 [ 305.923015] genl_rcv+0x29/0x40 [ 305.926287] netlink_unicast+0x45d/0x640 [ 305.930342] ? netlink_attachskb+0x6a0/0x6a0 [ 305.930355] ? security_netlink_send+0x81/0xb0 [ 305.930365] netlink_sendmsg+0x7c4/0xc60 [ 305.930379] ? netlink_unicast+0x640/0x640 21:33:41 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:41 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:33:41 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 305.930393] ? security_socket_sendmsg+0x89/0xb0 [ 305.943404] ? netlink_unicast+0x640/0x640 [ 305.943423] sock_sendmsg+0xce/0x110 [ 305.943435] ___sys_sendmsg+0x70a/0x840 [ 305.943447] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 305.943457] ? __fget+0x210/0x370 [ 305.943469] ? find_held_lock+0x35/0x130 [ 305.943478] ? __fget+0x210/0x370 [ 305.943493] ? lock_downgrade+0x740/0x740 [ 305.943507] ? __fget+0x237/0x370 [ 305.943520] ? __fget_light+0x172/0x1f0 [ 305.943530] ? __fdget+0x1b/0x20 [ 305.960416] ? sockfd_lookup_light+0xb4/0x160 [ 305.960430] __sys_sendmsg+0xb9/0x140 [ 305.960439] ? SyS_shutdown+0x170/0x170 [ 305.960450] ? fd_install+0x4d/0x60 [ 305.960470] SyS_sendmsg+0x2d/0x50 [ 305.960478] ? __sys_sendmsg+0x140/0x140 [ 305.960490] do_syscall_64+0x1e8/0x640 [ 305.960499] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 305.960514] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 305.960523] RIP: 0033:0x413ed1 [ 305.976698] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e 21:33:41 executing program 2 (fault-call:3 fault-nth:21): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 305.976711] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 [ 305.976717] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 305.976723] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 305.976729] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 305.976735] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 306.088102] bond0: Releasing backup interface bond_slave_1 [ 306.103947] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 306.114979] FAULT_INJECTION: forcing a failure. [ 306.114979] name failslab, interval 1, probability 0, space 0, times 0 [ 306.151522] CPU: 1 PID: 10644 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 306.158561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 306.167950] Call Trace: [ 306.170552] dump_stack+0x138/0x197 [ 306.174184] should_fail.cold+0x10f/0x159 [ 306.178327] should_failslab+0xdb/0x130 [ 306.182291] kmem_cache_alloc+0x47/0x780 [ 306.182303] ? lock_acquire+0x16f/0x430 [ 306.182313] ? check_preemption_disabled+0x3c/0x250 [ 306.182325] skb_clone+0x129/0x320 [ 306.182336] netlink_deliver_tap+0x681/0x8f0 [ 306.182347] ? sock_ops_is_valid_access+0x70/0x70 [ 306.208117] __netlink_sendskb+0x49/0xa0 [ 306.212181] netlink_unicast+0x525/0x640 [ 306.216245] ? sk_clone_lock+0xa97/0x11f0 [ 306.220397] ? netlink_attachskb+0x6a0/0x6a0 [ 306.224804] ? ctrl_build_family_msg+0x6b/0xa0 [ 306.229389] ctrl_getfamily+0x280/0x400 [ 306.233369] genl_family_rcv_msg+0x614/0xc30 [ 306.237788] ? genl_unregister_family+0x6a0/0x6a0 [ 306.242631] ? __dev_queue_xmit+0xd33/0x25e0 [ 306.247155] ? trace_hardirqs_on+0xd/0x10 [ 306.251300] ? __local_bh_enable_ip+0x99/0x1a0 [ 306.255894] genl_rcv_msg+0xb4/0x150 [ 306.259616] netlink_rcv_skb+0x14f/0x3c0 [ 306.263684] ? genl_family_rcv_msg+0xc30/0xc30 [ 306.268264] ? netlink_ack+0x9a0/0x9a0 [ 306.272145] ? genl_rcv+0x1a/0x40 [ 306.275607] genl_rcv+0x29/0x40 [ 306.278889] netlink_unicast+0x45d/0x640 [ 306.282956] ? netlink_attachskb+0x6a0/0x6a0 [ 306.287359] ? security_netlink_send+0x81/0xb0 [ 306.291924] netlink_sendmsg+0x7c4/0xc60 [ 306.295964] ? netlink_unicast+0x640/0x640 [ 306.300193] ? security_socket_sendmsg+0x89/0xb0 [ 306.304925] ? netlink_unicast+0x640/0x640 [ 306.309140] sock_sendmsg+0xce/0x110 [ 306.312848] ___sys_sendmsg+0x70a/0x840 [ 306.316803] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 306.321540] ? __fget+0x210/0x370 [ 306.324981] ? find_held_lock+0x35/0x130 [ 306.329020] ? __fget+0x210/0x370 [ 306.332458] ? lock_downgrade+0x740/0x740 [ 306.336583] ? __fget+0x237/0x370 [ 306.340021] ? __fget_light+0x172/0x1f0 [ 306.343995] ? __fdget+0x1b/0x20 [ 306.347339] ? sockfd_lookup_light+0xb4/0x160 [ 306.351815] __sys_sendmsg+0xb9/0x140 [ 306.355595] ? SyS_shutdown+0x170/0x170 [ 306.359558] ? fd_install+0x4d/0x60 [ 306.363169] SyS_sendmsg+0x2d/0x50 [ 306.366696] ? __sys_sendmsg+0x140/0x140 [ 306.370738] do_syscall_64+0x1e8/0x640 [ 306.374612] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 306.379436] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 306.384605] RIP: 0033:0x413ed1 [ 306.387770] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 306.395465] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 21:33:41 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:41 executing program 1: preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:33:41 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 306.402714] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 306.409961] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 306.417209] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 306.424469] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 306.440205] protocol 88fb is buggy, dev hsr_slave_0 [ 306.440433] bond0: Error: Device is in use and cannot be enslaved 21:33:41 executing program 2 (fault-call:3 fault-nth:22): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 306.445326] protocol 88fb is buggy, dev hsr_slave_1 [ 306.456617] protocol 88fb is buggy, dev hsr_slave_0 [ 306.550761] FAULT_INJECTION: forcing a failure. [ 306.550761] name failslab, interval 1, probability 0, space 0, times 0 [ 306.562277] CPU: 1 PID: 10663 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 306.569291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 306.578642] Call Trace: [ 306.581241] dump_stack+0x138/0x197 [ 306.584892] should_fail.cold+0x10f/0x159 [ 306.589049] should_failslab+0xdb/0x130 [ 306.593037] kmem_cache_alloc+0x47/0x780 [ 306.597101] ? lock_acquire+0x16f/0x430 [ 306.601074] ? check_preemption_disabled+0x3c/0x250 [ 306.606098] skb_clone+0x129/0x320 [ 306.609638] dev_queue_xmit_nit+0x2d8/0x940 [ 306.611724] overlayfs: failed to resolve './file1': -2 [ 306.613964] dev_hard_start_xmit+0xa7/0x8b0 [ 306.623596] ? check_preemption_disabled+0x10/0x250 [ 306.628617] __dev_queue_xmit+0x1d95/0x25e0 [ 306.632936] ? trace_hardirqs_on+0x10/0x10 [ 306.637177] ? netdev_pick_tx+0x300/0x300 [ 306.641326] ? skb_clone+0x129/0x320 [ 306.645043] ? memcpy+0x46/0x50 [ 306.648323] ? __copy_skb_header+0x2b8/0x3e0 [ 306.652728] ? __skb_clone+0x271/0x800 [ 306.652743] dev_queue_xmit+0x18/0x20 [ 306.652752] ? dev_queue_xmit+0x18/0x20 [ 306.652763] netlink_deliver_tap+0x62a/0x8f0 [ 306.652774] ? sock_ops_is_valid_access+0x70/0x70 [ 306.652788] __netlink_sendskb+0x49/0xa0 [ 306.660449] netlink_unicast+0x525/0x640 [ 306.660460] ? sk_clone_lock+0xa97/0x11f0 [ 306.660473] ? netlink_attachskb+0x6a0/0x6a0 [ 306.660484] ? ctrl_build_family_msg+0x6b/0xa0 [ 306.660496] ctrl_getfamily+0x280/0x400 [ 306.660507] genl_family_rcv_msg+0x614/0xc30 [ 306.660521] ? genl_unregister_family+0x6a0/0x6a0 [ 306.660531] ? __dev_queue_xmit+0xd33/0x25e0 [ 306.660541] ? trace_hardirqs_on+0xd/0x10 [ 306.660551] ? __local_bh_enable_ip+0x99/0x1a0 [ 306.660571] genl_rcv_msg+0xb4/0x150 [ 306.690358] netlink_rcv_skb+0x14f/0x3c0 [ 306.690369] ? genl_family_rcv_msg+0xc30/0xc30 [ 306.690379] ? netlink_ack+0x9a0/0x9a0 [ 306.698906] ? genl_rcv+0x1a/0x40 [ 306.740812] genl_rcv+0x29/0x40 [ 306.744073] netlink_unicast+0x45d/0x640 [ 306.748116] ? netlink_attachskb+0x6a0/0x6a0 [ 306.752505] ? security_netlink_send+0x81/0xb0 [ 306.757067] netlink_sendmsg+0x7c4/0xc60 [ 306.761111] ? netlink_unicast+0x640/0x640 [ 306.765329] ? security_socket_sendmsg+0x89/0xb0 [ 306.770063] ? netlink_unicast+0x640/0x640 [ 306.774278] sock_sendmsg+0xce/0x110 [ 306.777972] ___sys_sendmsg+0x70a/0x840 [ 306.781928] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 306.786665] ? __fget+0x210/0x370 [ 306.790097] ? find_held_lock+0x35/0x130 [ 306.794136] ? __fget+0x210/0x370 [ 306.797571] ? lock_downgrade+0x740/0x740 [ 306.801701] ? __fget+0x237/0x370 [ 306.805137] ? __fget_light+0x172/0x1f0 [ 306.809093] ? __fdget+0x1b/0x20 [ 306.812454] ? sockfd_lookup_light+0xb4/0x160 [ 306.816939] __sys_sendmsg+0xb9/0x140 [ 306.820720] ? SyS_shutdown+0x170/0x170 [ 306.824673] ? fd_install+0x4d/0x60 [ 306.828296] SyS_sendmsg+0x2d/0x50 [ 306.831812] ? __sys_sendmsg+0x140/0x140 [ 306.835854] do_syscall_64+0x1e8/0x640 [ 306.839734] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 306.844570] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 306.849745] RIP: 0033:0x413ed1 [ 306.852912] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 306.860610] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 [ 306.867860] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 306.875121] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 306.882377] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 306.889626] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 306.897128] protocol 88fb is buggy, dev hsr_slave_0 [ 306.902229] protocol 88fb is buggy, dev hsr_slave_1 [ 306.907300] protocol 88fb is buggy, dev hsr_slave_0 [ 306.912394] protocol 88fb is buggy, dev hsr_slave_1 [ 308.070129] Bluetooth: hci0 command 0x1003 tx timeout [ 308.075504] Bluetooth: hci0 sending frame failed (-49) [ 310.150142] Bluetooth: hci0 command 0x1001 tx timeout [ 310.156201] Bluetooth: hci0 sending frame failed (-49) [ 312.230129] Bluetooth: hci0 command 0x1009 tx timeout 21:33:51 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:33:51 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00aa00121da71d787f00907800e7ffffffffffffff000000"], 0x0) 21:33:51 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:51 executing program 2 (fault-call:3 fault-nth:23): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:33:51 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r1, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r1, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000008800000088000000050000000900000002000006040000000a00000039e1000005000000c1ffffff0a0000000600000604000000080000008d00000009000000ff0700000900000000000000100000000400000004000000650000000d000000010000001000000000000008220000000600000002000005000b00000e0000000400000001000000070000000500000000000000005ff53000"], &(0x7f0000000240)=""/226, 0xa5, 0xe2, 0x1}, 0x20) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:33:51 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:51 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 316.698732] FAULT_INJECTION: forcing a failure. [ 316.698732] name failslab, interval 1, probability 0, space 0, times 0 [ 316.710039] CPU: 1 PID: 10683 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 316.717049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.726405] Call Trace: [ 316.729000] dump_stack+0x138/0x197 [ 316.732648] should_fail.cold+0x10f/0x159 [ 316.736812] should_failslab+0xdb/0x130 [ 316.740883] kmem_cache_alloc+0x47/0x780 [ 316.744948] ? lock_acquire+0x16f/0x430 [ 316.748925] ? check_preemption_disabled+0x3c/0x250 [ 316.753940] skb_clone+0x129/0x320 [ 316.753953] dev_queue_xmit_nit+0x2d8/0x940 [ 316.753969] dev_hard_start_xmit+0xa7/0x8b0 [ 316.753981] ? check_preemption_disabled+0x10/0x250 [ 316.761813] __dev_queue_xmit+0x1d95/0x25e0 [ 316.761822] ? trace_hardirqs_on+0x10/0x10 [ 316.761837] ? netdev_pick_tx+0x300/0x300 [ 316.761845] ? skb_clone+0x129/0x320 [ 316.761858] ? memcpy+0x46/0x50 [ 316.761869] ? __copy_skb_header+0x2b8/0x3e0 [ 316.761880] ? __skb_clone+0x271/0x800 [ 316.761892] dev_queue_xmit+0x18/0x20 [ 316.761901] ? dev_queue_xmit+0x18/0x20 [ 316.761911] netlink_deliver_tap+0x62a/0x8f0 [ 316.761922] ? sock_ops_is_valid_access+0x70/0x70 [ 316.816096] __netlink_sendskb+0x49/0xa0 [ 316.820173] netlink_unicast+0x525/0x640 [ 316.824241] ? sk_clone_lock+0xa97/0x11f0 [ 316.828387] ? netlink_attachskb+0x6a0/0x6a0 [ 316.828399] ? ctrl_build_family_msg+0x6b/0xa0 [ 316.828413] ctrl_getfamily+0x280/0x400 [ 316.828426] genl_family_rcv_msg+0x614/0xc30 [ 316.828440] ? genl_unregister_family+0x6a0/0x6a0 [ 316.828452] ? __dev_queue_xmit+0xd33/0x25e0 [ 316.851831] ? trace_hardirqs_on+0xd/0x10 [ 316.851843] ? __local_bh_enable_ip+0x99/0x1a0 [ 316.851868] genl_rcv_msg+0xb4/0x150 [ 316.851880] netlink_rcv_skb+0x14f/0x3c0 [ 316.851890] ? genl_family_rcv_msg+0xc30/0xc30 [ 316.877319] ? netlink_ack+0x9a0/0x9a0 [ 316.881215] ? genl_rcv+0x1a/0x40 [ 316.884679] genl_rcv+0x29/0x40 [ 316.887962] netlink_unicast+0x45d/0x640 [ 316.892029] ? netlink_attachskb+0x6a0/0x6a0 [ 316.896445] ? security_netlink_send+0x81/0xb0 [ 316.901032] netlink_sendmsg+0x7c4/0xc60 [ 316.905102] ? netlink_unicast+0x640/0x640 [ 316.909355] ? security_socket_sendmsg+0x89/0xb0 [ 316.914112] ? netlink_unicast+0x640/0x640 [ 316.917467] overlayfs: failed to resolve './file1': -2 [ 316.918343] sock_sendmsg+0xce/0x110 [ 316.918356] ___sys_sendmsg+0x70a/0x840 [ 316.918369] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 316.918381] ? __fget+0x210/0x370 [ 316.918394] ? find_held_lock+0x35/0x130 [ 316.918403] ? __fget+0x210/0x370 [ 316.918417] ? lock_downgrade+0x740/0x740 [ 316.951153] ? __fget+0x237/0x370 [ 316.954624] ? __fget_light+0x172/0x1f0 [ 316.958604] ? __fdget+0x1b/0x20 [ 316.961977] ? sockfd_lookup_light+0xb4/0x160 [ 316.966478] __sys_sendmsg+0xb9/0x140 [ 316.970274] ? SyS_shutdown+0x170/0x170 [ 316.970285] ? fd_install+0x4d/0x60 [ 316.970303] SyS_sendmsg+0x2d/0x50 [ 316.977871] ? __sys_sendmsg+0x140/0x140 [ 316.977886] do_syscall_64+0x1e8/0x640 [ 316.977896] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.977914] entry_SYSCALL_64_after_hwframe+0x42/0xb7 21:33:52 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = socket(0x10, 0x2, 0x0) sendto(r1, &(0x7f0000000900)="120000001200e7ef077b1a3fcd00000200a1", 0x12, 0x0, 0x0, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) r4 = dup2(r3, r2) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x250}}, 0x0) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000009c0)=ANY=[@ANYBLOB="407995fe00", @ANYRES64=r1, @ANYBLOB="000000000000000020001200100001006970366772657461700000000c00020008000100", @ANYRES32], 0x4}}, 0x0) r7 = syz_open_dev$admmidi(&(0x7f0000000600)='/dev/admmidi#\x00', 0x7ff, 0x420500) connect$unix(r7, &(0x7f0000000940)=@file={0x0, './file0\x00'}, 0x6e) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000b00)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000040)=""/95, 0x5f}, {&(0x7f0000000a00)=""/85, 0x55}, {&(0x7f00000024c0)=""/4096, 0x1000}, {&(0x7f0000000c40)=""/104, 0x71}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000280)=""/77, 0x2fe}, {&(0x7f0000000b80)=""/154, 0x9a}, {&(0x7f0000000340)=""/22, 0x16}], 0x8, &(0x7f0000002400)=""/191, 0xbf}}], 0x1, 0x6, &(0x7f0000003700)={0x77359400}) r8 = socket(0x10, 0x2, 0x0) ioctl$sock_inet_SIOCDARP(r8, 0x8953, &(0x7f0000000680)={{0x2, 0x4e23, @multicast2}, {0x7}, 0x4, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'bond0\x00'}) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r10 = socket(0x10, 0x2, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r11, 0x407, 0x0) write(r11, &(0x7f0000000340), 0x41395527) ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) lchown(&(0x7f00000001c0)='./file0\x00', r9, r12) syz_mount_image$f2fs(&(0x7f0000000080)='f2fs\x00', &(0x7f00000000c0)='./file0\x00', 0x9, 0x5, &(0x7f00000004c0)=[{&(0x7f0000000100)="c328c0c8c7516f3f59a99ef3c3c85244e90615841e8c42512e1a43184021a2b3c51aa810a988f19822441deab665cf91b3ec3bb86c1dff44908cbb80f74cfbfbef65d506c55915e56010d99f31b9b28da4e1a487daebb12bad483073a7fe66", 0x5f, 0x800}, {&(0x7f00000001c0)="86682aecb81d92f951def784316136efb1d66b2bcd94f204432e720af7c426103f9de48f46207e62b1e67452f9a50cd584ea9a945212ad21519f4bca23da6ce4b8", 0x41, 0x10000}, {&(0x7f0000000240)="5021ebadf3326a2a2db41e3a9a74c00b7a1e40fe8872cf368c3e999d6ffee1ea0e249f9a5458c47e8a2e1739433dc6964e96ed6a57362577ba8474ec3ec6bc7472955d0689cd2c0e0650aa2a3292d6e98a75e0ab823b93def42f8eac96dbb3b48b51dc43b7cd1b9bace41c4c4dae63e3e21caf6303f93f0077a8c1b1977c2d0c7012a623d2e114934c4db653c37f505ce742cdabee13c84cfe4f6a33b95cddbbd490aa2cfeaccad46ea8a08e34c4e2e70c66dda7fe0bbaa0174b3c08484b793ca24fbe3bb7f531a9eb969a72798b23d23bf39b1b1f12a5cbcd12064d5e4c99ff6bd7bc477711876090f104792b1560d6a4d02d068d8fd5a0e09828fe186d29", 0xff, 0x6}, {&(0x7f0000000340)="6a59951f770e1742dce83e8774aca3bdd7e6f5b105fd226f75d55bccd09996231ebfeca2c0b3eecf156e26cb35cfcdc8733fe03897785ccb887b147464043a3f31b39d57500178ef44619a023b9581c48fb621e0c59ea014b1c81323449dfed444f9d01da2696c33b6101541d44c35f3edee712338ad7cfe7186831b44de5f4884ae1d8ffbda62bce2d3deb09e05a741838e1092b69fc49200a905d4035e1f3b544cfbae897b937d849d839ce11a6c575569c73271f2d21ecbf76b2af220f82d25feb9576cdfbc0e65224d4cd8b0d4da3a4e93a2fb6904", 0xd7, 0x200000000}, {&(0x7f0000000440)="4cc55f02484db16f053130d22cd82161ffc2aab607d0f7055e7ebbde323ad7061487968e07b0e1071b6e35ac23243f94454e3c09086821d36c6fe9ab9c55944212c246f802659ee7e05391f6a9d5c0034f33c33f169fb58ac1207142a451b20d", 0x60, 0x1000}], 0x28, &(0x7f0000000740)=ANY=[@ANYBLOB='resgid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f696e6c696e655f646174614f0000007874656e745f63616368652c696e6c696e655f64656e7472792c616c6c6f635f6d6f64050000006661756c742c6e6f696e6c696e655f646174612c6261636b67726f756e645f677d2c696f646973636172642c646f6e745f686173682c646f6e745f6d6561737572652c66756e633d4649524d574152455f434845434b2c736d61636b67736465663d6d696d655f747970652d73070000006974792c666f776e65723e00"/193, @ANYRESDEC=r9, @ANYBLOB="2c61707072616973655f747970653d696d617369672c0066b2c084ff2e0de5fe2f1a3781b4167597dcc151b551dbef5eac9433657d0a2c92dd75e166703c395dfdb9e45032c50b4357d9b1ecf5b6a99c84af33e32a82e607549dbcd0d99a0fe36aebb67fbf524c331e02c12901abca399e737e3e2d"]) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a91003600810000fd070045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000700)='./cgroup.cpu/syz0\x00', 0x1ff) 21:33:52 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:52 executing program 1: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:33:52 executing program 1: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:33:52 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:33:52 executing program 1: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 316.977921] RIP: 0033:0x413ed1 [ 316.977928] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 317.010265] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 [ 317.017543] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 317.024811] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 317.032081] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 317.039348] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 21:33:52 executing program 1: perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:33:52 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 317.050147] protocol 88fb is buggy, dev hsr_slave_0 [ 317.055425] protocol 88fb is buggy, dev hsr_slave_1 [ 317.060638] protocol 88fb is buggy, dev hsr_slave_0 [ 317.065746] protocol 88fb is buggy, dev hsr_slave_1 [ 317.270155] protocol 88fb is buggy, dev hsr_slave_0 [ 317.275323] protocol 88fb is buggy, dev hsr_slave_1 [ 317.280466] protocol 88fb is buggy, dev hsr_slave_0 [ 317.285500] protocol 88fb is buggy, dev hsr_slave_1 [ 317.430125] protocol 88fb is buggy, dev hsr_slave_0 [ 317.435232] protocol 88fb is buggy, dev hsr_slave_1 [ 319.190149] Bluetooth: hci0 command 0x1003 tx timeout [ 319.195453] Bluetooth: hci0 sending frame failed (-49) [ 321.270153] Bluetooth: hci0 command 0x1001 tx timeout [ 321.275476] Bluetooth: hci0 sending frame failed (-49) [ 323.350159] Bluetooth: hci0 command 0x1009 tx timeout 21:34:02 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:02 executing program 2 (fault-call:3 fault-nth:24): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:34:02 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r1, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r1, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:02 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:02 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:02 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x40, 0x0) setsockopt$RDS_RECVERR(r1, 0x114, 0x5, &(0x7f0000000100)=0x1, 0x4) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r2 = getpid() ptrace(0x4207, r2) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x8, 0x1, 0x1, 0x0, 0x0, 0x3}, 0x1c) syz_open_dev$adsp(&(0x7f0000000140)='/dev/adsp#\x00', 0x2, 0x292240) chroot(&(0x7f0000000080)='./file0\x00') syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:34:02 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 327.555107] FAULT_INJECTION: forcing a failure. [ 327.555107] name failslab, interval 1, probability 0, space 0, times 0 [ 327.619697] CPU: 1 PID: 10733 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 327.626752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.636106] Call Trace: [ 327.638704] dump_stack+0x138/0x197 [ 327.642348] should_fail.cold+0x10f/0x159 [ 327.646505] should_failslab+0xdb/0x130 [ 327.650485] kmem_cache_alloc_node_trace+0x280/0x770 [ 327.655598] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 327.661056] __kmalloc_node_track_caller+0x3d/0x80 [ 327.665985] __kmalloc_reserve.isra.0+0x40/0xe0 [ 327.670647] __alloc_skb+0xcf/0x500 [ 327.670702] ? skb_scrub_packet+0x4b0/0x4b0 [ 327.670715] ? __mutex_unlock_slowpath+0x71/0x800 [ 327.670729] netlink_ack+0x21c/0x9a0 [ 327.670740] ? netlink_sendmsg+0xc60/0xc60 [ 327.670749] ? mutex_unlock+0xd/0x10 [ 327.670757] ? genl_rcv_msg+0xe5/0x150 [ 327.670769] netlink_rcv_skb+0x2fc/0x3c0 [ 327.670779] ? genl_family_rcv_msg+0xc30/0xc30 [ 327.670791] ? netlink_ack+0x9a0/0x9a0 [ 327.670798] ? genl_rcv+0x1a/0x40 [ 327.670814] genl_rcv+0x29/0x40 21:34:02 executing program 4: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 327.670825] netlink_unicast+0x45d/0x640 [ 327.699099] ? netlink_attachskb+0x6a0/0x6a0 [ 327.699113] ? security_netlink_send+0x81/0xb0 [ 327.699125] netlink_sendmsg+0x7c4/0xc60 [ 327.711623] ? netlink_unicast+0x640/0x640 [ 327.711639] ? security_socket_sendmsg+0x89/0xb0 [ 327.711649] ? netlink_unicast+0x640/0x640 [ 327.711660] sock_sendmsg+0xce/0x110 [ 327.711669] ___sys_sendmsg+0x70a/0x840 [ 327.711681] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 327.711692] ? __fget+0x210/0x370 [ 327.711704] ? find_held_lock+0x35/0x130 [ 327.711714] ? __fget+0x210/0x370 [ 327.731426] ? lock_downgrade+0x740/0x740 [ 327.731443] ? __fget+0x237/0x370 [ 327.731458] ? __fget_light+0x172/0x1f0 [ 327.731468] ? __fdget+0x1b/0x20 [ 327.731478] ? sockfd_lookup_light+0xb4/0x160 [ 327.731489] __sys_sendmsg+0xb9/0x140 [ 327.731499] ? SyS_shutdown+0x170/0x170 [ 327.731510] ? fd_install+0x4d/0x60 [ 327.731530] SyS_sendmsg+0x2d/0x50 [ 327.731538] ? __sys_sendmsg+0x140/0x140 [ 327.731550] do_syscall_64+0x1e8/0x640 [ 327.731559] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 327.731578] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 327.731587] RIP: 0033:0x413ed1 [ 327.748805] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 327.748818] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 [ 327.748825] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 327.748830] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 327.748836] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 21:34:03 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:03 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 327.748841] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 327.749054] net_ratelimit: 2 callbacks suppressed [ 327.749059] protocol 88fb is buggy, dev hsr_slave_0 [ 327.776488] protocol 88fb is buggy, dev hsr_slave_1 [ 327.776590] protocol 88fb is buggy, dev hsr_slave_0 [ 327.776634] protocol 88fb is buggy, dev hsr_slave_1 [ 327.900655] protocol 88fb is buggy, dev hsr_slave_0 [ 327.905833] protocol 88fb is buggy, dev hsr_slave_1 [ 327.911039] protocol 88fb is buggy, dev hsr_slave_0 [ 327.916208] protocol 88fb is buggy, dev hsr_slave_1 21:34:03 executing program 2 (fault-call:3 fault-nth:25): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:34:03 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:03 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 328.067704] FAULT_INJECTION: forcing a failure. [ 328.067704] name failslab, interval 1, probability 0, space 0, times 0 [ 328.103718] CPU: 1 PID: 10759 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 328.110775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 328.120126] Call Trace: [ 328.122723] dump_stack+0x138/0x197 [ 328.126359] should_fail.cold+0x10f/0x159 [ 328.130521] should_failslab+0xdb/0x130 [ 328.134502] kmem_cache_alloc+0x47/0x780 [ 328.138564] ? lock_acquire+0x16f/0x430 [ 328.142537] ? check_preemption_disabled+0x3c/0x250 [ 328.147559] skb_clone+0x129/0x320 [ 328.151206] netlink_deliver_tap+0x681/0x8f0 [ 328.155621] ? sock_ops_is_valid_access+0x70/0x70 [ 328.160471] __netlink_sendskb+0x49/0xa0 [ 328.164531] netlink_unicast+0x525/0x640 [ 328.168596] ? netlink_attachskb+0x6a0/0x6a0 [ 328.173008] netlink_ack+0x51d/0x9a0 [ 328.176725] ? netlink_sendmsg+0xc60/0xc60 [ 328.180962] ? mutex_unlock+0xd/0x10 [ 328.184671] ? genl_rcv_msg+0xe5/0x150 [ 328.188563] netlink_rcv_skb+0x2fc/0x3c0 [ 328.192628] ? genl_family_rcv_msg+0xc30/0xc30 [ 328.197214] ? netlink_ack+0x9a0/0x9a0 [ 328.201112] ? genl_rcv+0x1a/0x40 [ 328.204574] genl_rcv+0x29/0x40 [ 328.207855] netlink_unicast+0x45d/0x640 [ 328.211919] ? netlink_attachskb+0x6a0/0x6a0 [ 328.216332] ? security_netlink_send+0x81/0xb0 [ 328.220920] netlink_sendmsg+0x7c4/0xc60 [ 328.224986] ? netlink_unicast+0x640/0x640 [ 328.229330] ? security_socket_sendmsg+0x89/0xb0 [ 328.234085] ? netlink_unicast+0x640/0x640 [ 328.238316] sock_sendmsg+0xce/0x110 [ 328.242032] ___sys_sendmsg+0x70a/0x840 [ 328.246009] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 328.250762] ? __fget+0x210/0x370 [ 328.254219] ? find_held_lock+0x35/0x130 [ 328.258284] ? __fget+0x210/0x370 [ 328.261744] ? lock_downgrade+0x740/0x740 [ 328.265892] ? __fget+0x237/0x370 [ 328.269352] ? __fget_light+0x172/0x1f0 [ 328.273328] ? __fdget+0x1b/0x20 [ 328.276692] ? sockfd_lookup_light+0xb4/0x160 [ 328.281187] __sys_sendmsg+0xb9/0x140 [ 328.284990] ? SyS_shutdown+0x170/0x170 [ 328.288973] ? fd_install+0x4d/0x60 [ 328.292620] SyS_sendmsg+0x2d/0x50 [ 328.296155] ? __sys_sendmsg+0x140/0x140 [ 328.300217] do_syscall_64+0x1e8/0x640 [ 328.304103] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 328.308959] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 328.314154] RIP: 0033:0x413ed1 21:34:03 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 328.317338] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e [ 328.325042] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 [ 328.332304] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 328.339572] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 328.346837] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 328.354103] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 [ 329.990241] Bluetooth: hci0 command 0x1003 tx timeout [ 329.995529] Bluetooth: hci0 sending frame failed (-49) [ 332.070183] Bluetooth: hci0 command 0x1001 tx timeout [ 332.075486] Bluetooth: hci0 sending frame failed (-49) [ 334.150342] Bluetooth: hci0 command 0x1009 tx timeout 21:34:13 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:13 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:13 executing program 2 (fault-call:3 fault-nth:26): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:34:13 executing program 4: mkdir(0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:13 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r1, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:13 executing program 0: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000002c0)="0d00000000003639408fa3a3ba27660199783b0a", 0x14}], 0x4, 0x0) sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffefe, 0x0, 0x34b, 0x0, 0x7541b124aad4201c}, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x9, r1, 0x0, 0x0) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x40000, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_pid(r5, &(0x7f0000000000), 0x10000000d) ioctl$DRM_IOCTL_ADD_CTX(r5, 0xc0086420, &(0x7f0000000200)={0x0}) ioctl$DRM_IOCTL_DMA(r4, 0xc0406429, &(0x7f0000000380)={r6, 0x7, &(0x7f0000000240)=[0x1, 0x10, 0xc194, 0xffff, 0x2, 0x5, 0x5], &(0x7f00000002c0)=[0x800, 0x8], 0x20, 0x1, 0x9, &(0x7f00000000c0)=[0xffff], &(0x7f0000000340)=[0x7]}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000340), 0x41395527) ioctl$UI_ABS_SETUP(r7, 0x401c5504, &(0x7f0000000100)={0x8000, {0x5, 0x4, 0x7, 0x1, 0x8, 0x10000}}) ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f0000000080)={r6}) r8 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r8, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r8, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:34:13 executing program 4: mkdir(0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:13 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 338.423519] overlayfs: failed to resolve './file1': -2 [ 338.438026] FAULT_INJECTION: forcing a failure. [ 338.438026] name failslab, interval 1, probability 0, space 0, times 0 [ 338.449617] CPU: 0 PID: 10780 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 338.456637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.465987] Call Trace: [ 338.468587] dump_stack+0x138/0x197 [ 338.472205] should_fail.cold+0x10f/0x159 [ 338.476340] should_failslab+0xdb/0x130 [ 338.480304] kmem_cache_alloc+0x47/0x780 [ 338.484365] ? lock_acquire+0x16f/0x430 [ 338.488329] ? check_preemption_disabled+0x3c/0x250 [ 338.493336] skb_clone+0x129/0x320 [ 338.496870] dev_queue_xmit_nit+0x2d8/0x940 [ 338.501176] dev_hard_start_xmit+0xa7/0x8b0 [ 338.505486] ? check_preemption_disabled+0x10/0x250 [ 338.510498] __dev_queue_xmit+0x1d95/0x25e0 [ 338.514804] ? trace_hardirqs_on+0x10/0x10 [ 338.519022] ? netdev_pick_tx+0x300/0x300 [ 338.523152] ? skb_clone+0x129/0x320 [ 338.526856] ? memcpy+0x46/0x50 [ 338.530128] ? __copy_skb_header+0x2b8/0x3e0 [ 338.534526] ? __skb_clone+0x271/0x800 [ 338.538397] dev_queue_xmit+0x18/0x20 [ 338.542177] ? dev_queue_xmit+0x18/0x20 [ 338.546142] netlink_deliver_tap+0x62a/0x8f0 [ 338.550532] ? sock_ops_is_valid_access+0x70/0x70 [ 338.555353] __netlink_sendskb+0x49/0xa0 [ 338.559404] netlink_unicast+0x525/0x640 [ 338.563500] ? netlink_attachskb+0x6a0/0x6a0 [ 338.567891] netlink_ack+0x51d/0x9a0 [ 338.571593] ? netlink_sendmsg+0xc60/0xc60 [ 338.575817] ? mutex_unlock+0xd/0x10 [ 338.579509] ? genl_rcv_msg+0xe5/0x150 [ 338.583378] netlink_rcv_skb+0x2fc/0x3c0 [ 338.587421] ? genl_family_rcv_msg+0xc30/0xc30 [ 338.591984] ? netlink_ack+0x9a0/0x9a0 [ 338.595861] ? genl_rcv+0x1a/0x40 [ 338.599308] genl_rcv+0x29/0x40 [ 338.602589] netlink_unicast+0x45d/0x640 [ 338.606651] ? netlink_attachskb+0x6a0/0x6a0 [ 338.611053] ? security_netlink_send+0x81/0xb0 [ 338.615616] netlink_sendmsg+0x7c4/0xc60 [ 338.619668] ? netlink_unicast+0x640/0x640 [ 338.623895] ? security_socket_sendmsg+0x89/0xb0 [ 338.628632] ? netlink_unicast+0x640/0x640 [ 338.632866] sock_sendmsg+0xce/0x110 [ 338.636568] ___sys_sendmsg+0x70a/0x840 [ 338.640523] ? copy_msghdr_from_user+0x3f0/0x3f0 [ 338.645259] ? __fget+0x210/0x370 [ 338.648696] ? find_held_lock+0x35/0x130 [ 338.652745] ? __fget+0x210/0x370 [ 338.656191] ? lock_downgrade+0x740/0x740 [ 338.660329] ? __fget+0x237/0x370 [ 338.663765] ? __fget_light+0x172/0x1f0 [ 338.667719] ? __fdget+0x1b/0x20 [ 338.671080] ? sockfd_lookup_light+0xb4/0x160 [ 338.675554] __sys_sendmsg+0xb9/0x140 [ 338.679342] ? SyS_shutdown+0x170/0x170 [ 338.683312] ? fd_install+0x4d/0x60 [ 338.686925] SyS_sendmsg+0x2d/0x50 [ 338.690457] ? __sys_sendmsg+0x140/0x140 [ 338.694507] do_syscall_64+0x1e8/0x640 [ 338.698378] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 338.703204] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 338.708370] RIP: 0033:0x413ed1 [ 338.711541] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e 21:34:14 executing program 2 (fault-call:3 fault-nth:27): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 338.719244] RAX: ffffffffffffffda RBX: 00007f48dde7aa58 RCX: 0000000000413ed1 [ 338.726502] RDX: 0000000000000000 RSI: 00007f48dde7aa00 RDI: 0000000000000005 [ 338.733756] RBP: 0000000000000005 R08: 000000000000000b R09: 0000000000000000 [ 338.741009] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 338.748257] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 21:34:14 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 338.843117] overlayfs: failed to resolve './file1': -2 [ 338.857585] FAULT_INJECTION: forcing a failure. [ 338.857585] name failslab, interval 1, probability 0, space 0, times 0 [ 338.887119] CPU: 1 PID: 10798 Comm: syz-executor.2 Not tainted 4.14.152 #0 [ 338.894159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.903514] Call Trace: [ 338.906103] dump_stack+0x138/0x197 [ 338.909739] should_fail.cold+0x10f/0x159 [ 338.913917] should_failslab+0xdb/0x130 [ 338.917898] kmem_cache_alloc_trace+0x4b/0x790 [ 338.922488] ? _raw_spin_unlock+0x2d/0x50 [ 338.926641] ? regulatory_netlink_notify+0x36/0xb0 [ 338.931569] ? nl80211_netlink_notify+0x64/0x860 [ 338.931591] nfc_genl_rcv_nl_event+0x9b/0x260 21:34:14 executing program 4: mkdir(0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 338.940839] notifier_call_chain+0x111/0x1b0 [ 338.940854] blocking_notifier_call_chain+0x80/0xa0 [ 338.940867] netlink_release+0x10ff/0x1430 [ 338.940882] ? netlink_bind+0x920/0x920 [ 338.940898] __sock_release+0xce/0x2b0 [ 338.940908] ? __sock_release+0x2b0/0x2b0 [ 338.940916] sock_close+0x1b/0x30 [ 338.940927] __fput+0x275/0x7a0 [ 338.940942] ____fput+0x16/0x20 [ 338.940954] task_work_run+0x114/0x190 [ 338.940970] exit_to_usermode_loop+0x1da/0x220 [ 338.984997] do_syscall_64+0x4bc/0x640 [ 338.988892] ? trace_hardirqs_off_thunk+0x1a/0x1c 21:34:14 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380), 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:14 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:14 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(0x0, &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 338.993749] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 338.998946] RIP: 0033:0x413db1 [ 339.002132] RSP: 002b:00007f48dde7a9c0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 339.008892] overlayfs: failed to resolve './file1': -2 [ 339.009835] RAX: 0000000000000000 RBX: 0000000000000094 RCX: 0000000000413db1 [ 339.009841] RDX: 0000000000000200 RSI: 00007f48dde7aa40 RDI: 0000000000000005 [ 339.009847] RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000000 21:34:14 executing program 2 (fault-call:3 fault-nth:28): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 339.009852] R10: 0000000000000000 R11: 0000000000000293 R12: 00007f48dde7aa40 [ 339.009857] R13: 00000000004d1e08 R14: 00000000004e1500 R15: 0000000000000004 21:34:14 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380), 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 340.790065] Bluetooth: hci0 command 0x1003 tx timeout [ 340.795387] Bluetooth: hci0 sending frame failed (-49) [ 342.870113] Bluetooth: hci0 command 0x1001 tx timeout [ 342.875424] Bluetooth: hci0 sending frame failed (-49) [ 344.950102] Bluetooth: hci0 command 0x1009 tx timeout 21:34:24 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) socket$inet6_tcp(0xa, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:24 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$IMHOLD_L1(r1, 0x80044948, &(0x7f0000000040)=0x4800000) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x4, 0x3, 0x6, 0x7, 0x1000, 0x8, 0xb68}, 0x174) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:34:24 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(0x0, &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:24 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:24 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380), 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:24 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) getsockopt$packet_int(r1, 0x107, 0x7, &(0x7f0000000140), &(0x7f0000000280)=0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = socket$inet_sctp(0x2, 0x5, 0x84) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x14, &(0x7f0000000040)={r5}, 0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000080)={r5, 0x80}, &(0x7f00000000c0)=0x8) r6 = open(&(0x7f0000000100)='./file0\x00', 0x61f53fb35ff75372, 0x16b) ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="04000000000000000800000003000000000000000000000004000000030000000000000000000000000000000000000000000000000000000400000000000000000000000000000007000000070d0000000000000000000000000000000000000000000000000000080000000000020000bb000000fdffffff0000000000000000000000000000c48155c20000c7000000040000000000000000000000ff7f0000ffffff7f00"/189]) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:34:24 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{0x0}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:24 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 349.347298] Bluetooth: hci0 sending frame failed (-49) 21:34:24 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(0x0, &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:24 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{0x0}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:24 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:24 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{0x0}], 0x1, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 351.440179] Bluetooth: hci0 command 0x1003 tx timeout [ 351.445533] Bluetooth: hci0 sending frame failed (-49) [ 353.510193] Bluetooth: hci0 command 0x1001 tx timeout [ 353.515496] Bluetooth: hci0 sending frame failed (-49) [ 355.590155] Bluetooth: hci0 command 0x1009 tx timeout 21:34:34 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:34 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:34 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:34 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:34 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pkey_alloc(0x0, 0x3) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:34:34 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) r1 = creat(&(0x7f0000000580)='./file0\x00', 0xa) accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1}, &(0x7f00000000c0)=0x1c) r2 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x7fff, 0x80000) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f00000005c0)={&(0x7f0000fec000/0x12000)=nil, 0x12000}, &(0x7f0000000140)=0x4) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000300)={{{@in=@empty, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6}}, &(0x7f0000000400)=0x5a) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r7, &(0x7f0000000000), 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, &(0x7f00000002c0)={r7, r3, 0x5}) setsockopt$inet_icmp_ICMP_FILTER(r5, 0x1, 0x1, &(0x7f0000000480)={0x3}, 0x4) setsockopt$inet6_IPV6_PKTINFO(r3, 0x29, 0x32, &(0x7f0000000440)={@empty, r6}, 0x14) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000180)='\xf8\x00\x04\x00') ioctl$KVM_GET_IRQCHIP(r2, 0xc208ae62, &(0x7f00000001c0)) 21:34:34 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:34 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:34 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x0, 0x9fd9, 0x1, 0xc, 0x0, 0xfff}, 0xfd66) r1 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x1a80000000000, 0x1) ioctl$VT_RESIZE(r1, 0x5609, &(0x7f00000000c0)={0x7ff, 0x100, 0x4}) syz_emit_ethernet(0x0, &(0x7f0000000140)=ANY=[], 0x0) ioctl$BLKRESETZONE(r1, 0x40101283, &(0x7f0000000100)={0x7, 0xfffffffffffffff7}) 21:34:34 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:34 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:35 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:35 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:35 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x9, 0x1, 0x80, 0x5}, 0xffffffffffffff1b) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 361.670084] Bluetooth: hci0 command 0x1003 tx timeout [ 361.675392] Bluetooth: hci0 sending frame failed (-49) [ 363.750134] Bluetooth: hci0 command 0x1001 tx timeout [ 363.755577] Bluetooth: hci0 sending frame failed (-49) [ 365.830127] Bluetooth: hci0 command 0x1009 tx timeout 21:34:45 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:45 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:45 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:45 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f0000000080)={0x3ff, 0x18, [0x7, 0x2, 0x200, 0x7b9e, 0x7969fbd9, 0x8]}) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=0x6, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x41f}, 0x1c) ioctl$sock_netdev_private(r1, 0x89f5, &(0x7f00000000c0)="73594964d1f23f90aa034755e816832cb582186cb78dcfc953d966a34669") r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) wait4(r2, &(0x7f00000003c0), 0x2, &(0x7f0000000400)) syz_emit_ethernet(0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="bf63276ad00feddbfca25d6aa52aab504be19dae27e2997739c048b6216b767e04e3c964f64bcec7451cac84d7330c878721eeb7f60774a5398da8ab250b38abfe6238a826b5e172493c71695c2b714c6c6f17bb0d199acf880a8b055265932c7a765e053d4d296b15241547bb8ee3c7dd7d59c48b4a77665ebf65a113b33ac0ed58ce422fe32b3b517c9f98ac9214a999a0aa7c7c2386b5ae1be806bc3776a9c465a1fc5007d64722dc6c303e56a93a01f586d4813d027dcde728efbb1e69e5d4df89051dd0e86dd29dd9b66c1c7a7e"], 0x0) r3 = request_key(&(0x7f0000000100)='user\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='bdev}md5sumnodev(,keyringnodevbdevppp1selinuxcgroupwlan1\x00', 0xfffffffffffffffa) keyctl$describe(0x6, r3, &(0x7f00000001c0)=""/222, 0xde) ioctl$DRM_IOCTL_INFO_BUFS(r1, 0xc0106418, &(0x7f00000004c0)={0x8, 0x1ff, 0x2, 0x9e, 0x4, 0x10001}) 21:34:45 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:45 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0xffffffff}, 0x105) r1 = accept(r0, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote}}, &(0x7f0000000100)=0x80) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000140), &(0x7f0000000180)=0x14) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:34:45 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') r1 = semget(0x0, 0x4, 0x2) semctl$SEM_STAT(r1, 0x1, 0x12, &(0x7f0000000080)=""/74) 21:34:45 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:45 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:34:45 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:45 executing program 2: setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) removexattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@random={'system.', '(\x00'}) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x240001, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x60280000}, 0xc, &(0x7f0000000480)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9c01fffa", @ANYRES16=r1, @ANYBLOB="000229bd7000ffdbdf250b00000038000500340002000800040002000000080001001b0000000800010006000000080003000600000008000400050000000800040000000000bc00040014000700080003000400000008000200000000001400010062726f6164636173742d6c696e6b00001c000700080001000c000000080003000200000008000200000000002c00070008000400ff07000008000100050000000800030002000000080003000000000008000400050000001400010062726f6164636173742d6c696e6b00003400070008000300001000000800010007000000080002000000000008000400c1fb00000800040006000000080001001f0000002c00090008000100ae0000000800020001000080080002001f00000008000100c94600000800010000000000840004001400010062726f6164636173742d6c696e6b00001c0007000800010017000000080001001d00000008000400090000000c00010073797a310000000024000700080003000000000008000200ffffffff080001001000000008000400710b00000c00010073797a30000000001400010062726f6164636173742d6c696e6b0000300006000800010009000000080001000300000004000200080001000400000008000100e07f00000800010059060000540007000c000400e5f8ffffffffffff080001007f000000080002002e4500000c00030002000000000000000c0003000200000000000000080001002400000008000200010100000c0004000180000000000000340009000800020000000100080002000002000008000100040000000800010000000000080001000100000008000100010100002c00020008000100200000000400040008000200010000000800010000000000080001000000000004000400"], 0x29c}, 0x1, 0x0, 0x0, 0x4004}, 0x8) 21:34:45 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:45 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:45 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, 0x0, 0x0, 0x0) [ 371.830082] Bluetooth: hci0 command 0x1003 tx timeout [ 371.835374] Bluetooth: hci0 sending frame failed (-49) [ 373.910141] Bluetooth: hci0 command 0x1001 tx timeout [ 373.915478] Bluetooth: hci0 sending frame failed (-49) [ 375.990121] Bluetooth: hci0 command 0x1009 tx timeout 21:34:55 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:55 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/commit_pending_bools\x00', 0x1, 0x0) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000100)=0x2, 0x46) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req={0x4, 0x1, 0x0, 0x5}, 0xfffffffffffffd2c) r2 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x2000, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$packet_int(r3, 0x107, 0xc, &(0x7f0000000140), &(0x7f0000000180)=0x4) setsockopt$ALG_SET_AEAD_AUTHSIZE(r2, 0x117, 0x5, 0x0, 0x53e) 21:34:55 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, 0x0, 0x0, 0x0) 21:34:55 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:55 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:55 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c0000009bbedeac86fdadeb288300000090787f000001e000"], 0x0) 21:34:55 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:55 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:55 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaa2a91003600304161b9000090787f000001e00000e7e5a29bd0421003781000000000000000000000000000000072e496c81a61"], 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x49, 0x5}, 0x0) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000080)=r1) sigaltstack(&(0x7f0000ffd000/0x3000)=nil, 0x0) 21:34:55 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:55 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, 0x0, 0x0, 0x0) 21:34:55 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:55 executing program 1: 21:34:56 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:56 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a910036008100000008000004000000000000f200909b7f000001e000000100004e3d00089078"], 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000001200)={0x0, 0x0, 0x0, 0xfff, 0x2, 0x0, 0x36, 0x19, 0x8, "d3954e37d28634717b6f467e71af2d4d407571d83c0f8edd5ec53ba10e75e1170564b563b94ea156c1bce5d16948b97f8d2f0de6123050b6a85b8cb45a978d8b", "1f51de33a3da75aedca3b68366a0da17098463e3900ce3c5a11a0d8ae0c85e535c79eeca628d41bf3c0f7008fb46d7692bb6d9189bdc151e65e3cac008de85c5", "9c8e019a32e3685deb42284fff43d0818424be06444c96957a47f47523ae56b0", [0x2, 0x923]}) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x181003, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000100)=0x2, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) setsockopt$CAN_RAW_JOIN_FILTERS(r3, 0x65, 0x6, &(0x7f0000000140)=0x1, 0x4) r4 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x0, 0x301000) write$P9_RREAD(r4, &(0x7f00000001c0)={0x100b, 0x75, 0x2, {0x1000, "0e7d56d8a781436d49005c3cc19d18f787c37982c59e0552e8b09fac6fb2e8eadc358253cac8f079a38ff8cf2427c45aa5b74d338de03c4e7d867c115282db17e4889e42c33eb431b5233dae4b1157caf023833de902afaa1e7fc70be5503c65e22736b9a4330748ab76b18082ad86a4680ec54156e37dc3ce25cb2bfe9eb746f540a565576c8332fb08289ed4716f985bbbe4eaa3f25aee5da700026c1c452bc6a71fb0381be48026eebc1ddbf2efa2435b162176e19a54edc237b6cd2e83dd553057cd7c2411e198e4038f8f71bed6d71e1f7306e37db1f845b4a2233e933d995b450631e2a0a53214b0b51978d68c2043a29043397e0e3c0ed50476dc612e5777e9c3bd47b2e48e2056d359f2ed942771ba22ceb135c216e0e6e3b1ba9416e43b814fd58e8cffbdb7951ef4317da5cd001d85a30c86cc36117d3245b423f6d3a296f5629d3290343d6a17157a26cc372b0c59f908fae5bbc6a52855fc08a605d23e70dd4b4a0b72316ff6652d99d43fb3cfebe724bed3a72528397ecf8e175d4a92522e117768a4efd9e5e6fbd669edd934322c8e58aeabba88b5aa89954d61941f1a1090434ecc79ebd433f83f73c61f23815c4705e72a0cca9b002289cb4421e14b90f545aeda7033962646dbed72fcb3232156de6b3322c3710640da642642b4fdc52996a01d42159aa5a1b353f2334c8ecd4a37b5a141bf62ec5b24f4f1797d6b4870b4b2e501b56f5a69144d542740fa48e13b44aefbe69ef41a222ff6e0d522c7059806bd639fd0c37e70fd89c8d2496a37b717cb8a7658a197a24fb7dbdd1d17112acaeaa6a42d3f0f47ea9e168e0de684bfb0be927d0954d433354a8d04b3db3d7644e5170267c66df3906a7f55030fe39e33bc11dedea84d18750ac20699b4d79e6163a0f54d60422933cfaa7e1f336b60f4ef20012c68c213baf28b1cf770e0c00ed1e868d3c702548570e4d2081cc03b62ce9385d025705d219bfdd9c7b4648fb15edc8c4c4986c6f1d90963382f0eb913d4a59c3134dd8dd12d17610a90a589da735bc197e376d836200b2c57f02017f3481d4581b6eacc79fb11e484aab2cb5ea35d5f9b54dcfe674f079bf34ce2c5a1751db8829edd46697dabf4bc1e59c2d429b28b7610b3f1fa4d1653db0644b6904b7206c20f56bc0a58cfcf032c0adcea2b7c3f90d17724c2925a6c2057951f66d8bfab1b09a13d9e6288d94b5599684dd11465d6fb42695ba705afd26511ff8c24cbfbb4225a84d7ccebce2a929ce25bea512fd21025f3e5762847a9a63aa4d473e0d33a028339fdd665a0e0bc66fb9432593817a68f8f4ae6ffe515006ac57bd47711bdd0cfa95a58af55af5467cbad933d8aebfebe459dd56be9c0ec733737d787150a1cd79e243c6c5c9149a6775d03ae8b832d0b477aaa62498d99e8533594fc116c2178c33aca3f253de8336ee36d33f1787af65e93991e9341ccb09af56a6ef95fbedea7428930532ce991919f12a8b3dec979cbb86630cf1613fdc5f6f6ec2491b6ea17173c011319059ce5d3d2600cab64c2aaae3ea55e9d4d64bf7e2cebde2bebf56c153b10c5b4910b4804688d2f05841dee91c6a282222d91dd1749b7b35af11e725f3b7c2777d8fd17bdefc39cbe3393580ea09e3539614ab3aee561aad169b275abc053465fbad0048f7a170e1249496ed713647387657c17ba26af628debdac4dad7eab3c05376afab92d7ded82bc36013d9adb36593f29a88be711c333916334f5fdb049d988ad59ad7ccd4764d460a6dcfbb8b8ffcaa9b667e04daf44640c53906c659ba6e59f6251efdd0d96e75fd341f9c4842fd23953d77f20417e8d718fa9173e648a55b61f8d1f7bb42e585cf804bec68823aa2a56545afdae8bb564bf9cfc83b5fbb9dd73851b78407078f203823695903391c902df118e2c396313ca5c02329084f19c263dc8b873207ea5dbb1dd704129657adbe222110cde3ca876c3dbb5fa17cf06506c9d42dc30de218bf768f582ebb8f8e632ff586ab15ef9db1dd6fa161433e35df2b25f17b498e7507052c749df5da37dd4e263317b387e8d05fedb0c920cdc9e8cf8c855dd054356bdf87bd19d15203d3768e8b0032b09a2cfea8d84501764e85d9ee442d592cfbaa77a785abd83d5e497baa06d6fa8643e0d36f9b48f5f83ecec0b71c8083d58aac39ebdc5a2434d5cb9d2fbba0a818d055e3754c9ca9c9d0297a02de02d52e75ed657a34d2bcdd93387fe701d71984a90ceca87db228b200a813d13207f303d1f55b1956d4480fd26b356323a67fcbcaeb7848a74237a800fd61e3905cbaf4c4d6c45465f6b8ea0e2cd1d5ea4511ae2de6ec7003eda427f7bf66d5ffda47ae82ee9d0cd1739e41e65bf3ed66e4ad25fa54c089a85dcaa16361c43ca1ea6ebf9edc563b0cefc603bd61cb0a51dd71b5a4b118cbe106a93ddfa06b7d2bb735a219ae73e210de5afee512a082e7777b42b471e807fe9617e90ff297124cbf948bbe3bca34e13a90b52434e684c0aee0ced7bcfdbd063f7bdcccd9618abd5020695e574547f700c40cb2657d2245075b48af6296edac2fd0d4df68a27b08e663092ba90396dadf8e44528f9b97351718097dd5c96a18cd5c91786b04545d4f1e24f178c778377a5cc4197fadedc57847b93cd7bcb5d3c52e3f34f068053c921c7dffe988c08ba465cce578f065fa7934d2ee5649aa9c0a5219e2df238c18d0cae02f79d255f23e904a8d3c6f40bebb3093a752b7d86c8d10757a381378f56d74ce5e1dbe1a8de27a5acf5479a600371bab655e0080445c08886699ec523d58c7cf71c1881cde785d56fb01c17b4b0e81bd0e5669d3838ccebf04afe7ce45f55993012a004135ba25a54c3fe81ebd62af313c9caa6c962479c5955059d8000a3c55d6dde9725bfb1ab3b91bff94a271d70839bd44f61017ce8ef581f20380155c91b48fe954067e82d3a856f62e7c3b97fe352a51dbdcdc55dcc92b7edfc58e4414b3f57c4e15f00bbadbf4160b2b57d66105c5e863c12d729b92d936ca6e494ed16576c2980ff8fa030ad12023a5e5aaecd3e25ed45d356e36f6607ace68cfa7aac054d07e7c58e8e55262c72564315473ed1b2150081bf090f3a10ea148b1be0188036c0eadb59ce2e0af9b371e74393eb9d666655cc48a7a5830380903ba2be08129b26576fd4617b5386ed7974e07f4b55d328c0982a0541662d6c15593bd04abab633b4621ceb41bf89d4db2f31b54e8c2b4a99e005c8906117b89082c224d0e92d8b75b5c283627605aaab572c0e106eea8ca780439f95324992a4bd713f0b7ada055d46a15b3a19503d97afc5811039c96e8ea1d6791c63f6842ed10c65639005e32166c917a11b0b03f8da55d1bd1b1b2828e91cdd8943c7ed45b4cc034b94b0cdf64853925010ffc7bd2ca91fd33fc636fc8e0ccd96bad4d280a09eed595d67939b4ec79c0c691f8afe681d9257f89bee94bd9ea605056b72475825646ecb59458ca64df090fa18fd41a8f6bfbd945b83fd3dbf4d1d249b4d7c93af138284196f10ac2916ff249963283378c1a36cbd44f70c81729f6d9c587a7622f366d88b225ca99cc2d9185a3957c862665576384d0c8569748ed2e7092bb27c17972a6dd428b185b2bde7fb77bc024d787ac0e131c1364e48fcf13b297037c4131a28e0a8742d55a34fa14a0e539cd952247208023e1a22a1a62886349ced4905a3c03ddcca310c2b4d1af5e26a59c4202f2e46cf4578f3226cb6a88b04ac9fa33f9ba230d7da84486f393d020453254faf2fd411cf732142fa6f3137c912f5c468c1d516aed4ab3743061dbca63a10824ffe7b255150ac942ec4570bd3e2a958c1afbd7d3d95693c5546762e27c4be45b0bd41855853d0072e2466bfe1d6861d1729cdec737cddeffa3f36d5abd7426c41b8616f42678f887cf6c17fe022ae14c6e074a50a858ae698bbdfe2ab8fcd61c528ed8bb41bb2ac0cfa027eb463b88af69c3713185653878f888658f06f4657b4fd80b3a061693b35c1689bb36ec0559b15e74891a597b99c73eea4ae50a71f68fd51a1409e22a7197d1d5f678f7d241ceab5bc645af57451300d6163ce929791df0ad7cccff9ac9c64c396653c7ea5195ca9bc8507fc5598625153d220aaa0121a2859b11b6a298ab8dbe1cf859230ba8925215860de6b5c4aacd8e79e9405fe323063c8855dc7ab499a4c9db2af741255e19c8c2a685daf39c84fd629b46663dcd7d6564a62f2802d23bbd2e3d7f9da617b47cdbbf620182dfc23dc8af6595ced60ba6a704a74aacf11b7763ab49bc9b94c0cae0a039bf18c71cfe7fdb4f61d62cf0952992b8fec043e274ac0f43c2d1e6e7a22020c43a615e74417bb23761f42102450c79370bc1ac602fc9f82d8ebde6ca15fc988585fcf2480cf2c3073b2485aee452318272738dc592ad1541df7f42fae5add610bcf73a66527c9f5d29a4527b241ddcf844748392913efe639b1ffa323895272b78487dc8fa8b2a4f9660a8e7af2c350e956d39bd18ba633c4d902c29c8716ceb9dac4b72f7ea8d7b6b2c28b534b8b028493d28f39c630a447c63c1efaa4c4b0aad2a13c049661e2cea2691537157f5cd50457b4dcfc75dce3f2161dafb0da92d22bbd3f380f08337729be834acafefee09f5955b536c25f5f2b31f40f8f15b79d8ab88bc7f196bd049a34dead5d4a9e3250489855b2815676a5cad00caecbd580d6522255ebf916b4e97ea3c6cdf2092a780cc5c92a9dc83aafdd3e93a13eb78dbfe2e071da3f0bc4815d3daf18ef51f55f214f14a37d41075436ed6563c009b0e3072b77e8f8331946d57fd3ca0d896df5c1e26ad8e054ec6ed168301895554f0cdda129886a479b2742b34394f28db878ed138fee7908301f5d4320108a8cfd6d35884a3232c5acb23ab4033aa9bde836e8242ebefbcce491687effbe410f63b49143f30868c83616d103dbbaae614d0fa637a13115070c1b4c25aa3f01d4f53765ab970d9725ef0e1a6fcecb2af41d8b079efebd9138fe004eefdbab995a4b3b3c224d53dad84d816b95bc84dced52e71505198a911adf5a8bd16ac7b5983d6c28987e7f66e7ba537da1265711be55ae0a0df549c3f2f11664c66172c41221586420925410f725280097a903fbb3525cc1aa66bc9edad58ddd59eba91c8b4381d0f1371258736e6a2330400e9f5ff5b5112e6648dd246037b55fa1d5c6512f73ed05fa260c66743e7f05b907bc061159d2d09dc91b33237983e4131d1d4aed87ad7de2bc1eecca886a3b984338b1a426499eb31b8650bd90e1e90ee09bb57d5bdd5d5bf8a4ce6739c92ab0cd7dd546abfdba57d2ee927a35ca049d3e3d55f5d4ec25e053d60e7d06a9c7187d8ffb2bd8d347374d415c0ee1c0b6e6d599d4dee242271da79557ebc08ba23b56be1dee2dca75e87df8129e79a0564a813587c00413199b8b6d6fbd487fb2e6ea148a9c85210584e45c5ae9c0612d5200e9e3ea12dd321cfd8d3b1caf99af815061b4a17aae296764b37012572c0016becb993e1ad8999bfd79a3751a5c7aa736375eeb9c1a26a3b868df19293a3fef1bd4102657e7771a5f5f821deedb7c2d93eef0c92c49b62097ee4706516d02a6f7bf49b5f44a44badcd4efc470b7230d026f12aa1ec6b211500d1640f175dfaf684ce9a4ab41b187ab5eafa79310b5a30c6a09bb3f4e48364c4d912d3891f9335622ccd2244d2742b21a89b9bcf91da98fbbe5ded2e87c14596c061dca59c9d7a2fa8d6861511d796a02ee1e39a5c"}}, 0x100b) 21:34:56 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1) 21:34:56 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:56 executing program 2: pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r0, 0xaead) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000080), 0x128, 0x6}}, 0x20) 21:34:56 executing program 1: 21:34:56 executing program 1: 21:34:56 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:56 executing program 1: 21:34:56 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1) 21:34:56 executing program 1: 21:34:56 executing program 5: ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1) 21:34:56 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 380.987382] overlayfs: missing 'lowerdir' [ 381.082419] overlayfs: missing 'lowerdir' [ 381.510119] protocol 88fb is buggy, dev hsr_slave_0 [ 381.515252] protocol 88fb is buggy, dev hsr_slave_1 [ 381.520381] protocol 88fb is buggy, dev hsr_slave_0 [ 381.525531] protocol 88fb is buggy, dev hsr_slave_1 21:34:56 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:56 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/attr/current\x00', 0x2, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaa2a91003600810000000800a0cc000000020000000000040000004e2600089078000000000000009359dfccdf828edd6d4d1044461347cd27b56fde0029c937863e01bc7020cfa66cc3d70cff3766ffb09dcb3c632317aeb126ea9a35f4cb3edddbf4474816d3874c4109d0e8453fe5248d97f3ea0d6a01a796806a5f4987f7a95c329cd696e9f9a5a35ee9acd5fc88d883a990ac19004aea7fd809759301ad570ace089fb11e54cdff8757c81b199413f3ae8c3d18756e880e3e363b8a147b017ea67be17dc9632909843edf61990187e71ee987da79acaa9545c288"], 0x0) 21:34:56 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 381.686262] overlayfs: missing 'lowerdir' 21:34:57 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') r1 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x3f, 0x101000) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000180)={{{@in=@multicast2, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@empty}}, &(0x7f0000000280)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000002c0)={{{@in6=@empty, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in=@initdev}}, &(0x7f00000003c0)=0xe8) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@mcast1, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e21, 0x5, 0x4e21, 0x8, 0x2, 0x0, 0x60, 0x2e, r3, r4}, {0x2, 0x3, 0xfff, 0x4, 0xfffffffffffffffe, 0x0, 0x8000, 0xfffffffffffffffc}, {0x1, 0x7, 0x4, 0x200}, 0x15addae0, 0x6e6bba, 0x0, 0x0, 0x1, 0x1}, {{@in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x4d5, 0x1c2}, 0x2, @in=@broadcast, 0x3502, 0x3, 0x0, 0x4, 0x4, 0x8, 0x2}}, 0xe8) 21:34:57 executing program 1: 21:34:57 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:57 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0xd571, 0xffffffff, 0x3, 0x3}, 0x8e) r1 = syz_open_dev$vbi(&(0x7f00000000c0)='/dev/vbi#\x00', 0x3, 0x2) ioctl$PPPIOCGFLAGS(r1, 0x8004745a, &(0x7f0000000080)) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aa12449eea26de961af4001c00000000000090787f00"/34], 0x0) 21:34:57 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:57 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:57 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_open_dev$vcsa(0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x1000014, 0x0) r1 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) fchdir(r1) r2 = open(&(0x7f0000000100)='./file0\x00', 0x40c2, 0x0) r3 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r4) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) inotify_init() write(r2, &(0x7f0000000600)="34fd98aa1d0e7adec937a5f331a75f487934f50242a0751944936972896c29a5068c8ecba1aa0a4e2a631b5180e1fbde79f4502dc4c4a1fba9dcd9ed83e639aefa1b87631c33d1a82cb0c0035676ddfeb0fe7984d7519b0f839d497fc9d64ef14d1de22220ff2623df4950134b9fb734a52adad95f131cce3672a9d7d7b400d2c62810b5f20351639330948107bf8d4534a03ac389455c54d8eb4d609b3e858b7213b38eb01f0eeaba3739ae927916e28da6a79a3fd5e32d30ab30bf959d4596e5ffbff6789a650b9e7d248d1ba849012336a4f3ef8fab07a8f5b81bb0bc45b2174538315ca12b7c723b2157562564a8a1f19d28179f8c565448e0e921b8c3e6fc4adaafa8b929ad077f633325b6a6f71a586cabc4883e03e19315f946b277858593a7367e232202fe9ad656c6768a1517da7f0498b48cb078e929fb11db0cc551f754bffc4859dd89a396915cc809b07d448573098409ea21371056f67ef4114ec10547f498d24513fe594308bf022868ad21e85bba811942fdc45161a1a8a7fe00d5c6b05ed7954f631bbd12a5c9a5cfa5965e0595de608b04ebe02b3fcbf3b9f57807a1a7ad8528992e2ec65949da2f4a0478dfd3ae52639c15d8aeaa351da6d393b5", 0x1c4) sendfile(r2, r3, 0x0, 0x7fffffa7) creat(&(0x7f0000000000)='./bus\x00', 0x0) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 381.830096] protocol 88fb is buggy, dev hsr_slave_0 [ 381.835228] protocol 88fb is buggy, dev hsr_slave_1 [ 381.840378] protocol 88fb is buggy, dev hsr_slave_0 [ 381.845436] protocol 88fb is buggy, dev hsr_slave_1 [ 381.845830] overlayfs: missing 'lowerdir' 21:34:57 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:57 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 381.941705] overlayfs: failed to resolve './file1': -2 21:34:57 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 381.990476] protocol 88fb is buggy, dev hsr_slave_0 [ 381.996046] protocol 88fb is buggy, dev hsr_slave_1 [ 382.004785] audit: type=1800 audit(1573248897.272:141): pid=11092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.0" name="file0" dev="loop0" ino=119 res=0 [ 382.080708] overlayfs: missing 'lowerdir' [ 382.128219] audit: type=1804 audit(1573248897.272:142): pid=11092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir989968185/syzkaller.2mEXo6/179/file0/file0" dev="loop0" ino=119 res=1 [ 382.131924] overlayfs: failed to resolve './file1': -2 21:34:57 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x400200, 0x0) recvfrom$llc(r0, &(0x7f0000000140)=""/77, 0x4d, 0x0, 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0x0, &(0x7f0000000000)=0x6, 0x4) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x200, 0x0) r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) write$P9_RGETLOCK(r2, &(0x7f00000000c0)={0x24, 0x37, 0x1, {0x0, 0x9, 0x6, r3, 0x6, 'md5sum'}}, 0x24) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) socket$inet6(0xa, 0x4000e, 0x2) 21:34:57 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:57 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:57 executing program 0: r0 = syz_open_dev$vbi(&(0x7f0000000040)='/dev/vbi#\x00', 0x1, 0x2) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000000300)) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000002c0)=@req={0x100, 0x2, 0x7, 0x20008}, 0x10) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f00e1d93f64655f3b834e2600089078"], 0x0) r2 = accept4(r1, &(0x7f0000000080)=@in={0x2, 0x0, @local}, &(0x7f0000000100)=0x80, 0x180800) sendto$inet6(r2, &(0x7f00000001c0)="0d98fa7f05346b89591db37c8ce88f99dcf7912e971ecd63d16c06e99936e04125382c5fbe21786d330a425da0b6601f2719e0cc2b321c9fe0c3ff6fed166e4a8cf65b1d3fda07a6b39ace1dc3a3b1663fe5a4bb0b19d208e6546c76f2124a93c9aa1513ff96bbeed991cb8e5da2af6df033040ebbee138f5b0892cd44abfa91d8326613c19ab3186bca20fcf271258e9b995ade311225548a7889a08dff5e2055d336fd7939b51488893af0cadf3627bfdce3a550c7bfe9d94642096e88c5198be2e2c5b6783deefd85dcc3f42d37685fd4c1d85a9475ff5345b89cfa460472dbe79d91738742", 0xe7, 0x4000, &(0x7f0000000140)={0xa, 0x4e22, 0x101, @mcast1, 0x7}, 0x1c) 21:34:57 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:57 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:57 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000100)={0x10, 0xb, 0x14, 0x13, 0x4, 0x44, 0x2, 0xde}) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x7, &(0x7f0000000080)=ANY=[@ANYRESHEX, @ANYRES64=r0, @ANYRESDEC, @ANYPTR, @ANYRES64=0x0, @ANYRES64, @ANYPTR], 0x0) 21:34:57 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000080), &(0x7f00000000c0)=0x4) [ 382.650170] overlayfs: missing 'lowerdir' [ 382.657075] overlayfs: failed to resolve './file1': -2 21:34:58 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:58 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:58 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:58 executing program 2: setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x200}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:34:58 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:58 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 382.845971] overlayfs: missing 'lowerdir' 21:34:58 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:58 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 382.939443] overlayfs: missing 'lowerdir' 21:34:58 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:58 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 383.039485] overlayfs: missing 'lowerdir' 21:34:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x3}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:34:58 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:58 executing program 3: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:58 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:58 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, 0x0) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x1000, 0x200, 0x7ff}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 383.626226] overlayfs: unrecognized mount option "lowerdir" or missing value 21:34:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:34:58 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:58 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:59 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:59 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:59 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x8000, 0x1ff, 0xb07e, 0x3}, 0x10) syz_emit_ethernet(0x32, &(0x7f0000000080)=ANY=[@ANYBLOB="aa3e882a910036e4810000000c0045f4001c00000000000090787f9f0abed80cc54bea7eb4d76bc9740b5385a98e91945fb5fa81ade0e0904aaac57b4680e71df9558968fd881aea327e0112517971f4eff3f4c64246212d21650ad2b7e92314d14cb2a99865e6d97c7aa93fe967bb6ba10b0185dc45fbad7917e2d06550a8d28f8b9a4e8376a00b0bc8cc5a94f6670e48c92a7f1bcbb5b450d221c2d2d8c45af97e1b51a47a4e9126692b59dacd5c435cbfd2f1227c6ab66617e81c7a4b80cca1310a6ab7335eab8081a47bb77bcf6f7a08ec2cad397c75ef060327afafd0bb890ba41436306f"], 0x0) 21:34:59 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r1, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r1, 0x8990, &(0x7f0000000240)={'bondp\x00\xe1\x03\n\x00 !\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 383.798037] overlayfs: unrecognized mount option "lowerdir" or missing value 21:34:59 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:59 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x5, 0xfffffffd}, 0x1c) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) accept4$packet(r1, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000200)=0x14, 0x1c1000) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00080000000090787f000001e000000100004e2600089078"], 0x0) r2 = syz_open_dev$video(&(0x7f0000000080)='/dev/video#\x00', 0x9, 0x80000) ioctl$VIDIOC_G_DV_TIMINGS(r2, 0xc0845658, &(0x7f00000000c0)={0x0, @bt={0x8, 0x8001, 0x3, 0x2, 0x7, 0x7, 0x1ed80, 0x7, 0x5, 0x401, 0x5, 0x1, 0xfffff001, 0x6, 0xed0a54ca9f179bf6, 0x10}}) 21:34:59 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:34:59 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,wor']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 383.947902] overlayfs: unrecognized mount option "lowerdir" or missing value [ 383.956270] bond0: Releasing backup interface bond_slave_1 [ 384.068012] overlayfs: unrecognized mount option "wor" or missing value 21:34:59 executing program 3: mkdir(0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:59 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x101080, 0x0) getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f00000000c0), &(0x7f0000000100)=0xc) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:34:59 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1) 21:34:59 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,wor']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:59 executing program 3: mkdir(0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:34:59 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1) 21:34:59 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,wor']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 384.578044] overlayfs: failed to resolve './file1': -2 [ 384.595006] overlayfs: unrecognized mount option "wor" or missing value [ 384.656027] overlayfs: failed to resolve './file1': -2 [ 384.717958] overlayfs: unrecognized mount option "wor" or missing value [ 386.070148] Bluetooth: hci0 command 0x1003 tx timeout [ 386.075453] Bluetooth: hci0 sending frame failed (-49) [ 388.150119] Bluetooth: hci0 command 0x1001 tx timeout [ 388.155452] Bluetooth: hci0 sending frame failed (-49) [ 390.230106] Bluetooth: hci0 command 0x1009 tx timeout 21:35:09 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:35:09 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x1) 21:35:09 executing program 3: mkdir(0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:09 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') socket$can_bcm(0x1d, 0x2, 0x2) 21:35:09 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=.']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:09 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a91003600b50f0000080045f4001c00000000140090787f000001e000000100004e2600089078"], 0x0) [ 394.107117] overlayfs: failed to resolve './file1': -2 21:35:09 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) [ 394.146611] overlayfs: workdir and upperdir must be separate subtrees 21:35:09 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(0x0, &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:09 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=.']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:09 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000080)={'raw\x00', 0x4, [{}, {}, {}, {}]}, 0x68) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r2 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x80000, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) mq_getsetattr(r3, &(0x7f00000009c0)={0x5, 0x7320, 0x1, 0x310b, 0x1, 0x4, 0x10001, 0xc8de}, 0x0) r4 = accept4$ax25(0xffffffffffffffff, &(0x7f00000001c0)={{0x3, @rose}, [@netrom, @default, @remote, @null, @remote, @rose, @default, @bcast]}, &(0x7f0000000140)=0x48, 0x80000) write$uinput_user_dev(r4, &(0x7f0000000a00)={'syz1\x00', {0x76, 0x6, 0x400, 0x7}, 0x19, [0x6, 0x1, 0x80000000, 0x1, 0x5, 0x101, 0x8807, 0x1, 0x5, 0x6, 0x400, 0x9, 0x8, 0x3, 0x1f, 0x1, 0x6, 0x9, 0x0, 0x660, 0x5, 0x5, 0x7, 0x3, 0x2, 0x829e, 0xfffffffb, 0x4, 0x7, 0xff, 0xceb1, 0x669, 0x7, 0x2, 0x7, 0x8, 0x9, 0x800, 0x422, 0x5, 0x1, 0x5, 0xfffffffd, 0x3, 0x7, 0x6, 0x8, 0xffffffff, 0xff, 0x3, 0x7, 0x7, 0x2, 0x3, 0x7, 0x2, 0x6, 0x1ff, 0x8000, 0x7fff, 0x8, 0x7cd, 0xfb, 0x2], [0x3, 0x3, 0x1ff, 0x6, 0x9, 0x3, 0xffffffff, 0x45, 0x1000000, 0x7, 0x80, 0x5, 0x4, 0x9fb, 0x6, 0xa25c, 0x0, 0x20, 0x100000, 0x0, 0x7ff, 0xff, 0x9, 0xff, 0xbcb, 0x29c, 0x1, 0x1, 0x81, 0x6, 0x10001, 0x6, 0xffff, 0x4, 0x0, 0x3, 0x2e, 0x80, 0x4ae, 0x8, 0x5, 0x0, 0x6, 0x6a7d, 0x6, 0x20, 0x2, 0x81, 0x1, 0x2, 0xf02, 0xfffffffc, 0x5171, 0x4, 0x7, 0x3e7c, 0x5, 0x0, 0xfffffffd, 0x40, 0xdfde, 0x9, 0x5, 0x7fffffff], [0x9, 0xfff, 0x1, 0x5, 0x2, 0x4, 0xa3b, 0x3, 0x3, 0x7, 0x5, 0x7, 0x7fffffff, 0x0, 0x0, 0xff, 0x9, 0xd7, 0x100, 0x8000, 0x3ff, 0x3, 0x6, 0x5, 0x101, 0x7, 0x5de, 0x3, 0xe36, 0x4, 0x2, 0x1, 0x7ff, 0xbb, 0x8, 0xb348, 0x9, 0xba0, 0x3, 0x0, 0x1, 0x3, 0x401, 0x9, 0x1f800, 0x5534, 0x1, 0x46, 0xd, 0x6, 0x70, 0x0, 0x3, 0x4c7, 0x2, 0xfffffffb, 0x3, 0x7f, 0x0, 0x1, 0x2, 0x2, 0x4da, 0x8], [0x7, 0x6, 0x6, 0x20, 0x0, 0x1, 0x7ff, 0x5, 0x0, 0x20, 0xfffffe00, 0x9, 0x1, 0x80, 0x1b2, 0x7, 0x7, 0x8, 0x4b35, 0x0, 0x0, 0x8, 0xef, 0xfffff800, 0x5, 0xfffffffd, 0x3f, 0x5, 0x10000, 0x800, 0x35, 0x2, 0x7, 0x13, 0x8, 0x1, 0xfffffff8, 0x80000000, 0x9, 0x5, 0x5, 0x4, 0x80000001, 0x0, 0x4, 0x5, 0x40, 0x7, 0x3, 0x7, 0x26, 0x9, 0x1, 0xa06, 0x9, 0x4, 0x7f, 0x8e, 0x4, 0x1, 0x9, 0x8, 0xfff, 0x4]}, 0x45c) r5 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r5, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r10 = socket(0x1, 0x803, 0x0) getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r9}, [@IFLA_LINKINFO={0x18, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0xc, 0x2, [@vti_common_policy=[@IFLA_VTI_LINK={0x8, 0x1, r11}]]}}}]}, 0x38}}, 0x0) r12 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000e80)='/selinux/checkreqprot\x00', 0x141000, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r12, 0xaead) r13 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000480)='net/psched\x00') setsockopt$ax25_int(r13, 0x101, 0x6, &(0x7f0000000980)=0x9, 0x4) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, r9}, [@IFLA_LINKINFO={0x18, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0xc, 0x2, [@vti_common_policy=[@IFLA_VTI_LINK={0x8, 0x4, r9}]]}}}]}, 0x38}}, 0x0) sendmsg(r5, &(0x7f0000000940)={&(0x7f0000000400)=@ll={0x11, 0x1, r9, 0x1, 0x20, 0x6, @broadcast}, 0x80, &(0x7f0000000480), 0x0, &(0x7f00000004c0)=[{0x100, 0xdcfc6d4a5d3b5674, 0x6, "3fa5ffdd104f9fe49343aeb04acb4d41054f39f4bd9e8966cdbebf9e187b987d85a12769318486e442b9de9d56ce0bcaa707b59d4af7e2ad7e5ea5fd2a2a0753ee86dd7450be51a49fee28f5d45500410eecce6478e28bba7be2c035a38c367a0d991280b7e247e8e24d6be5b86e3b630838bc7320c10f41229afbdbc5c52bf3f725cdfcd85502db91a4f049396079fd0c7960e9c3e0b4b538d5c2c1f4c28e47dc8c23b1822b00ccd0d51e0f11f26fba2050a4e913a8884e925b034f1fd9e65d1e7e7e366098489acfa5e46365692fe772b40c92a19d757782b910564a2c7bd3dc79252befb0d8a82e3e15a6f948ec73"}, {0xb0, 0x11, 0x4, "6cbd58a67ba5cc3ad88163f87eefa66d2333966f5895d5787f54cf93f7a7f55757176a5bcd2311ffa0a4cf9d6ae050257b9a3a988e5db6d8bcaef2fa8f4a5d785ac16e2fe0abffd3aa24725dee4b85f38cd2f9715a28217759e1e866cd457e4e7789dac965e42924242b61c1319cb7e9bfb1ce6f761e182991878a9505098ee908ea60a8175776877dbbb957efad99fcb4a436c5605ce368338f98e29bc7db"}, {0xf8, 0xc, 0x400, "445be97b7fb607cecf8f37385fad1704cc1a95a49b7cefa7f1864bc549d660e2242c4f97d23dede98aad9d4b43a1689563b77122c18d4800ed21dbacd81cd1a9e77577b8d281141d44fcafd11ebf143cb5c3d13517a5510f63d3d9f4f9aeb57d7cbafe0d68288119ac14e5676ec6222e98582f4f046e98b1450ebb024e4b0577768734f4e3bf05d3d3e0d1629f363e48fd69649426e2cc71dcfc3a5135d1df5e4d8b22ca53c68b48c7915bebf18f39221cba47926b6299ce21556931884a60892cffc255280b6a336219e2caea28ff5b7788d82c67edfbbf4093c20b107947c36c875f"}, {0xb0, 0x3a, 0x7, "056e0c3efadfce3d194fe3c0dc834eea873ab6039ae2deb069fc5a35439e1b700725eea37aff76b1fac3a0e050461980488f646fb1d204e0ff84286465a70cd58af9fbdd00f215c2c63512b78786f24d1f320c86acf0d29cbf9ac261d6e4bc618d55a66ba8693a471a5ea140f67fdad1eb90ea5ac4d5c4a4d1c6a2b34ce6817c47411181cbdad8f4c5470097e3747eb00895c813fcbe997fece04dbe"}, {0x80, 0x88, 0xffffffff, "b79c7ff9ffd0813a48647c5ea362ad819a24be097985c494c42f7fcb0be3c946f993c52048f5536ae136a7455050b7eb0137124e7524fd292f40b8e144691d234c1c6ad407e87f35cb7825d711c270bbc5a3d47cef86bc9a5bd7c01d2df58f9a17729209509624a2e88a619911f450"}, {0x10, 0x100, 0x9}, {0x70, 0x115, 0x100, "4c0dbe0ead55496eecd013ed3167dadb1e8ad6796d5a127b1c38750ca5201ffefc8324f5b08136b8761fa99e454720698e15fad71a0f5d17c0092678e799bb31666d719a025523e9f04ee82d31782ede88e8ef5c04f06970409479b828ff12"}], 0x458}, 0x22000c84) ioctl$sock_bt_hidp_HIDPCONNADD(r2, 0x400448c8, &(0x7f0000000340)={r0, r4, 0x5, 0xc4, &(0x7f0000000240)="d6da5e02fdf64a2d8c7645d2f08b620dddb520c5a96aa245390dff61830e70a8a0b15e11bf053ccad639e06bb84545ae8d48085c56522b4ac11b99cd48a3fabe46b8580eebb0e8a755e3a179a71a55e9bca8b7aaf19adcab1b95e722975b3307a1e15169e9d692f52b0f136eddec1b3828b98c91d25abfbb0d494ed9b2e25b881ac47707cfe22ff8ff0669a27ee5b27f256b7aedb3b9ca20c655325d5237af567bd8b7fe93e31d14f10f4bc2246f318259b0b215ca9fd3e2a7234b731749bf180cf6c445", 0x6, 0x80, 0x0, 0x0, 0x3, 0x2, 0x3ff, 'syz1\x00'}) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:35:09 executing program 2: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x8, 0x2) r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r3 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000001980)='/proc/thread-self/attr/exec\x00', 0x2, 0x0) socketpair(0x7f5eba34e728d7fd, 0x6, 0x2, &(0x7f00000019c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_ifreq(r5, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r5, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\n\x00!!\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r6 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r6, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000340), 0x41395527) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r8, 0x407, 0x0) write(r8, &(0x7f0000000340), 0x41395527) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r8, 0xc0502100, &(0x7f0000001a00)={0x0, 0x0}) getresuid(&(0x7f0000001a80)=0x0, &(0x7f0000001ac0), &(0x7f0000001b00)) r11 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r13 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) lchown(&(0x7f00000001c0)='./file0\x00', r12, r14) r15 = getpid() sched_setattr(r15, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r16 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r16, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r18 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r18, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) lchown(&(0x7f00000001c0)='./file0\x00', r17, r19) r20 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r20, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r22 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r22, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) lchown(&(0x7f00000001c0)='./file0\x00', r21, r23) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r24, 0x407, 0x0) write(r24, &(0x7f0000000340), 0x41395527) sendmsg$netlink(r1, &(0x7f0000001c40)={&(0x7f00000001c0)=@kern={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001940)=[{&(0x7f0000000200)={0x168, 0x37, 0x10, 0x70bd2b, 0x25dfdbff, "", [@nested={0xc4, 0x10, [@generic="01cdc314b5e19880388054cb75b8d6512479f9f6956a15503a443de38a32908c59523ecdbd6be45b03f6af780fd819f64511f0901a158f63169973ee858f94e312a8d682706c0ab7228e705032045b757e30a59cfbd4b20c31f7c508f9fd008a2ffbb24b311f9db3ec18866d7a932bf566a62816b9a6ac6f4c980f638cbb0aa9822ffb338c16fdc2f41c17", @generic="5e881ca7a3714b7cf57255ef1f60d41853de351239c4ecdfcddfeb9e64b57229f01965fb05887b121540a282def11c4b735d240642"]}, @generic="b87ea8084a28fb59ebec8e6cfa9bda7266f063f14e6f833b22ba6574b4b106e1c7af4eba894c2f640d5981114dd9ffd5dc2997f70bdf6fb4a2e18ec13415dd8981def5079e3ca62784ebe42023356a7f6251d92c54f394ff0a1469a18c297e261e1904601c09f0eb0417d465ee", @generic="a6", @typed={0xc, 0x20, @str='SEG6\x00'}, @nested={0x18, 0x26, [@typed={0x14, 0x3e, @ipv6=@rand_addr="6ea4f0cc731681b90fadc6efd155c741"}]}]}, 0x168}, {&(0x7f0000000380)={0x6c, 0x12, 0x20, 0x70bd2b, 0x25dfdbfd, "", [@typed={0xc, 0x4f, @u64=0x6}, @typed={0xc, 0x1f, @str='SEG6\x00'}, @typed={0x44, 0x62, @binary="f141de4633865e0cb0c9dfb681fe002e75b8c65dbd638a376b2457553de6d83c8512084aefd5c294d62bae9b20dee989bc8d0018c41c850ce3bfcd019278"}]}, 0x6c}, {&(0x7f0000000400)={0x1278, 0x37, 0x1, 0x70bd2b, 0xbb0, "", [@nested={0x10e4, 0x1d, [@typed={0x8, 0x63, @str='-{\x00'}, @typed={0x1004, 0x7, @binary="2aba1a7cdc2dadc2e498b4d44f40a9cdb97c89b6f2ba1c9d1fc8f9ecef634c1cb5411a9696d8ff7ae683b0e720917d71fdc15abfc86ac66aacebcf60e70b2cb5dff9d2faa9bd90e8e8074fff0bd206e2f3fb4bfb73cf4853b4f0ed9ca818d6dab5d6e1368f426f00b6ab2015c328d038f80c8424824815bb6b1398268ba2e9565285bdc8213d919164a6fcc09de16524fb922b23db5fee74760937a7b8bc66b9caa1e3e50742047e7cebbf57cb48c5a59c144712d834a48910997a7f38aeed61669128cd80a5abc55e37f77b4100fc27f39b43adb9b37a2bab2b451851d75c24f952745dfc0ad682e0a46567cd50d2e815449d06c778f69eb581f789acffb30e56511411d590d5babc41116ee113ba505b8fc873fdee7a86c1b975de6c464c893d6e1e6b44b4ef317aa94ad8e1f70188c2dcc5057ab7fc35e565e501c14de67006fccb6f286af6f0e8d30ae864472836a5cbfdeacf0eacf9eae9ada14faed1c5be12da4c1dd775ed69aa86331245afe9d1c06bec73f67211171d93313e6ab0d8bc67b074f1f65e96747bc15e165df7b098c0d5281a3c672cfb09add81707c6895601c0ea7b9ef9c9d1af9bb50ba4ebad051d1f7c7e85874394da8d59b7b30ecece4b185f81f7a4e36f2af325a38708741da4836aacc6d932246be8c05af882fa282110fc741771ddb5e2966970a71443fd35d7866547f9ab44747b90156870b1d19f002a07df3d1324c164b757ad922ce3459ca883d6022de45897720652942da3efe280e8a01d92b69a68c95c9f2353893d4722ff739227dd63ce9161a110ec3adc16d1027e910ac67eaef3676020fc625d6de7903221553aa7656319697352f1bf47da177cd091929ebefce2f97c8b4147c8cc06397494b6639775965f61652aec5702c472715895c705b4c3bbdbae99172679deb7600b8244dba86a4312d7aa6abb7ee6ab2450334a09b8aa1de9ba85a2fc33b9c3f2aebabf4b43cee17ea183e654afbfee853eefb5f0508187eb07db536f9ba796b210f707517ec78cdd5bf9da6da4a73d573ed8202c85a2c01c7d8c5444ec5b638be7e6ec8a4e25d660dfe5e01bdfc869c6759704cc47d9db0e0dc619b1d95fab694dac9e419d66440ef9bd0b131c4e2e9c6165dcd3d972037a87c8e79d9c3462cbc9bdfbb3baa0b9c41da6fe9a432cd5f572cc42ca9ce133892530d7e3de49f81c468bbe085af31b6e764d776e437765ecde974b154676d4b9cfe2b93345c99203924a077c2b432e82bafa60b20d80f66aef3e003b786c98e72442f0f1d2b9c1a857be7bc9c601a92be2ab65864fe4d5a848de8c2c3ff09279b8a2a7548a8d92a40f3ae0ec58677ce2a7cc5fee190a2eb15b5940f35e897dcb5061efd2c7a631009c5b82e62ebb3260a76e8bc86092062d278bb86667dbbf3d751bce0387e00f69534785f8438c6849727f4d3ec08b552d5d9782a295f3118465fc055d9a6550ad5a50245d83fae7a9dc58df7933d0048fd8789fc3e4246eb92c9e4076bfe22760c0cc4d9d2dd1f4fea2a9d9e411b3a53f81ac54652361b5fcc1537e85008b268139e747d2e00552e55bc53102eabe870b4108f0755f08864851bce91ff21a7a92d1372ebd1c990a015dbec43a1be5e625b92db3d1d9cb67820cf74183b280121d47520c919c197d84220158c1f3504bcb6ed56d6e312721a58e3f184c1782062be2f044ef46a963e56b78ea826c065e2336adf9ddce52e40824ef952bf4527fc367bef0b689bdeae3f63cb8f1973a178a95646136a9e996e1fabe9505a718f212af6b6761d0aaee96e7e0d64de932055f9c9e513ea3607522ce157b80f8837d03e71ce3c6707771b2074b50b41c89ea8f9c0f4175df0be6ef8530c77b21ca831487dfc91e8b7101c9b3070be41dfc3a6639e0f8d23fedee728bf6eec63f753e8d266e36a38bfac194e1a26f5e4d6a519c183db38fabbc1360ac75760a619627d4b8df498ddba4177f055dcf066d20b6dbf7ad0a082f201492ca455c616e7eb0afe2b5e06d72928f84280a9285b0887585e9891da973d0a3a3b5fae4370bec6d92572ddec7624c9698f305ae5cc47c6ee5c22e058b651a6233c724ac2f4bfe0af16e3e2a2521fdd49e0385a2a2acebbd6e0167fa682322a50e25e62e8bab58e26f49102e28385315788c5f45e5ea7cc03bf03c98a7516224a6398f3561da7cd7149a7d8aa9a620431def2e03958b2634d95c280f414fee42c114f61e185b4e8986ea1ff66f30116c8d5e11f9280d28f7aba0404630fa4aae77e5820a93c52c668eaebed83b5ea83761f1d835ae5194a29b24a810cc969c7e2791e6ff09c39e17aced3d9a37899366f0b98befa9db6526004c58a32db1495e431d46d38fe9958176a8444a38d9241eb73ba3296e1413bd325c371b04cf278f51d8a68f9210d609ae6c315cfeaec6b5ff68e7fccff592f8ae9b47a23ed0e894e855dc24a0763e0e401cf1eb22256f1cc0f28b5ec7143223c41e220f03f08880e09644085423bf0804c10ef99682a0a7c80f7ea722dbf6245145b67f5f4f5af9a3b8a5ab5c67f0a7a32b352bde50b5478f1f2311a16838a00ec2945b59fc8a28680d8559f8e80bea9b984cdf99ff39d139fecde8b55273d81eeb4c56a059c7f2664cf316a040ff3aa71708a116dae8e19557bbcff3c6cb8c032cfffd7c9cd4cb06766c592d32cf988ab8076f8143084e8672e19b1c92ad2db3bc2eb379437082eb20810611735f7aade015762e9eb313114a292bf18b23fbba56a1178a26c796aaad2a6a69e353a0e3a092daa6ff91bc70f44704ddfc627322eb20c008bac1266274def15e651d66b18ee4d57ee2e7689a4624e392c12c1906ed27f91b423902e6054eedcd46c5e2067aff8f8195800da8eb28c9b9dd9844f18edeb76c6725435cc2f4b5b20e48897c7e237de2ace6f2eca8660170d8d6d66ad131c090f9b3e80eb3cb535da072290e4cecb97c57d0292bedaf2806e3a57aec0392b502bca448f61f2c58930d35e2212f19748ef36e407fc592d9011d003a2be3afaff379fe8f1a248d1daa709de02680b7a9a39cdff2bb347902e55467a9f4b3c849be6f86ca637d91faf76a1c3418d3b39de48baffee0fc19a914396b0a1bee264570794d2bf89354bcf11df1b2aa792fdc75325d288782e3d8bbfe85efc58cb05e71427db84d57f350c77c130f606086574a9b20b1dfed6488cdc38b1eb309311286c8402a85e01ab3cc2743a3c24b385fd33f61f03d8a2fbc01e003f73e3e95035fa924d2e54f7bbada8fe747b122eadc66321d24ab44bfc3ab4406f624c421614ecb40ce47c9cd0778aee716f25bbd53e6001673db9a1293688fc43648305cf0a905d7b1bf70f6044bc5ebaa3bfafc2937a3636c5875c74e338a328727d7af79c4e8ec12f92471ee40f2c5a366600f8effa9c08dae3e362e85e310aca2bbdc11a52ec548ff418e72eaf03e034141926248f840bfc83065464d6a433a1f642953f7ac7d154ad413bae913741321238f3c20595ae282b4634882bcaaf4dfa977ab794afe639ff4dc100b8b960fa8ccfb32a27991042b2ff310e375a9c7cc8e14009aba1e0bd261f475fc2c3d39fec98060b13adb5274af0c0b3ff023fef96362c2869bd60b9e68f4989f5481e798d1193c02f06695c62c5458b73d030933d1e3f39727597f998a361d29c9abb78409999f433533db146cac5fc8a4c8ee031955d9962002fc792987dfd92d72cab147c0de862a12809ce83aafe1e40add381ab269905de7bf2f4c2a795c7c14ae054b559125aadbd9bb5f26e1c716c82f759721a087b392cf41799193cff70d1ff98f7458697658f136ae699455906b2a06d4f7951eec4037def488f954824d656a39d9b84666ecfddadcad14d7e94e9ff6d0d283b51ee8750610d10db8209cd17597531b48593cba9818f6c16472348bc27015b9a12844f481bc29ea7bffa9c29b7f2cf98b49b8ff08eb0a08ae67365927240ff0d9fe65d3e5c96bfd2931a2ce772940d8f5e4c45e8e8240b09625434673482f8a7f80a8b3edba7d1cd4cb4d636ab9282d8fb7d9396dfd1303e1b5e75fc1b61c1f678460b9bc2e2079870b478a393c792819f7104087a9e689c0dc25b009464b1f88aafcf8d017a3153fc82bbb0023f7199cae829304ee10d6be6372387227aca45c667823a289679e90ae2dba8b33ea08a09d276d6a540cfa23932e5550557f1e5d402718612db2b55a413aa62503fe2f38815999aca542bc848609753d19b29da13378e6224ccbee079d8db400065fd22c76ac97b33c3e56f0c9cc3f8c51a8f8490da13bfb268ae1b2a37576cd55d35eb2e2e70c25e7027655be3ac827c5d223a5095f03d31ba5f31c227a577cb7612f4a33e1e8884812edb9d3268177efd5b922f44863526a924c3c2d35eb136f7bd1041084d3e2e0ca60917e9219f27fb9c3e8adc3ab9a61730f2f1feee5284117cd5942d6d568c83a5f69ab0941ed9cfe00c3ef03afa87b4286de42c3bd8122824d10ee40c22424705a5242d25f8ce4168e40f62d1c1d3a0c399f6a1bf7420bc6f0d990418d8f4fe82f43589d31d4e00c8028a39aa097f233e627955edf9c1134064870c1c4009bdc949a641f72c1d76c8f8d1f4188e6d71f9f3898350fc093abd8487c0c3445482d9204cfcc034b22a6e685bf46ee1045d00e4efde8c5cf00aa116fa1fed8e964bbe0711dcd7c4ac4eaf24bf21ac600ade057f8a223a402007d198992063ae081307ddd6ac271284f3b174e32a9e8f85955ca0e56a49b18cb0a1d125eaee07c492cf7be70b8f75c29291cfa480506900bcb45603a402d981f78450da1accb97a46a21776678160a3732f0ccbf16bc9ed4c563910c79816b2d74f4e4884d9131e92cd8ab21883706b1ac01ceb8a12d7ca24045259fa63c18b411a5461a2f9a1a313dedee86caddae5e2b2e743949fdbcb0c8703b8be3d66d4e09257839e4214a7d7bf4c24d456726e730bdb1446991dca4b01c5cc6201f96b8f1093d0fb24576f6adde03aad1a8366c37073fc0a0afbdace7be41328a5836362a4684ac2cb0421d3ff3a17d52381b4f1e085297ba5f059c1a1521abc4f27f48f42373a48cc66c436964de021861beb59e1f4d02782886ab6f371a6b1fc2778722688efbc95c2437b04694da9630edc1c4542ab499a907072adf9a34e7864d3087dbffe2542aed928220049a0368f26b421e4e6ca580e73d988644f2bef5ce6c677c24ada79f04b0c27e36b78ef17040e796e82ceba0fcc4366806e00d9ca78183b112538c840e4702d1c4b8b999bcd278fa5309c5cafc8d406d0cdd6cf21ec52b85714b0eb2c6f60f311b45cdd1726c4ecd157be88d9d8c045936860ac789a93540abf1078db64dff035f2f25ac03ad4731ff6a2bd08083304c491fa213b4fc5c1098814e30fea5dc2b16de635f3842b652ea1f4dc3a375046788ff5cef4950556679145bbafbe131b47a411e85caecd78143b52c729e8be3a1fc1311d8f4698ee69c5a36be71b43e7407e76e6be41e6ea827d4e9daa2f545ff447ca0653098d333f6298c830dc2e79bfd68b1314b3822d2ce19a855d8cdea7bc3283f05687085ccb154a6850117ba76f10664e6440983b5aecd959ff85a7bd0d5db53a7bc7b5efaf5960d67e929bbf4d9bed86ac5d09e7df918591c90d98c620c05e651b83417859b00d55c6f66afb8d385f4762a50b5f8448707ad868b5aa03e94c638ffe7603255630c1a77ca65b07bbfbe117936aa04f94d1f8430f69324a3056c3d6115538d4c2e044501bd"}, @generic="13fc5071df2bd14ae27f0ae0c61617b7fab5d0ad41682f8cce4198411e6ac7b4ce6782d77a0d06abe2a5385eacfe8e7a9a60b43ebbf51591f6fba3684b6ae64ccdbc48452b71cda73c09f36b59727fa6923fa5a10f64f35553852bf8e2e8e67c97b5bcb54fa026cab088912028d80947c15b307a3f5b95765ae014994132c87ddc89fdbb078fd2cf2a7d2d31704fd5e210c9dc6e667112b0782abad6a9a10fab6b0b406880d089ae8e40146f14085629c044269a4cab9d5f4e4347af12fa91fd0f6dd9bdfa5365f14080bd9a07ecf3aa917ac3"]}, @nested={0xe8, 0x6, [@typed={0x8, 0x92, @ipv4=@broadcast}, @generic="5f400309dead326b91895b6592fce7bd5786d22dcb33c857dd5c9e2810d90fa69711f900d3422b7dfc3f051a159d649c1d59944501f0f8315c85cb273cfb0f7eaa745cdf244678a04d", @typed={0xc, 0x0, @str='bdev)\x00'}, @generic="edf57fbcc67b269898b305eee17045a23c094ef56c07994885895d09f178e858624f13a21728a1fc4a70e6d886ff0c0ab6193a266b847351dc524a6547251d52c19f4ba3cc7ea07ce32edc8fb47d6749ee2b2c05e8efe16fe456bc517baefadd0e98e79a53cdaf1ba8e58c4bd13cd93cb3c6b23b124ed656b006bfdaf2905ebc1f7ab608a3"]}, @generic="8dbeb93c15d64a42c704ba98c681d5547edefa0f78becd67477ba83b8b1f67d919df6cab7342b3d8e172df6ca8ed329aa20c2a6af42036307ae1d5b1a262075896d45cc4ae565c275eaba66d6e686782fbfe02f1b6306bcb95a92325061bd05b9136c623bdcb0f9d2e64e1b68ed3a98af6f3600cd00e28d610b5061737a0521982536329dda87ab51339248402c83997b76bc6013f524f7074"]}, 0x1278}, {&(0x7f0000001680)={0x290, 0x39, 0x10, 0x70bd26, 0x25dfdbff, "", [@typed={0xc, 0x5b, @u64=0xffffffffffffff80}, @generic="675295464735ca0b622ffc98d7faa9d9169568", @generic="4953ef8be8fcf61dbd5fd163ec6cc54baf9802257c4107868c79627e763bcd3376af60f7c81a0b6ccfba5296d4961d3c5d46620b9b423ad0ddd915962e38c5f7f2242a60eec4ebe7253e79f8f4d2f562c908e8c4", @typed={0xc, 0x85, @u64=0x101}, @generic="6f908e6de1ced92f18f8517502e993e3c99d6b51b08d50eb272a09705375a6907cb499c138a53b954a316463daece9024c5b37b18ce68da5e4bf6d80dbf5877dbb72630b0f94683bd84503d31a7060b00251ed828a5baa4b1d85d50b6415b4abcc1c54efb40c91e08013013dc6e1bcc24f3a169ac9ce31627a335f9fbfac11bed43f876a36d209156c3be527e1cf9df634107c0bce08e70f5cc16ece62be671edd081c9ce6e2658bd53d929ccedc4d94da74de7520aee40603956748fa08e9fe0341149142939ca5e2bf4185", @generic="5d103f28bf90599d39a115bdb840753e9a4fc0a119cb05419c1727a767d77be7b16a72e5c534d76092479fa57e72ee740f1bb5c418764913cb146e576eb141afa5bfffee4b8c5c84e2d2340deb03c1a2cff99fe7ae19b447e9b1a8ff5dee3270b5093b820108b44d76216a993d7cb95994758e0e0f93ffc6f94ed2f20722e720f171dca89485f16919de3a4d5b6aefcc245f58ae14e1350217ba85ec57076317a662fc8720855e30b7e69b", @nested={0x88, 0x42, [@typed={0x8, 0x1c, @fd=r2}, @generic="ebd9214c0c8efeaa3433c6d3dd8a311e082c6b1225fb0585ce85695d2f588c106dce338c220b42fc0b605f6e792e2ffd0ecc38425cdd730bf947375961bb2ea2a48f7c04acf0b365aaef567796213c26e3eee481d7dfc91b7071d6724a6a7a30616e77956b70fb576264e3a88830449698c4cd58934f3d80976bb6"]}]}, 0x290}], 0x4, &(0x7f0000001b40)=[@rights={{0x1c, 0x1, 0x1, [r0, r3, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r0, r0]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r4, r5]}}, @rights={{0x18, 0x1, 0x1, [r6, r7]}}, @cred={{0x1c, 0x1, 0x2, {r9, r10, r14}}}, @cred={{0x1c, 0x1, 0x2, {r15, r17, r23}}}, @rights={{0x14, 0x1, 0x1, [r24]}}], 0xd0, 0x4000}, 0x100) r25 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r25, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) getpeername$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14) setsockopt$packet_tx_ring(r25, 0x107, 0x5, &(0x7f0000000180)=@req3={0x1, 0x6, 0x4, 0x6, 0x3, 0xfffff001, 0xffff0001}, 0x1c) getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000100)=0x7800, &(0x7f0000000140)=0x2) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:09 executing program 1: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:35:09 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=.']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:09 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(0x0, &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 394.303566] overlayfs: workdir and upperdir must be separate subtrees [ 394.365526] bond0: Releasing backup interface bond_slave_1 [ 394.390985] bond0: Enslaving bond_slave_1 as an active interface with an up link 21:35:09 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./fi']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:09 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(0x0, &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 394.435312] overlayfs: workdir and upperdir must be separate subtrees [ 394.470151] net_ratelimit: 10 callbacks suppressed [ 394.470156] protocol 88fb is buggy, dev hsr_slave_0 [ 394.480294] protocol 88fb is buggy, dev hsr_slave_1 [ 394.480377] protocol 88fb is buggy, dev hsr_slave_0 [ 394.490451] protocol 88fb is buggy, dev hsr_slave_1 21:35:09 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./fi']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:09 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 394.538656] overlayfs: failed to resolve './fi': -2 [ 394.626005] overlayfs: failed to resolve './fi': -2 [ 396.310146] Bluetooth: hci0 command 0x1003 tx timeout [ 396.315454] Bluetooth: hci0 sending frame failed (-49) [ 398.390103] Bluetooth: hci0 command 0x1001 tx timeout [ 398.395394] Bluetooth: hci0 sending frame failed (-49) [ 400.470132] Bluetooth: hci0 command 0x1009 tx timeout 21:35:19 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./fi']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:19 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:35:19 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:19 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:19 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) openat$capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/capi20\x00', 0x171080, 0x0) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaa2a91003600810000000892abf767f1c14618c259561eef960045f4001c00000000000090787f000001340a000100004e26000890787319d669e6681f61416c5d611380a843140cb3f21de87e0e3f6d20293c65566e607dfc333978d1fc8d9aca095fd87b65dfb05afa45ae4064748cd010f794347d3663c83490ec8e4525ef6b48dc469b29f71a132ed09a0bae70e18433b59dc39b98d2f702e19416e73b63d34481261fa8319d2ee10fe45c6524536782d3ce117ae937e3194572470d0f6c31c1090076d62773fd39f3b57fccf0a0ea3e3e1e0800d106f0b38a5d2a256da6bad3b5718a6ba7d5866d244b68da7b93599b2d55b8c7a51d4d40346ed12a7e753618da4ece38fa13eb8b76f6a9b8190a684ab129f0766a5213f5e42673dab9149af56bd4d705d44dcc4c0837d8c37be807f82b303d1fe70abd8e05f57f7d959a0bedbe67085f42e9162ab09473a44fa2b3ae68febaacd34db0c467bc5600"], 0x0) r1 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f0000000400)={'syz'}, &(0x7f0000000000)='\x00', 0x1, 0xfffffffffffffffd) keyctl$revoke(0x3, r1) r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb) r3 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/avc/cache_stats\x00', 0x0, 0x0) fsetxattr$trusted_overlay_redirect(r3, &(0x7f00000001c0)='trusted.overlay.redirect\x00', &(0x7f0000000200)='./file0\x00', 0x8, 0x0) request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, r2) keyctl$unlink(0x9, r1, r2) 21:35:19 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0xfffffffe, 0xffffffffffffff3a) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:19 executing program 2: r0 = socket$packet(0x11, 0x1, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x40, 0x0) ioctl$CAPI_NCCI_OPENCOUNT(r1, 0x80044326, &(0x7f00000000c0)=0x200) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 404.367016] overlayfs: failed to resolve './fi': -2 21:35:19 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:19 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb) request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, r1) r2 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, r1) r3 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$negate(0xd, r2, 0xfffffffffffffb00, r3) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:35:19 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') [ 404.389220] Bluetooth: hci0: Frame reassembly failed (-84) 21:35:19 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:19 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:19 executing program 0: socket$packet(0x11, 0x3, 0x300) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 404.489651] overlayfs: failed to resolve './file': -2 [ 406.390125] Bluetooth: hci0 command 0x1003 tx timeout [ 406.395442] Bluetooth: hci0 sending frame failed (-49) [ 408.470106] Bluetooth: hci0 command 0x1001 tx timeout [ 408.475503] Bluetooth: hci0 sending frame failed (-49) [ 410.550135] Bluetooth: hci0 command 0x1009 tx timeout 21:35:29 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x0) 21:35:29 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:29 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:29 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x1ff, 0x4, 0x2, 0xca28}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000140)='SEG6\x00') sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x14, r2, 0x301}, 0x14}}, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:29 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x1, &(0x7f0000000180)=ANY=[@ANYPTR64=&(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRES64=r0, @ANYRESDEC, @ANYPTR, @ANYBLOB="b5b33d2eaecc8d1dae21d81d9ca9cd3470b23d66bfbc7d875f0fb45b1a09376805e1de5bfefd134c2c82733ace2d24243836cc2f406c77917864f3155d3a8f6e898996f070e2592178a6f5907927cfd1292f98991381c2b7077f085dcf060a10176dcbc89f13e440db986a807b82170aeec50df0f9f8dd37e499facdc61544bf06d9555504cd28f6d4e984847a1af5a9978f46552c6efb495ada0a5a86f29e617c62ed2796b0b5a3f2eb7b949c5300954b6d907eedb20b99d5a6e3ffd3a856", @ANYRES32, @ANYBLOB="8467068756e244b3", @ANYRESHEX=r0, @ANYBLOB="97d8f2d684212459c258cf97bdc3473ee9c94ea4bc4f0e313ad6f1e682bfe97e218979bd35aa9070ba666ff7119eb1287b40b99010e9b88be66a5b24e6ef89028a03272a4df20cf07ca72223278836127c8f3dc3916dd995a57b8fc356ad49445c4a83aacd582411c6abb34d4ca92ec3153b9ec740a0f9df033dac183596fd612535363710980cf34812e5b7d867ce9fdb8525c33c940fd64b051e7ddf685df65f91ebc71c387f916afb3db98e6a59525a25fbcae50cebc58d074c480c"]], 0x0) 21:35:29 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:29 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = dup3(r1, r2, 0x80000) ioctl$RNDGETENTCNT(r3, 0x80045200, &(0x7f0000000080)) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 414.602060] overlayfs: failed to resolve './file': -2 21:35:29 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:29 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001db00000100004e2600089078"], 0x0) 21:35:29 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:30 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x11, 0x0, 0x0, 0x1}, 0xffffffffffffff69) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 414.737522] overlayfs: failed to resolve './file': -2 21:35:30 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(0x0, 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 414.791686] protocol 88fb is buggy, dev hsr_slave_0 [ 414.799176] protocol 88fb is buggy, dev hsr_slave_0 [ 414.805565] protocol 88fb is buggy, dev hsr_slave_1 [ 415.110143] protocol 88fb is buggy, dev hsr_slave_0 [ 415.115265] protocol 88fb is buggy, dev hsr_slave_1 [ 415.120406] protocol 88fb is buggy, dev hsr_slave_0 [ 415.125456] protocol 88fb is buggy, dev hsr_slave_1 [ 415.270107] protocol 88fb is buggy, dev hsr_slave_0 [ 415.275210] protocol 88fb is buggy, dev hsr_slave_1 [ 415.280337] protocol 88fb is buggy, dev hsr_slave_0 [ 416.710071] Bluetooth: hci0 command 0x1003 tx timeout [ 416.715399] Bluetooth: hci0 sending frame failed (-49) [ 418.790134] Bluetooth: hci0 command 0x1001 tx timeout [ 418.795453] Bluetooth: hci0 sending frame failed (-49) [ 420.870122] Bluetooth: hci0 command 0x1009 tx timeout 21:35:40 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaa910036008100000008004520001c00000000000090787f000001e000000100004e2600089078"], 0x0) r1 = syz_open_dev$radio(&(0x7f0000003140)='/dev/radio#\x00', 0x0, 0x2) connect$x25(r1, &(0x7f0000003180)={0x9, @null=' \x00'}, 0x12) 21:35:40 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(0x0, 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 2: arch_prctl$ARCH_SET_GS(0x1001, &(0x7f0000000080)) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) clone(0x10000, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="ea72cdea4cbe4f2162ccf6a93448c6dd4473dc6a16bcfd9f698074cb1d175026b435266099092ba230a68de51161ea8c7126abcc035450915182cb995983ba02c9546de9b0162b45bb2b073a1eb5515af4c02fc060c0ea3ca33bea4f3d1fd416173b2f36fda06615d4e85ccda2b6aec69ba5b4be1382f869a1a6e8f1609f1262ef4aa13391170c4de99b017fe4483277553bfff216052618676651ec971a77f0884eb5a4c3cb520668784025c3b719f752261e00c3b7e84436ee91c67a1f6b77dd41df47d2e7c5aa331bf9f41a2234e0f5ac365a7ff02dc91be10623a7a9286f2804a921c76c1a5d69d3dc5c714d0c7201a76e3dbe1fb0339db1d1df98bb79e5063e52686cf06c76d0babe756040e301f8bd4e8c8c3dced3d05994736cb9d15d29b83b16d27ff5d103dbaeb21a2807a561bf48d391b07c0c20113a4908f73435b0298b40462f29740d6e45e4c8bb5c3d7b5ded674d739a942bc6f84539753d85e3fc5eadec7af9ca94fb992086389e6eed59fe8aceb2f7f9312c9ee8f097a51a19643d77076ddc11685370f5465e3e274d58cb99eb6bba8bf25256f64c2aaad99763c2d9462962b9f0c738c237f2667a6bd89448288737d3c6b3bc61d33392d308a86bd2b818fc9c29a6b219cddb00e3f8bcf317f21c8decc1382a4efef64ca0e242de954d7d434abe23293931bf9cee945da6cff327b4b6e2d0a2a47a26a68eb666fd3bf43efad456340afcc15ac726fc0514e7417fed2d81fd524a5ea474f29c3dbdd901cc9a8ea9bef7a2e9b3729b837dd946ded4ac3b64df920d2e0b4ee8f854b0715dd664994e94b6a3ae01105eee475bdb93236083c20d4f5888569446b049483a259d94fd60226f2c8dff5382f8bf677569ea1a624b09c6b638d75f52a413b99794f954279fbf12b04ada241741c43041cc57ff2d9434ecc9780060077cba417caf17b176b7fa8d75ac9e849e99c6242299306605f4da1776e10b097eb59a0e92e98f9c0cbb23805f1782fa2d79bc667f55b0819e43129812b9df3eef2d9af0852ffe697687c2b70e97306ea2dbe235f59a7395abb01010c153a9af253d49026a9b462e1c2e22f5665c941df9b4d567c1f3dd8330c2e8fb851c2cd1a567db4de6cf072920487bf16d6c9385699fd2983cc92f95b570b0e19e4b12229b9f2d9ea0b3f832150f403b035b3a7e508f67916f910e0a024a1f734e5e28e6179d41b0c7cb009a303e8083b0986b578d04fed5d577f3716557f596dbe65f5d7c3a34d539f45fbb1e3ef9bce1df3f7cc012ece74b4810067439da091aa77f0fd440cc057771f6cb0d9cd918b485d53edb656a228eef4aabdc3caf3fc6eae924679bf873109d93fbfa018dfb9eaf807af6d7b325dc45e089ce395a0c71f7bd9c1392b7336eed31c1eaf1b308de71f7078c47f933dcf1e98a5cc9deb90439410a05059ebb7b1efd2d8673e9d347b3ba231afdd2922bf1d31af4d0eb83c99aee6825a120a81fd9f079acd77502c8611c0fc9625bf33f025cf3eb5973caf063b93368ac7d68e5ba0d7a54d89ae9135de800b7f946fc92c867af14e6b2e5b62a02c934b68da286ae8be26036551c35a8264ee31db128f147b82e1c2e90cbe2550c5ef4cbc2d8d7a111821a234e987f8e59fbe1f9137ab40ea19b1ffdd007eaec2e287414c35e4422adaa5509ef7db71bb8defe1b9ba7999bd1798e1aeb31a00b191cee24ada4472c84480cffacdccdc63d6c1c27026dddfab7f54604c74434750ed21e0a914bbad69a08288e4b0a564c1bd4ddd8c2f900c5ec5f551ede7d80dfd1ff83478975e3f3a2604156565365a3bde0a4cc2ac155ac850221618b60b552bc38d9b50b647bbb8edfd517514a9b4b951ce1e2089ffdcf5b8fbdbf7088bba89f0c3d6452e0223e6cd27bad10816120d25b0f4ae172035950b92a64e85b3dbc0d0e3e01fcb098d9f784dd37dc19414b48fb7d0a1d4e966331bca54932da39617acbb6be6a97f7f871d9769720fd3875da75fdc763ffa20736c6f2cb04ede491b1f59a0e98b42dac40b7aa6039d463256a7eb8dca632ef522caff4747d3ddce002cf7b40cb6373993502b70e9e9cca0c63a721edfa831c3b9de99f029588c22d24baa650fd3b623cb6d63440c0a92474f2cfe40bf1dc93cadc0f41039765b1d65cef15aadd3a6af691f9fb2f379302561dad64ed6917652e9f7f9df0961d3e4fc7257b9c3f3a5ee8a78003af5c291035cdb2108ddbe8aa5c445c183023c24259e8a8ae9916768d2f91458070c74ef9b3b02b5436982ed10cc8c89c596615baa32bd761ae065d910086d62c1437300ef7e0270b119327a26bf3eb54c9bba6b430b36e9c9eb23d2886ddde941a4bfb3b5571442d11b2aa9a53ec5c33ea621061f1a942217a3048b9af818a9f8cb4184acd9268eee10b2b7d955c559d5d46efff65ee9f35457e2de07b358de54a91b2e6022fe5ed2d68bdab2cc8513048da80f1d66a5772e3c5d2252dbdb70ced9b14171c2805b4bacbb14a03d7d6d30547aa95529c67e4a86936ff4074311830804f816ab45a0bb15176d53c701f14e761d89f1c720cd21291b043ea76ab7e49cc63e47cbbe44c7d0a1c3516deee84cbf4919f1f08ebbca1d895be44656dea633a7a0e5d2ec5807192163b798ee7645fed482dcab23372ddac7b21736c091ff2adccb87883cfa38b6f5c091602a837b775ec82cb30badd17760fe3304ac903a51456f1494c9550a53daf0d83169a9d04a207a3db62aea880f1d4e90626670a436cc331344cb98d03ed33a20969acef88e7f2d558dbd16aeb92a3047419398c7a77883b47606ba9539415911237dbd61824ca1460cee5a358c45fb61d053fe9504612f6cb4c671fd5e267da5bf4b08211da7fa6c812c3144c6ff95e8abb82360cd9abcf00d054438bda59892bef69a6956e5d2f8339309bd615c5100a3f282eb3832be402c394f9cd96adece0d315ae13d28f90083762344ab96c59ebec122e4474190591eeedf6ae7e6c5f9b53a67082c9ec516a4c436f5eabfd0ccd738a169bf3ef9e4b781720dcf511aac1f309fab510eb1c7f9efe6be3c6ce44b197065894e185224f7e4047b800206b288d63f9276856b0d9f1fa2e661bcbde9ec8970b65529bbb5307b7e540afc3e1b2cfc2c1705827665c0bae6794607f3329e095c026b8f6e9b580e7e2fd13340ef7606e0348202bb8eeb6fd0a5c90bd9c6ef0cbf52213602085a4fcf656025eb3a27938294b61a804a00d6ee24f1e9c175be6933c3729254d383101a41f78ec8ebae058e07dfcd810bd9f069ac2b8bbd4bfb9d5b33747545f5e68275d0394c0f1d85c6f70083474014e5a3577bfa0bbdba998e0034928e9acb90deb1d00fc037031c1c01776ee0a6ba1f8d2955fe47eacd4cd6cd7f1d14a5605c557f5c1d4803a7cec88727773920b11574a2ab28d39fb206c7153c719f468d863ea7c7500fbe523a01bd24d2581a42a3b3be2204dbe65d19578c733a176b3de9f726bc17d57446d862df6f8ad80666d87799591bcd1364dbceeb56e3d119fea2baf39d7f06a9636d1184d36133bc21a705dff580cf66559c16314179f1174058407a3470b9d40b2098ecf982ab63c83344d7ce82bec65d90a837c950f92dc51599b71d082c0a68007d61c2429ff7d290a9bec36c37c60a8f46dd257053720712949592ed749ce0b9a8fedd8025bb52e440c7f22634bddf71745c0b71b2a404db6790a5a267a17cf591bf2ddc9cfb2be7c21388cf95a8e2bb4f8cdf121be0a3cf53c5e6fb96ea99c3e7301464e01cd9036602e0a86e48b79a41b3bf6a25894cfa65118c160791acf361b852557aafc9f3a983536e259e7d236ce5f47662a12931732e9618cad59b87806fa9020f2e000210fd016bf8a24b8f89dc8eae84cccde85a8568aa366922a57b6a4c55a59903de89692ffa5341c2d3d2aac2fbb358b405ab715ff79781ef2bcba8a7c6e4feb66ffb26ebe12ea3c094914f32234e50a433a198e2cab0c9e359bcbf4d5bc75eee8ffc12fd24fb6e98616c8fdd41b13b5fd10ec99ff6bd174c017f8b5f282be26d76f33a5e9ec74b7bed690b2003922e15a2a3a62828116ed57304091225f1fcb4ebc98c829f63ed5fe6396521c031608e3bf2041b07888156e849575caca327baa428ffe162b8d2d6272f2ab499bae6036b79363c2cb78bde7e91523706ba4a7ee041d10b87c3c22b2af3964ae0e03630a8a5898313a538ba8924e454e51d2cb0b66ac92cedf398227254ff7ccda76f8a65716d0a597f90711416b143c7cf45e2329b05ae3c39e87ff9baa7ebeb9c231f428650c92fb8a58bc480f77d1b16060c77c3dd863bede49b46b84ee2cf3222d8bd86b74eb155758c236400ca1a39a5391bdcfaa4afde15a5a24513a31e75c5f1a9738981f3ce6edbb9e64fe1110dd2d255b1045a6f5d12b35242b105404f7c3aade127bb1872c26c04da628ddb775a515a8a7228d6ee6f0f8dbadd6a0b43b7024e92d684be99cbfddd47fbb7c1b813f127fab57042cd93009dc57ec7b01eba3a5f39cbed65ff998c7f25fcbada551dca44237b5c70da96fd42caacc3f9aacf25d680f783732940c7ccda1172e7dc0c2df2cc3e4928cc87e3fa15f3f660c5c0ec147c41c4b3c89d6c09a279646cea8072e068521578a2272ab2c7d62b79411c304754171bb5cdd6ebd1a21cfd568b6616c8c5e9befece35c8e8aa856ddfcc3f377f9659e64111897c1ba66140e1fd4224f9aa98233753a10505fff2af5ed6f79d839135a4db0900bb111c816948a779a48b12a383d5458132ae54a94ba479c1e88dc710fbf1f14c4e8f0afa87ea3f05dc35d4cd08e9bc33670d441c85cc2c2b8df2e36d3cd9a0c1b8cc4cf839216a3246fe518ffb801d323d5a6d254d68fd07f50ff19aac3d6a19a4702914a6f3a28c212d89985ab4a17b86f57a56004cf86ab07dfa5b936defb00a015becc2c5e66faaef630386e7608926f1320be1b4485a481006d735d1aa13703d417290a988706515146da48d86aec48b3457031f42fdebec26a48eccf47095cc150edcd5c3b00c72185f9eef87f901ef77fd0ddd9cbc0ecc4258fd542788befdcd0f6a8b0c7cf59248b347e9e933fbc11b232ef85187a79666a4e192d7c4b52bc743ba6e94b93a28994f61eec388fa75b8f87d057bc6cc2aebdbd34c8ac145c3a5d1c451ba7639ac5b4d4cd9d68c92f6cdedb9ca0d07b362fd138e6e6f4866db0e1e26bf7155376afd981d1aff4673fddfe016aef76bdbca87e383c9eee8ec13aa5e365b4bcf5da6045bfa09401d6bf7312e54e67fed2a125544a0cd770d806158082187a749c54ae0233281dcef4dc4deb5e8168cf8ae4dc5e7b210b35e567efce9dd99c8498242d5771a0364bab135ac1922bf53c2dfaed101c3a417031dfa77ef31582d1d421f5783156953f1c36068d8f88794e9968d699bd2c8204fc5ec00ead4d9d9babecafa8b81c9ec1b72d4f1c360204be89171d40d671087454d9e3a7f801988c4781ff87c2d93c9f2877cf1e2ccfb8ad5008e4fa5052fc5bf5aac92a64ef86b829f92149adaa17253a9f04913b19090e1f5c006419e6e6352a839580edfb70c22015dfb205ae20f745e56cdad6d0da71ee8d8909273162bba57808f3928ce289be6ee6e1bb8c94b219730cce5f2a01d345d24c7004deb558e9c66e1c90893fc4c12fedf6e3e6d00ee0ad47dedd44da3354cb8a82cfcd34385ab8acd17e74248c3f70fddb177df42e0b8b3944a52ca91bd5973dd81a4741d192ada5a431cd53b74f069473bb") setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:40 executing program 5: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$UI_DEV_DESTROY(r1, 0x5502) syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)) 21:35:40 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x19d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x1, 0x2, 0x0, 0x100000005}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="0a0775db7b2803b4f0a12585675d26b0d5e383e5b3b60ced5c54dbb7295df0df8217ad62005127000000000000e60000", 0x30) accept$alg(r0, 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) mkdir(&(0x7f0000000080)='./file0\x00', 0x9623f13c016a976c) syz_emit_ethernet(0x32, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e26000000000000c000002655fc91d6defd5001491fdb0e596012c5fd59a738ac96014b51b637eba3d3442aa8660a3379c851650fe235e81952d5d91c883464a597078fca5ece8ee6fe23c1bdf01927a86d9d039bb3df3ce74c29b7aa7caba9ce3395e379eef4c35fd9476ceafe1cb29a8ff302"], 0x0) 21:35:40 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:35:40 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(0x0, 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) [ 425.190170] net_ratelimit: 1 callbacks suppressed [ 425.190175] protocol 88fb is buggy, dev hsr_slave_0 [ 425.200125] protocol 88fb is buggy, dev hsr_slave_1 [ 425.205236] protocol 88fb is buggy, dev hsr_slave_0 [ 425.210397] protocol 88fb is buggy, dev hsr_slave_1 21:35:40 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:40 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x711200) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x2) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$ASHMEM_GET_SIZE(0xffffffffffffffff, 0x7704, 0x0) ioctl$SIOCAX25GETINFO(r2, 0x89ed, &(0x7f00000000c0)) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 425.510148] protocol 88fb is buggy, dev hsr_slave_0 [ 425.515279] protocol 88fb is buggy, dev hsr_slave_1 [ 425.520378] protocol 88fb is buggy, dev hsr_slave_0 [ 425.525498] protocol 88fb is buggy, dev hsr_slave_1 [ 425.670140] protocol 88fb is buggy, dev hsr_slave_0 [ 425.675335] protocol 88fb is buggy, dev hsr_slave_1 21:35:41 executing program 5: perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp6\x00') ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0) preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 21:35:41 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000100)={'hwsim0\x00', {0x2, 0x4e24, @loopback}}) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000040)={0x2}) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req={0x3, 0x4, 0x81, 0x1b}, 0x10) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) connect$packet(r2, &(0x7f00000000c0)={0x11, 0x1c, 0x0, 0x1, 0xe1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xac07f1009d9f91aa}}, 0x14) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:41 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, 0x0, r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 5: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') epoll_pwait(r0, &(0x7f0000000380)=[{}, {}, {}, {}], 0x4, 0x10000000, &(0x7f00000003c0)={0x5}, 0x8) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, 0x0, r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0xfffc, 0x1, 0x10000, 0x1, 0x800000}, 0x1c) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000280), &(0x7f0000000080)=0x4) syz_emit_ethernet(0x1, &(0x7f0000000180)=ANY=[@ANYRESDEC], 0x0) 21:35:41 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, 0x0, r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 426.282195] overlayfs: missing 'lowerdir' 21:35:41 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 2: openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x80000, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:41 executing program 5 (fault-call:2 fault-nth:0): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:35:41 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:41 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 426.691919] FAULT_INJECTION: forcing a failure. [ 426.691919] name failslab, interval 1, probability 0, space 0, times 0 [ 426.705978] overlayfs: missing 'lowerdir' [ 426.709409] CPU: 1 PID: 11550 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 426.717152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 426.726503] Call Trace: [ 426.729093] dump_stack+0x138/0x197 [ 426.732733] should_fail.cold+0x10f/0x159 [ 426.736891] should_failslab+0xdb/0x130 21:35:42 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 426.740870] kmem_cache_alloc_trace+0x2e9/0x790 [ 426.745548] hci_alloc_dev+0x43/0x1c60 [ 426.749439] hci_uart_tty_ioctl+0x27e/0xa20 [ 426.753772] tty_ioctl+0x8f7/0x1320 [ 426.757394] ? hci_uart_tty_poll+0x10/0x10 [ 426.761617] ? tty_vhangup+0x30/0x30 [ 426.761638] ? __might_sleep+0x93/0xb0 [ 426.761647] ? __fget+0x210/0x370 [ 426.761663] ? tty_vhangup+0x30/0x30 [ 426.761674] do_vfs_ioctl+0x7ae/0x1060 [ 426.761689] ? selinux_file_mprotect+0x5d0/0x5d0 [ 426.769254] ? lock_downgrade+0x740/0x740 21:35:42 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 426.789124] ? ioctl_preallocate+0x1c0/0x1c0 [ 426.793526] ? __fget+0x237/0x370 [ 426.796985] ? security_file_ioctl+0x89/0xb0 [ 426.798612] overlayfs: missing 'lowerdir' [ 426.801390] SyS_ioctl+0x8f/0xc0 [ 426.801401] ? do_vfs_ioctl+0x1060/0x1060 [ 426.801414] do_syscall_64+0x1e8/0x640 [ 426.801423] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.801440] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 426.801448] RIP: 0033:0x45a219 [ 426.801456] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 21:35:42 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 426.837825] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 426.837832] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 426.837837] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 426.837842] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 426.837849] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 426.859264] Bluetooth: Can't allocate HCI device [ 426.910887] overlayfs: missing 'lowerdir' 21:35:42 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:42 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) socketpair(0x22, 0x6, 0x2, &(0x7f0000000080)={0xffffffffffffffff}) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f00000000c0)=@req={0x7fffffff, 0x5, 0x6df9, 0x3}, 0x10) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:42 executing program 5 (fault-call:2 fault-nth:1): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:35:42 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:42 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x10002, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) fcntl$setpipe(r3, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0) ioctl$SIOCGETNODEID(r1, 0x89e1, &(0x7f00000000c0)={0x1}) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaa2a9100360081c467c405bd000000080045f4001c00000000000090787f000001e000000100004e"], 0x0) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) 21:35:42 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 427.158413] FAULT_INJECTION: forcing a failure. [ 427.158413] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 427.170252] CPU: 0 PID: 11579 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 427.177280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.186618] Call Trace: [ 427.189193] dump_stack+0x138/0x197 [ 427.192810] should_fail.cold+0x10f/0x159 [ 427.196945] __alloc_pages_nodemask+0x1d6/0x7a0 [ 427.201609] ? __alloc_pages_slowpath+0x2930/0x2930 [ 427.206631] cache_grow_begin+0x80/0x400 [ 427.210695] kmem_cache_alloc_trace+0x6b2/0x790 [ 427.215362] hci_alloc_dev+0x43/0x1c60 [ 427.219289] hci_uart_tty_ioctl+0x27e/0xa20 [ 427.223605] tty_ioctl+0x8f7/0x1320 [ 427.227214] ? hci_uart_tty_poll+0x10/0x10 [ 427.231442] ? tty_vhangup+0x30/0x30 [ 427.235211] ? __might_sleep+0x93/0xb0 [ 427.239124] ? __fget+0x210/0x370 [ 427.242568] ? tty_vhangup+0x30/0x30 [ 427.246269] do_vfs_ioctl+0x7ae/0x1060 [ 427.250147] ? selinux_file_mprotect+0x5d0/0x5d0 [ 427.254902] ? lock_downgrade+0x740/0x740 [ 427.259047] ? ioctl_preallocate+0x1c0/0x1c0 [ 427.263501] ? __fget+0x237/0x370 [ 427.266938] ? security_file_ioctl+0x89/0xb0 [ 427.271337] SyS_ioctl+0x8f/0xc0 [ 427.274738] ? do_vfs_ioctl+0x1060/0x1060 [ 427.278872] do_syscall_64+0x1e8/0x640 [ 427.282743] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.287582] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 427.292754] RIP: 0033:0x45a219 [ 427.295922] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 427.303087] audit: type=1326 audit(1573248942.572:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=11573 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 427.303613] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 427.303620] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 427.303626] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 427.303632] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 21:35:42 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:42 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:42 executing program 2: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') r1 = getpid() pipe(&(0x7f0000000300)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000280)={0x0, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x2, 0x4e20, @broadcast}, {0x2, 0x4e23, @multicast1}, 0xd0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000240)='eql\x00', 0xc0000000000, 0x7, 0x7}) r3 = gettid() sched_setattr(r3, &(0x7f0000000200)={0x409, 0x2, 0x1, 0x0, 0x3, 0xffffffffffffffff, 0x8000, 0x8000}, 0x39e8178f415a3e18) r4 = syz_open_procfs(r1, &(0x7f0000000080)='net/icmp\x00') ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f00000000c0)={0xb6, 0x1, "cfd87b4c003aff2a821aa4c4c811eeadbbbcbdaebfaf4e080e3c1824e7941eabae0b84b4ef7bae749e04269cd7dc49ee1810c4490cbee59ffa4015ff7959d8630ed57f63800036af2d4f9249a82a437b73a850846091bf718091436fec72f49408e6d76a571f5ace7be634782ba42fa65f36165278644488b92e9681e525f151f6f9571216d208c788ba27e269b2773113e74db055b64c2f5427c8113d2e14f75e9224c8de1026c3c2e658f8d2de93fce9f01d6651fcaff3c1cd02b8748566c5216072b4b9a00644d7a80185515e2d12ba51b6a2363ad634a2f9fb3d93352a7cf3714d7d74e27be478f194027194dada82fe91299f9a63e76d3eef5af062e3f4"}) 21:35:42 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') [ 427.303638] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 21:35:42 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 427.436312] overlayfs: missing 'lowerdir' 21:35:42 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:42 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, 0x0) 21:35:42 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 427.519840] overlayfs: missing 'lowerdir' [ 427.595322] overlayfs: missing 'lowerdir' [ 429.430167] Bluetooth: hci0 command 0x1003 tx timeout [ 429.435448] Bluetooth: hci0 sending frame failed (-49) [ 431.510124] Bluetooth: hci0 command 0x1001 tx timeout [ 431.515418] Bluetooth: hci0 sending frame failed (-49) [ 433.590137] Bluetooth: hci0 command 0x1009 tx timeout 21:35:52 executing program 5 (fault-call:2 fault-nth:2): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:35:52 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:52 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:52 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, 0x0) 21:35:52 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaa0045f4001c00000000000090787f000001e000000100004e2600040078be771ba774f4c47f666feb5c9f75bb76542e2ad86c173804e51a2922a79162ac62884a689edfc85e07c39a698e18b84e30c458fa998bed0fa95e2e6bc5ea13903e6010d5227c020e2a70d59d63624210e20b537feee55ce3afa538d7f237cdecf9343869135ed7e19d94132c174b0faa513de08fc6978ceab54a129a803904b15212952bdb61e9bc47b489177a9f5fba60631bbc5bbcbdf2c999c1dc4f924fbbc73e31b23a6a422b50e4c5025652cca3e681b0399364169d090efa4b2cff4295d66b255cf3684c1217109bfe56e146c27838703df15a02c5f7f40424c10cb62f3cd5a83e33efc18a556b22"], 0x0) 21:35:52 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0xfffffff8, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:52 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0xffffffff, 0x1, 0x1f, 0x7, 0x11, 0x0, 0x8, 0x5, 0x7, 0x5, 0x7fff}) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:52 executing program 4: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, 0x0) 21:35:52 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r1, 0x114, 0x7, &(0x7f00000001c0)={@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x1, 0x4, 0x4, 0x1, {0xa, 0x4e21, 0x1, @remote, 0x1f88}}}, {&(0x7f00000000c0)=""/46, 0x2e}, &(0x7f0000000100), 0x24}, 0xa0) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0xfffffffe}, 0xffffffffffffff98) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 437.654847] overlayfs: missing 'lowerdir' [ 437.655111] FAULT_INJECTION: forcing a failure. [ 437.655111] name failslab, interval 1, probability 0, space 0, times 0 21:35:52 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:53 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 437.766320] CPU: 1 PID: 11633 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 437.773375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 437.783515] Call Trace: [ 437.786112] dump_stack+0x138/0x197 [ 437.789748] should_fail.cold+0x10f/0x159 [ 437.793901] should_failslab+0xdb/0x130 [ 437.797883] kmem_cache_alloc_trace+0x2e9/0x790 [ 437.802558] ? pm_runtime_init+0x355/0x400 [ 437.806798] ? device_initialize+0x18d/0x430 [ 437.811211] bcsp_open+0x46/0x3d0 [ 437.814669] hci_uart_tty_ioctl+0x668/0xa20 [ 437.814756] overlayfs: unrecognized mount option "lowerdir" or missing value [ 437.818997] tty_ioctl+0x8f7/0x1320 [ 437.819007] ? hci_uart_tty_poll+0x10/0x10 [ 437.819019] ? tty_vhangup+0x30/0x30 [ 437.819037] ? __might_sleep+0x93/0xb0 [ 437.819050] ? __fget+0x210/0x370 [ 437.845076] ? tty_vhangup+0x30/0x30 [ 437.848795] do_vfs_ioctl+0x7ae/0x1060 [ 437.852687] ? selinux_file_mprotect+0x5d0/0x5d0 [ 437.857444] ? lock_downgrade+0x740/0x740 [ 437.861591] ? ioctl_preallocate+0x1c0/0x1c0 21:35:53 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 437.866000] ? __fget+0x237/0x370 [ 437.869456] ? security_file_ioctl+0x89/0xb0 [ 437.873869] SyS_ioctl+0x8f/0xc0 [ 437.877230] ? do_vfs_ioctl+0x1060/0x1060 [ 437.881380] do_syscall_64+0x1e8/0x640 [ 437.885268] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 437.890120] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 437.895309] RIP: 0033:0x45a219 [ 437.898493] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 437.906204] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 437.913468] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 437.920737] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 437.928008] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 437.935275] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 21:35:53 executing program 5 (fault-call:2 fault-nth:3): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:35:53 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:53 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaa2e9100360081000000080045f4001c000000002606135e1fb635bc768b000090e67f000001e000000100004e2600089078"], 0x0) 21:35:53 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:53 executing program 4: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x2000000000000074, 0x4) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmsg$nl_netfilter(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[], 0x321}}, 0x0) socket$inet(0x2, 0x0, 0x0) socket(0x0, 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket(0x0, 0x0, 0x0) socket(0x0, 0x0, 0x0) sendto$inet(r0, &(0x7f00000012c0)="20268a92", 0x4, 0x0, 0x0, 0x0) [ 437.975782] overlayfs: unrecognized mount option "lowerdir" or missing value [ 437.990114] net_ratelimit: 10 callbacks suppressed [ 437.990119] protocol 88fb is buggy, dev hsr_slave_0 [ 438.001048] protocol 88fb is buggy, dev hsr_slave_1 [ 438.006140] protocol 88fb is buggy, dev hsr_slave_0 [ 438.011245] protocol 88fb is buggy, dev hsr_slave_1 21:35:53 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000001c0)={{{@in=@empty, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in=@remote}}, &(0x7f00000000c0)=0xe8) setfsuid(r2) openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0) [ 438.068715] overlayfs: unrecognized mount option "lowerdir" or missing value [ 438.106864] FAULT_INJECTION: forcing a failure. [ 438.106864] name failslab, interval 1, probability 0, space 0, times 0 [ 438.150103] protocol 88fb is buggy, dev hsr_slave_0 [ 438.155275] protocol 88fb is buggy, dev hsr_slave_1 [ 438.160445] protocol 88fb is buggy, dev hsr_slave_0 [ 438.165504] protocol 88fb is buggy, dev hsr_slave_1 [ 438.216815] CPU: 1 PID: 11671 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 438.223871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 438.233222] Call Trace: [ 438.235795] dump_stack+0x138/0x197 [ 438.239408] should_fail.cold+0x10f/0x159 [ 438.243548] should_failslab+0xdb/0x130 [ 438.247508] kmem_cache_alloc_trace+0x2e9/0x790 [ 438.252172] ? vsnprintf+0x290/0x1560 [ 438.255953] ? __alloc_workqueue_key+0x114/0xec0 [ 438.260744] __alloc_workqueue_key+0x15f/0xec0 [ 438.265338] ? pointer+0xb10/0xb10 [ 438.268870] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 438.273876] ? scnprintf+0x100/0x100 [ 438.277602] ? ida_remove+0x230/0x230 [ 438.281386] ? __lockdep_init_map+0x10c/0x570 [ 438.285865] hci_register_dev+0x1a7/0x810 [ 438.290008] hci_uart_tty_ioctl+0x6a8/0xa20 [ 438.294370] tty_ioctl+0x8f7/0x1320 [ 438.297985] ? hci_uart_tty_poll+0x10/0x10 [ 438.302207] ? tty_vhangup+0x30/0x30 [ 438.305906] ? __might_sleep+0x93/0xb0 [ 438.309774] ? __fget+0x210/0x370 [ 438.313221] ? tty_vhangup+0x30/0x30 [ 438.316922] do_vfs_ioctl+0x7ae/0x1060 [ 438.320793] ? selinux_file_mprotect+0x5d0/0x5d0 [ 438.325541] ? lock_downgrade+0x740/0x740 [ 438.329669] ? ioctl_preallocate+0x1c0/0x1c0 [ 438.334060] ? __fget+0x237/0x370 [ 438.337509] ? security_file_ioctl+0x89/0xb0 [ 438.341921] SyS_ioctl+0x8f/0xc0 [ 438.345284] ? do_vfs_ioctl+0x1060/0x1060 [ 438.349442] do_syscall_64+0x1e8/0x640 [ 438.353312] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 438.358141] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 438.363323] RIP: 0033:0x45a219 [ 438.366494] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 438.374188] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 438.381437] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 438.388686] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 438.395938] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 438.403186] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 438.417387] Bluetooth: Can't register HCI device 21:35:53 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:53 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,wor']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:53 executing program 4: r0 = creat(&(0x7f0000000140)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xffdbc2ca) write(0xffffffffffffffff, &(0x7f00000001c0)="b9", 0x1) fremovexattr(r0, &(0x7f00000001c0)=ANY=[]) 21:35:53 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f00000000c0), 0xfd2a}], 0x1, 0x0) ioctl$SIOCX25SFACILITIES(r1, 0x89e3, &(0x7f0000000080)={0x26, 0x401, 0xc, 0xb, 0xfff}) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:53 executing program 5 (fault-call:2 fault-nth:4): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 438.562581] FAULT_INJECTION: forcing a failure. [ 438.562581] name failslab, interval 1, probability 0, space 0, times 0 [ 438.575717] CPU: 0 PID: 11698 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 438.582937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 438.592287] Call Trace: [ 438.594967] dump_stack+0x138/0x197 [ 438.598610] should_fail.cold+0x10f/0x159 [ 438.602770] should_failslab+0xdb/0x130 [ 438.606751] __kmalloc+0x2f0/0x7a0 [ 438.610299] ? __lock_is_held+0xb6/0x140 [ 438.614366] ? apply_wqattrs_prepare+0xad/0x960 [ 438.619040] apply_wqattrs_prepare+0xad/0x960 [ 438.623563] apply_workqueue_attrs_locked+0xa7/0x120 [ 438.628678] apply_workqueue_attrs+0x31/0x50 [ 438.633095] __alloc_workqueue_key+0x78d/0xec0 [ 438.637676] ? pointer+0xb10/0xb10 [ 438.641221] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 438.646239] ? ida_remove+0x230/0x230 [ 438.650039] ? __lockdep_init_map+0x10c/0x570 [ 438.654548] hci_register_dev+0x1a7/0x810 [ 438.658702] hci_uart_tty_ioctl+0x6a8/0xa20 [ 438.663025] tty_ioctl+0x8f7/0x1320 [ 438.666650] ? hci_uart_tty_poll+0x10/0x10 [ 438.670883] ? tty_vhangup+0x30/0x30 [ 438.674604] ? __might_sleep+0x93/0xb0 [ 438.678490] ? __fget+0x210/0x370 [ 438.681951] ? tty_vhangup+0x30/0x30 [ 438.685664] do_vfs_ioctl+0x7ae/0x1060 [ 438.689555] ? selinux_file_mprotect+0x5d0/0x5d0 [ 438.694316] ? lock_downgrade+0x740/0x740 [ 438.698466] ? ioctl_preallocate+0x1c0/0x1c0 [ 438.702878] ? __fget+0x237/0x370 [ 438.706340] ? security_file_ioctl+0x89/0xb0 [ 438.710747] SyS_ioctl+0x8f/0xc0 [ 438.714115] ? do_vfs_ioctl+0x1060/0x1060 [ 438.718265] do_syscall_64+0x1e8/0x640 [ 438.722160] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 438.727007] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 438.732193] RIP: 0033:0x45a219 [ 438.735378] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 438.743091] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 438.750357] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 21:35:54 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,wor']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:54 executing program 5 (fault-call:2 fault-nth:5): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 438.757623] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 438.764890] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 438.772165] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 438.800873] Bluetooth: Can't register HCI device 21:35:54 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 438.891133] FAULT_INJECTION: forcing a failure. [ 438.891133] name failslab, interval 1, probability 0, space 0, times 0 [ 438.922708] overlayfs: unrecognized mount option "wor" or missing value 21:35:54 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,wor']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 438.953679] CPU: 0 PID: 11709 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 438.960728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 438.970081] Call Trace: [ 438.972679] dump_stack+0x138/0x197 [ 438.976311] should_fail.cold+0x10f/0x159 [ 438.980449] should_failslab+0xdb/0x130 [ 438.984406] __kmalloc+0x2f0/0x7a0 [ 438.987940] ? __lock_is_held+0xb6/0x140 [ 438.991985] ? apply_wqattrs_prepare+0xad/0x960 [ 438.996668] apply_wqattrs_prepare+0xad/0x960 [ 439.001156] apply_workqueue_attrs_locked+0xa7/0x120 [ 439.006280] apply_workqueue_attrs+0x31/0x50 [ 439.010669] __alloc_workqueue_key+0x78d/0xec0 [ 439.015275] ? pointer+0xb10/0xb10 [ 439.018814] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 439.023809] ? ida_remove+0x230/0x230 [ 439.027589] ? __lockdep_init_map+0x10c/0x570 [ 439.032071] hci_register_dev+0x1a7/0x810 [ 439.036201] hci_uart_tty_ioctl+0x6a8/0xa20 [ 439.040503] tty_ioctl+0x8f7/0x1320 [ 439.044105] ? hci_uart_tty_poll+0x10/0x10 [ 439.048317] ? tty_vhangup+0x30/0x30 [ 439.052013] ? __might_sleep+0x93/0xb0 [ 439.055883] ? __fget+0x210/0x370 [ 439.059329] ? tty_vhangup+0x30/0x30 [ 439.063020] do_vfs_ioctl+0x7ae/0x1060 [ 439.066886] ? selinux_file_mprotect+0x5d0/0x5d0 [ 439.071623] ? lock_downgrade+0x740/0x740 [ 439.075765] ? ioctl_preallocate+0x1c0/0x1c0 [ 439.080153] ? __fget+0x237/0x370 [ 439.083588] ? security_file_ioctl+0x89/0xb0 [ 439.087978] SyS_ioctl+0x8f/0xc0 [ 439.091374] ? do_vfs_ioctl+0x1060/0x1060 [ 439.095517] do_syscall_64+0x1e8/0x640 [ 439.099388] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 439.104220] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 439.109391] RIP: 0033:0x45a219 [ 439.112561] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 439.120256] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 439.127509] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 439.134759] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 439.142008] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 21:35:54 executing program 4: shmget$private(0x0, 0xd000, 0x0, &(0x7f0000ff3000/0xd000)=nil) r0 = shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x7000) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) shmdt(r0) 21:35:54 executing program 0: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x4000, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000500)={0x4, 0x0, [{0x0, 0xd2, &(0x7f00000001c0)=""/210}, {0x100000, 0xcf, &(0x7f00000006c0)=""/207}, {0x6000, 0x7e, &(0x7f00000003c0)=""/126}, {0x0, 0x8f, &(0x7f0000000440)=""/143}]}) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x3, 0x10000) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, &(0x7f00000000c0)) ioctl$NBD_CLEAR_QUE(r2, 0xab05) [ 439.149255] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 439.164891] Bluetooth: Can't register HCI device 21:35:54 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:54 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000280)={0xa, 0x4e22, 0x0, @ipv4={[], [], @local}}, 0x1c) accept4(r0, 0x0, 0x0, 0x0) 21:35:54 executing program 5 (fault-call:2 fault-nth:6): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 439.237526] audit: type=1400 audit(1573248954.502:144): avc: denied { map } for pid=11717 comm="syz-executor.4" path="/dev/zero" dev="devtmpfs" ino=18 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:zero_device_t:s0 tclass=chr_file permissive=1 21:35:54 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=.']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 439.306530] overlayfs: unrecognized mount option "wor" or missing value [ 439.331591] FAULT_INJECTION: forcing a failure. [ 439.331591] name failslab, interval 1, probability 0, space 0, times 0 [ 439.349369] CPU: 1 PID: 11734 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 439.356404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 439.356979] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 439.365751] Call Trace: [ 439.365824] dump_stack+0x138/0x197 [ 439.365842] should_fail.cold+0x10f/0x159 [ 439.365859] should_failslab+0xdb/0x130 [ 439.365873] kmem_cache_alloc_trace+0x2e9/0x790 [ 439.365888] ? apply_wqattrs_prepare+0xad/0x960 [ 439.365900] apply_wqattrs_prepare+0xe1/0x960 [ 439.365917] apply_workqueue_attrs_locked+0xa7/0x120 [ 439.409134] apply_workqueue_attrs+0x31/0x50 [ 439.413532] __alloc_workqueue_key+0x78d/0xec0 [ 439.418093] ? pointer+0xb10/0xb10 [ 439.421618] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 439.426618] ? ida_remove+0x230/0x230 [ 439.430399] ? __lockdep_init_map+0x10c/0x570 [ 439.434878] hci_register_dev+0x1a7/0x810 [ 439.439019] hci_uart_tty_ioctl+0x6a8/0xa20 [ 439.443324] tty_ioctl+0x8f7/0x1320 [ 439.446930] ? hci_uart_tty_poll+0x10/0x10 [ 439.451145] ? tty_vhangup+0x30/0x30 [ 439.454848] ? __might_sleep+0x93/0xb0 [ 439.458716] ? __fget+0x210/0x370 [ 439.462154] ? tty_vhangup+0x30/0x30 [ 439.465848] do_vfs_ioctl+0x7ae/0x1060 [ 439.469720] ? selinux_file_mprotect+0x5d0/0x5d0 [ 439.474454] ? lock_downgrade+0x740/0x740 [ 439.478584] ? ioctl_preallocate+0x1c0/0x1c0 [ 439.482974] ? __fget+0x237/0x370 [ 439.486412] ? security_file_ioctl+0x89/0xb0 [ 439.490801] SyS_ioctl+0x8f/0xc0 [ 439.494147] ? do_vfs_ioctl+0x1060/0x1060 [ 439.498278] do_syscall_64+0x1e8/0x640 [ 439.502144] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 439.506971] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 439.512142] RIP: 0033:0x45a219 [ 439.515312] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 439.523004] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 439.530252] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 439.537501] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 439.544924] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 439.552174] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 439.588628] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. 21:35:54 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x20) ioctl$TUNSETVNETBE(r1, 0x400454de, &(0x7f00000000c0)) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:54 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x1a00, 0x4) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:35:54 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:54 executing program 4: r0 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@loopback, 0x0, 0x0, 0x100000003, 0x1, 0x0, 0x0, 0x400000000}, 0x2a) [ 439.631065] Bluetooth: Can't register HCI device 21:35:54 executing program 5 (fault-call:2 fault-nth:7): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 439.659077] overlayfs: workdir and upperdir must be separate subtrees 21:35:55 executing program 4: r0 = socket$inet6(0xa, 0x400000000001, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f00000000c0)={'NETMAP\x00'}, &(0x7f0000000180)=0x1e) 21:35:55 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=.']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:55 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) setsockopt$packet_int(r2, 0x107, 0xe, &(0x7f0000000080)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 439.739590] FAULT_INJECTION: forcing a failure. [ 439.739590] name failslab, interval 1, probability 0, space 0, times 0 21:35:55 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0xfffffffffffffc38) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000080)=@req3={0xc, 0xffffd3ab, 0x6, 0x9, 0xdd0, 0x5, 0x1000}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 439.811510] CPU: 1 PID: 11758 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 439.818558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 439.818563] Call Trace: [ 439.818579] dump_stack+0x138/0x197 [ 439.818596] should_fail.cold+0x10f/0x159 [ 439.838284] should_failslab+0xdb/0x130 [ 439.842260] kmem_cache_alloc_trace+0x2e9/0x790 [ 439.846937] apply_wqattrs_prepare+0x16d/0x960 [ 439.851541] apply_workqueue_attrs_locked+0xa7/0x120 [ 439.856648] apply_workqueue_attrs+0x31/0x50 21:35:55 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') [ 439.861064] __alloc_workqueue_key+0x78d/0xec0 [ 439.865639] ? pointer+0xb10/0xb10 [ 439.865658] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 439.865673] ? ida_remove+0x230/0x230 [ 439.865686] ? __lockdep_init_map+0x10c/0x570 [ 439.865702] hci_register_dev+0x1a7/0x810 [ 439.886628] hci_uart_tty_ioctl+0x6a8/0xa20 [ 439.890958] tty_ioctl+0x8f7/0x1320 [ 439.894586] ? hci_uart_tty_poll+0x10/0x10 [ 439.898834] ? tty_vhangup+0x30/0x30 [ 439.902560] ? __might_sleep+0x93/0xb0 [ 439.906447] ? __fget+0x210/0x370 21:35:55 executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffff4}]}) [ 439.909907] ? tty_vhangup+0x30/0x30 [ 439.913629] do_vfs_ioctl+0x7ae/0x1060 [ 439.917519] ? selinux_file_mprotect+0x5d0/0x5d0 [ 439.922274] ? lock_downgrade+0x740/0x740 [ 439.926411] ? ioctl_preallocate+0x1c0/0x1c0 [ 439.930822] ? __fget+0x237/0x370 [ 439.934283] ? security_file_ioctl+0x89/0xb0 [ 439.938700] SyS_ioctl+0x8f/0xc0 [ 439.940281] overlayfs: workdir and upperdir must be separate subtrees [ 439.942065] ? do_vfs_ioctl+0x1060/0x1060 [ 439.942081] do_syscall_64+0x1e8/0x640 [ 439.942089] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 439.942105] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 439.966676] RIP: 0033:0x45a219 [ 439.969867] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 439.977575] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 439.984836] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 439.992093] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 439.999348] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 21:35:55 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=.']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:55 executing program 5 (fault-call:2 fault-nth:8): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 440.006604] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 440.017317] Bluetooth: Can't register HCI device [ 440.070132] protocol 88fb is buggy, dev hsr_slave_0 [ 440.075279] protocol 88fb is buggy, dev hsr_slave_1 [ 440.104270] FAULT_INJECTION: forcing a failure. [ 440.104270] name failslab, interval 1, probability 0, space 0, times 0 [ 440.109382] overlayfs: workdir and upperdir must be separate subtrees [ 440.124399] CPU: 1 PID: 11783 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 440.131429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 440.140782] Call Trace: [ 440.143377] dump_stack+0x138/0x197 [ 440.147015] should_fail.cold+0x10f/0x159 [ 440.151169] should_failslab+0xdb/0x130 [ 440.155150] kmem_cache_alloc_node+0x287/0x780 [ 440.159747] alloc_unbound_pwq+0x486/0xbc0 [ 440.163987] apply_wqattrs_prepare+0x355/0x960 21:35:55 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./fi']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 440.168575] apply_workqueue_attrs_locked+0xa7/0x120 [ 440.173674] apply_workqueue_attrs+0x31/0x50 [ 440.178081] __alloc_workqueue_key+0x78d/0xec0 [ 440.182667] ? pointer+0xb10/0xb10 [ 440.186210] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 440.191228] ? ida_remove+0x230/0x230 [ 440.195025] ? __lockdep_init_map+0x10c/0x570 [ 440.199533] hci_register_dev+0x1a7/0x810 [ 440.203692] hci_uart_tty_ioctl+0x6a8/0xa20 [ 440.208021] tty_ioctl+0x8f7/0x1320 [ 440.211643] ? hci_uart_tty_poll+0x10/0x10 [ 440.211657] ? tty_vhangup+0x30/0x30 [ 440.219578] ? __might_sleep+0x93/0xb0 [ 440.223461] ? __fget+0x210/0x370 [ 440.226923] ? tty_vhangup+0x30/0x30 [ 440.230633] do_vfs_ioctl+0x7ae/0x1060 [ 440.234518] ? selinux_file_mprotect+0x5d0/0x5d0 [ 440.239258] ? lock_downgrade+0x740/0x740 [ 440.243387] ? ioctl_preallocate+0x1c0/0x1c0 [ 440.247780] ? __fget+0x237/0x370 [ 440.251217] ? security_file_ioctl+0x89/0xb0 [ 440.255608] SyS_ioctl+0x8f/0xc0 [ 440.258971] ? do_vfs_ioctl+0x1060/0x1060 [ 440.263101] do_syscall_64+0x1e8/0x640 [ 440.266969] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 440.271800] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 440.276971] RIP: 0033:0x45a219 [ 440.280141] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 440.287830] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 440.295082] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 440.302334] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 440.309585] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 440.316839] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 21:35:55 executing program 5 (fault-call:2 fault-nth:9): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 440.350648] Bluetooth: Can't register HCI device 21:35:55 executing program 4: [ 440.378883] overlayfs: failed to resolve './fi': -2 21:35:55 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:55 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./fi']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:55 executing program 4: [ 440.447672] FAULT_INJECTION: forcing a failure. [ 440.447672] name failslab, interval 1, probability 0, space 0, times 0 [ 440.471784] CPU: 0 PID: 11797 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 440.478823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 440.488163] Call Trace: [ 440.490736] dump_stack+0x138/0x197 [ 440.494350] should_fail.cold+0x10f/0x159 [ 440.498485] should_failslab+0xdb/0x130 [ 440.502444] kmem_cache_alloc_trace+0x2e9/0x790 [ 440.507111] ? wait_for_completion+0x420/0x420 [ 440.511682] ? pwq_adjust_max_active+0x372/0x560 [ 440.516424] ? __alloc_workqueue_key+0x114/0xec0 [ 440.521159] __alloc_workqueue_key+0x15f/0xec0 [ 440.525734] ? pointer+0xb10/0xb10 [ 440.529273] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 440.534277] ? ida_remove+0x230/0x230 [ 440.538070] ? __lockdep_init_map+0x10c/0x570 [ 440.542557] hci_register_dev+0x209/0x810 [ 440.546695] hci_uart_tty_ioctl+0x6a8/0xa20 [ 440.551021] tty_ioctl+0x8f7/0x1320 [ 440.554630] ? hci_uart_tty_poll+0x10/0x10 [ 440.558857] ? tty_vhangup+0x30/0x30 [ 440.562559] ? __might_sleep+0x93/0xb0 [ 440.566430] ? __fget+0x210/0x370 [ 440.569864] ? tty_vhangup+0x30/0x30 [ 440.573581] do_vfs_ioctl+0x7ae/0x1060 [ 440.577473] ? selinux_file_mprotect+0x5d0/0x5d0 [ 440.582296] ? lock_downgrade+0x740/0x740 [ 440.586425] ? ioctl_preallocate+0x1c0/0x1c0 [ 440.590824] ? __fget+0x237/0x370 [ 440.594881] ? security_file_ioctl+0x89/0xb0 [ 440.599270] SyS_ioctl+0x8f/0xc0 [ 440.602618] ? do_vfs_ioctl+0x1060/0x1060 [ 440.606764] do_syscall_64+0x1e8/0x640 [ 440.610642] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 440.615468] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 440.620649] RIP: 0033:0x45a219 [ 440.623831] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 440.631521] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 440.638771] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 440.646039] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 440.653299] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 440.660552] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 440.677293] Bluetooth: Can't register HCI device 21:35:56 executing program 4: 21:35:56 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) r1 = syz_open_dev$mice(&(0x7f0000000400)='/dev/input/mice\x00', 0x0, 0x0) getpeername$packet(0xffffffffffffffff, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000480)=0x14) syz_open_dev$mouse(&(0x7f0000000680)='/dev/input/mouse#\x00', 0x1, 0x800) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000004c0)={@rand_addr="2191313c3fad9c2fd176fcfe250d3eaf", 0x52, r2}) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0xffffffff}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') setsockopt$CAIFSO_REQ_PARAM(r1, 0x116, 0x80, &(0x7f0000000540)="cb7472336f54210b8c936cf56852db68775b7aa59e45a7eb792d72fac843a1418f385c542b3c105071cf93fe2ff0667548c02ca911b1238a42ce5f3140cdc97a968a66ad3cec57ceb375841283894685a71a535e2131b1cdc9e4c15ff9e417fc6c24c202d139c81926438c4f3720259e39fb97070de35cdcd99db2d1bab5a4394e8f459737e0feff31deddb7af1bf99b9cbb52e1b94fd07166dcf24e07eb9ba5554942b1645d641a3a313fa24ee9e17e106193056e1335165749cc53", 0xbc) r3 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x101000) write$tun(r3, &(0x7f00000006c0)={@void, @val={0x0, 0x4, 0x9, 0x7, 0x6, 0x8357}, @ipx={0xffff, 0x62, 0x0, 0xa, {@random=0x6, @broadcast, 0xff}, {@random=0x8001, @random="dc192739147c", 0x1}, "aaeb884445e6be2a50fd70115f0b1188ea5a4699e6e7458f8c5313e5ec8aa23dc933674da23c15766c735cdb0310376ef009f8c5b0ed5be5defa4abe851dd885ce0341a9"}}, 0x6c) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) ioctl$TIOCGSID(r5, 0x5429, &(0x7f0000000600)=0x0) ptrace$getregs(0xe, r6, 0x80000001, &(0x7f0000000640)=""/41) ioctl$sock_ifreq(r4, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) ioctl$sock_ifreq(r4, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\n\x00!!\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) ioctl$FS_IOC_SETVERSION(r4, 0x40087602, &(0x7f00000003c0)=0x101) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000500)={0x60000007}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000380)={0x1, 0x1, &(0x7f00000000c0)=""/220, &(0x7f00000001c0)=""/170, &(0x7f0000000280)=""/241, 0x5000}) 21:35:56 executing program 5 (fault-call:2 fault-nth:10): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 440.736408] overlayfs: failed to resolve './file1': -2 [ 440.764514] overlayfs: failed to resolve './fi': -2 21:35:56 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000580)='/selinux/enforce\x00', 0x0, 0x0) ioctl$USBDEVFS_REAPURB(r1, 0x4008550c, &(0x7f00000005c0)) syz_emit_ethernet(0x3, &(0x7f00000000c0)=ANY=[@ANYRES16=r0, @ANYPTR64=&(0x7f0000000080)=ANY=[@ANYRES64, @ANYRES16=r0], @ANYRESHEX], 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x18, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0xc, 0x2, [@vti_common_policy=[@IFLA_VTI_LINK={0x8, 0x1, r7}]]}}}]}, 0x38}}, 0x0) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000600)={r7, 0x1, 0x6, @remote}, 0x10) r8 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cachefiles\x00', 0x400, 0x0) write$tun(r8, &(0x7f0000000640)=ANY=[@ANYBLOB="0000bdb16a9cd32304123b00ff010000000000000000000000000001ff0100000000000000000000000000012b00aa29670000003a000108670000002c30000000000000c20400000081028df6d53648faaa002b8d10fc8ff101142eb135eb0753cab291405880e5c12a50f76a17504d1d6ad01224fd65aa3e94811bb1c808662559d19bbcc08c02e74d6f3724d1d144a3b3985922ceda5f62521d556934cf0b923e4225a62b529d05978ddffff701b4fe97f301da4cdd5294e360a6373a0f7246e0af49d4dc4eeaec8a9942d9328dded872c5ba22443dd9eb010300000002e63ab7207cc9e150f570dfb0efe80d206de101cbe02ac43bbd497b6df1b02d8a02a3d3d5cd4c3273d788384ff55a9899b5c9859cd4239c912dc89301c91f4c654d3a507bb26bb20d38cdda3d36b99a502c3d89da8fcb9a4f93dc365f02a2a39ccc93c4f85aac96eb6c963ef842edce3dfeea1290367403bc65f25ae83730572e0dde88cc31c10cc33d012c094946fef2dd315f162fae7f438ecd5f5a09bd7ffa364a2dbf63180188748099775f1e447df81c086498a591d1fa4b0eb84e3ff215563ac5799fd7e9c106464c37df139eb87a309f919f9b3f7be492bea3fdeb2704f9f8e0d25f528900000000000032000030670000002a0404020550ffffff010000000000000000000000000001ff0100000000000000000000000000010402000200000000fe80000000000000000000000000001d0606010000000000ff01000000000000000000000000000100000000000000000000ffff0000058700000000000000000000ffffe00000025c0601f00000000000000000000000000000ffffe00000013292e20830bf7652299f85420c65f387ff0200000000000000000000000000018900000000000000c204000000120000850090780000000018013e7596c00d29e384e0d992a53a221b8842e4ee96399c1581c7d6752ec8ead535f78123e667686a0c71f811845c69cbdbfdd6f34a0892d40c1cde3709901dadf603797e23c5365490308e54be2471b857c286e5796ffd093fc3b7109c49f51b35bf310b008c8b68cded6f13bbcf38eef276ad117ba54a5fa16655402a0faaa6639537bf78ecd377bd9f496eec77dfb138994100199b628f07275dfe8bfa742532fb16c66f093ca9e1026d6da70961be478451193124a94ee8fe8e2eb7950b83bed10045a229786a24876735b2a68170db7fe85c0838d9f20a72114918121dba95981f51de47566a0f010376e1407e44ccb67f09846d6099b439446ab21dffebaa0bd4b94f17b2291381f205ec023e41c822d9459aca22a1a790c8eb362b35079372453edd02cb80f63892059e476d6398c2a0bd525cf5c833e68f1e84df7a813bf6bdc61011c5d78fc538ceb9628ef95d503b686d9f45a9b807bc085e8d0a5237b3cbad957498397f9f423f73c5a7ca57eafc57d953d89cfae14644855b869335977d664ccf0c4a8a8102783d6444a189dbcb226ef0101295b183eda221370d071cd874584bf8"], 0x43e) 21:35:56 executing program 4: 21:35:56 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:56 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./fi']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 440.834850] FAULT_INJECTION: forcing a failure. [ 440.834850] name failslab, interval 1, probability 0, space 0, times 0 [ 440.904825] CPU: 1 PID: 11817 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 440.911885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 440.921242] Call Trace: [ 440.923845] dump_stack+0x138/0x197 [ 440.927482] should_fail.cold+0x10f/0x159 [ 440.931634] should_failslab+0xdb/0x130 [ 440.933464] overlayfs: failed to resolve './file1': -2 [ 440.935630] kmem_cache_alloc_trace+0x2e9/0x790 [ 440.935643] ? wait_for_completion+0x420/0x420 [ 440.935657] ? pwq_adjust_max_active+0x372/0x560 [ 440.935668] ? __alloc_workqueue_key+0x114/0xec0 [ 440.935681] __alloc_workqueue_key+0x15f/0xec0 [ 440.964227] ? pointer+0xb10/0xb10 [ 440.967786] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 440.972799] ? ida_remove+0x230/0x230 [ 440.974743] overlayfs: failed to resolve './fi': -2 [ 440.976593] ? __lockdep_init_map+0x10c/0x570 [ 440.976613] hci_register_dev+0x209/0x810 [ 440.976630] hci_uart_tty_ioctl+0x6a8/0xa20 [ 440.994677] tty_ioctl+0x8f7/0x1320 [ 440.998320] ? hci_uart_tty_poll+0x10/0x10 [ 441.002561] ? tty_vhangup+0x30/0x30 [ 441.006279] ? __might_sleep+0x93/0xb0 [ 441.010160] ? __fget+0x210/0x370 [ 441.013615] ? tty_vhangup+0x30/0x30 [ 441.013626] do_vfs_ioctl+0x7ae/0x1060 [ 441.013639] ? selinux_file_mprotect+0x5d0/0x5d0 [ 441.021212] ? lock_downgrade+0x740/0x740 [ 441.021225] ? ioctl_preallocate+0x1c0/0x1c0 [ 441.021236] ? __fget+0x237/0x370 [ 441.021253] ? security_file_ioctl+0x89/0xb0 [ 441.021264] SyS_ioctl+0x8f/0xc0 [ 441.021273] ? do_vfs_ioctl+0x1060/0x1060 [ 441.021286] do_syscall_64+0x1e8/0x640 21:35:56 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 441.021295] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 441.021310] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 441.021317] RIP: 0033:0x45a219 [ 441.021322] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 441.067862] overlayfs: failed to resolve './file': -2 [ 441.074658] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 441.074665] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 441.074671] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 21:35:56 executing program 4: 21:35:56 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:56 executing program 4: 21:35:56 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 441.074677] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 441.074683] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 441.127958] bond0: Releasing backup interface bond_slave_1 [ 441.130009] Bluetooth: Can't register HCI device 21:35:56 executing program 5 (fault-call:2 fault-nth:11): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 441.168259] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 441.204051] overlayfs: failed to resolve './file1': -2 [ 441.242133] overlayfs: failed to resolve './file': -2 [ 441.264032] FAULT_INJECTION: forcing a failure. [ 441.264032] name failslab, interval 1, probability 0, space 0, times 0 [ 441.282568] CPU: 1 PID: 11846 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 441.289600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 441.298946] Call Trace: [ 441.301532] dump_stack+0x138/0x197 [ 441.301552] should_fail.cold+0x10f/0x159 [ 441.301568] should_failslab+0xdb/0x130 [ 441.301578] __kmalloc+0x2f0/0x7a0 [ 441.301588] ? __lock_is_held+0xb6/0x140 [ 441.301601] ? apply_wqattrs_prepare+0xad/0x960 [ 441.301615] apply_wqattrs_prepare+0xad/0x960 [ 441.330053] apply_workqueue_attrs_locked+0xa7/0x120 [ 441.335169] apply_workqueue_attrs+0x31/0x50 [ 441.339582] __alloc_workqueue_key+0x78d/0xec0 [ 441.344166] ? pointer+0xb10/0xb10 [ 441.347701] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 441.352700] ? ida_remove+0x230/0x230 [ 441.356479] ? __lockdep_init_map+0x10c/0x570 [ 441.360971] hci_register_dev+0x209/0x810 [ 441.365113] hci_uart_tty_ioctl+0x6a8/0xa20 [ 441.369417] tty_ioctl+0x8f7/0x1320 [ 441.373021] ? hci_uart_tty_poll+0x10/0x10 [ 441.377281] ? tty_vhangup+0x30/0x30 [ 441.380989] ? __might_sleep+0x93/0xb0 [ 441.384865] ? __fget+0x210/0x370 [ 441.388304] ? tty_vhangup+0x30/0x30 [ 441.392164] do_vfs_ioctl+0x7ae/0x1060 [ 441.396038] ? selinux_file_mprotect+0x5d0/0x5d0 [ 441.400784] ? lock_downgrade+0x740/0x740 [ 441.404922] ? ioctl_preallocate+0x1c0/0x1c0 [ 441.409312] ? __fget+0x237/0x370 [ 441.412750] ? security_file_ioctl+0x89/0xb0 [ 441.417142] SyS_ioctl+0x8f/0xc0 [ 441.420497] ? do_vfs_ioctl+0x1060/0x1060 [ 441.424639] do_syscall_64+0x1e8/0x640 [ 441.428510] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 441.433384] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 441.438574] RIP: 0033:0x45a219 [ 441.441751] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 441.449454] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 441.456751] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 441.464023] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 441.471287] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 441.478537] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 441.486476] Bluetooth: Can't register HCI device 21:35:56 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) sendto$llc(r0, &(0x7f0000000200)="94dd468de6d61b9b171f81eaa1341b597bba9f8691cab59324f7579d386c0eb959695220a66d2d20ffe6546c1a8825e407c36c0f85f22384bbdd515e336857b0140d6c346e1b651ffc25211377a12ef87ae21f4bd52b03dfee96baf3ad5463e4aff327cf989d94c5695892c2598d24ccb30941261da9a9adbaf245d1fb3839b320ba1fa67224fc6ad849a2a6a7028533fd1aca9f19d61a7fc17670d0d93ae1f262ca", 0xa2, 0x8040, &(0x7f0000000140)={0x1a, 0x693c8db3bdf20380, 0xc3, 0x2, 0x1, 0x3, @random="03e653056ee0"}, 0x10) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r1, &(0x7f0000000180)='.//ile0\x00', r1, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:56 executing program 4: 21:35:56 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="99080091001a6d6800040008010000efff00109578000890780e000000"], 0x0) 21:35:56 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:56 executing program 2: setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, &(0x7f0000000080), 0x4) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:56 executing program 5 (fault-call:2 fault-nth:12): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:35:56 executing program 4: 21:35:56 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:56 executing program 4: [ 441.744033] overlayfs: failed to resolve './file': -2 [ 441.750212] FAULT_INJECTION: forcing a failure. [ 441.750212] name failslab, interval 1, probability 0, space 0, times 0 21:35:57 executing program 4: 21:35:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100f3364029abb6adff6dd304000000000000009078"], 0x0) 21:35:57 executing program 2: r0 = socket$packet(0x11, 0x0, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0xffffffffffffffb2) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x8, 0x6f37}, 0x1c) syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00') pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='trusted.overlay.upper\x00', &(0x7f0000000540)={0x0, 0xfb, 0xc9, 0xb, 0xc1, "9902aba4cc02e31dc7c3d919acc20b5f", "53a6397aafb1d372bec3f9c3f10c95e0bf6bc8c3cbffdc3c50694b48b4379f38b779e889c1a376fa9ee6f159265f07c05d5863d3b4449e581ffd3eab2a312080b5f975502fa245ec4becf98710568082a60413b18274e35dfbb845504ab87cca56624528fb714703de1686b65e575799928b05dfd381181006e4851ede9bce86971765ad35c6b49db5d53f591760f8349295e6851689df3a36707d2e823cea7687d73d3e9907c1a17751da9d32664fca2209ea37"}, 0xc9, 0x0) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="778741f35c6700000000918f8745d5c11fe0a8a4ec52e633dc11b51bce84708d446e044788fa10445df511040b0e91cd05bc21b0770cbfd78373cf1a04d902061fe53cd0940e0e41a09392b5b0b076cdabce76eb97e37cb654b8734caf3cd8372c229e4f", @ANYRES16=r2, @ANYBLOB="e54e00000000000000000800000018"], 0x3}}, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x18000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="800da481d1d2ac16da64ff", @ANYRES16=r2, @ANYBLOB="09082abd7000fbdbdf25030000006c00050008000100657468000800010069620000080001006962000034000200080004000200000008000400090000000800030029080000080002000400000008000300010000000800040071c4000008000100696200000c00020008000300090000000800010069620000"], 0x80}, 0x1, 0x0, 0x0, 0x4bfedf5cbfa6faa8}, 0x4040) r3 = socket(0x8, 0x3d3428f41acffaf7, 0x1f) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r5 = getpid() sched_setattr(r5, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) rt_tgsigqueueinfo(r4, r5, 0x3a, &(0x7f0000000140)={0x2f, 0x5, 0x5}) setsockopt$inet_sctp_SCTP_NODELAY(r3, 0x84, 0x3, &(0x7f00000000c0)=0x4, 0x4) fchdir(r1) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x22301, 0x0) 21:35:57 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(0x0, 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 441.786394] CPU: 0 PID: 11866 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 441.793433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 441.802783] Call Trace: [ 441.805383] dump_stack+0x138/0x197 [ 441.809025] should_fail.cold+0x10f/0x159 [ 441.813174] should_failslab+0xdb/0x130 [ 441.817138] kmem_cache_alloc_trace+0x2e9/0x790 [ 441.821795] apply_wqattrs_prepare+0x16d/0x960 [ 441.826366] apply_workqueue_attrs_locked+0xa7/0x120 [ 441.831456] apply_workqueue_attrs+0x31/0x50 [ 441.835843] __alloc_workqueue_key+0x78d/0xec0 [ 441.840406] ? pointer+0xb10/0xb10 [ 441.843939] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 441.848939] ? ida_remove+0x230/0x230 [ 441.852720] ? __lockdep_init_map+0x10c/0x570 [ 441.857203] hci_register_dev+0x209/0x810 [ 441.861410] hci_uart_tty_ioctl+0x6a8/0xa20 [ 441.865772] tty_ioctl+0x8f7/0x1320 [ 441.869383] ? hci_uart_tty_poll+0x10/0x10 [ 441.873599] ? tty_vhangup+0x30/0x30 [ 441.877298] ? __might_sleep+0x93/0xb0 [ 441.881166] ? __fget+0x210/0x370 [ 441.884599] ? tty_vhangup+0x30/0x30 [ 441.888293] do_vfs_ioctl+0x7ae/0x1060 [ 441.892161] ? selinux_file_mprotect+0x5d0/0x5d0 [ 441.896937] ? lock_downgrade+0x740/0x740 [ 441.901062] ? ioctl_preallocate+0x1c0/0x1c0 [ 441.905451] ? __fget+0x237/0x370 [ 441.908890] ? security_file_ioctl+0x89/0xb0 [ 441.913280] SyS_ioctl+0x8f/0xc0 [ 441.916629] ? do_vfs_ioctl+0x1060/0x1060 [ 441.920758] do_syscall_64+0x1e8/0x640 [ 441.924624] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 441.929449] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 441.934616] RIP: 0033:0x45a219 [ 441.937793] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 441.945481] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 441.952746] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 441.959997] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 441.967253] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 441.974506] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 441.984831] Bluetooth: Can't register HCI device 21:35:57 executing program 5 (fault-call:2 fault-nth:13): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:35:57 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x8000, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:57 executing program 4: 21:35:57 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_emit_ethernet(0x6, &(0x7f0000000240)=ANY=[@ANYRES64=r0, @ANYRES32=r1, @ANYRESOCT=r2, @ANYRESDEC, @ANYPTR=&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16], @ANYRESDEC=r1], 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sync_file_range(r4, 0x1ff, 0x7f, 0x7) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r5 = dup3(r0, r3, 0x7a0c3ad5e2125b5a) openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/mls\x00', 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r5, 0x40045731, &(0x7f00000000c0)=0x3) r6 = getpid() sched_setattr(r6, &(0x7f0000000140)={0xffffffffffffff8c, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0xfffffffffffffffd}, 0x0) sched_setattr(r6, &(0x7f0000000080)={0x30, 0x799dd9ca930aad8e, 0x1, 0x7, 0x7, 0x33, 0x100000000, 0x2}, 0x0) [ 442.131363] FAULT_INJECTION: forcing a failure. [ 442.131363] name failslab, interval 1, probability 0, space 0, times 0 21:35:57 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(0x0, 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:57 executing program 4: [ 442.171842] CPU: 0 PID: 11889 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 442.178895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 442.188250] Call Trace: [ 442.190840] dump_stack+0x138/0x197 [ 442.194477] should_fail.cold+0x10f/0x159 [ 442.198626] should_failslab+0xdb/0x130 [ 442.202587] kmem_cache_alloc_node+0x287/0x780 [ 442.207159] alloc_unbound_pwq+0x486/0xbc0 [ 442.211380] apply_wqattrs_prepare+0x355/0x960 [ 442.215950] apply_workqueue_attrs_locked+0xa7/0x120 [ 442.221036] apply_workqueue_attrs+0x31/0x50 [ 442.225426] __alloc_workqueue_key+0x78d/0xec0 [ 442.230051] ? pointer+0xb10/0xb10 [ 442.233625] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 442.238624] ? ida_remove+0x230/0x230 [ 442.242408] ? __lockdep_init_map+0x10c/0x570 [ 442.246886] hci_register_dev+0x209/0x810 [ 442.251021] hci_uart_tty_ioctl+0x6a8/0xa20 [ 442.255329] tty_ioctl+0x8f7/0x1320 [ 442.258973] ? hci_uart_tty_poll+0x10/0x10 [ 442.263190] ? tty_vhangup+0x30/0x30 [ 442.266889] ? __might_sleep+0x93/0xb0 [ 442.270763] ? __fget+0x210/0x370 [ 442.274201] ? tty_vhangup+0x30/0x30 [ 442.277898] do_vfs_ioctl+0x7ae/0x1060 [ 442.281767] ? selinux_file_mprotect+0x5d0/0x5d0 [ 442.286500] ? lock_downgrade+0x740/0x740 [ 442.290679] ? ioctl_preallocate+0x1c0/0x1c0 [ 442.295068] ? __fget+0x237/0x370 [ 442.298509] ? security_file_ioctl+0x89/0xb0 [ 442.302900] SyS_ioctl+0x8f/0xc0 [ 442.306244] ? do_vfs_ioctl+0x1060/0x1060 [ 442.310373] do_syscall_64+0x1e8/0x640 [ 442.314238] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 442.319065] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 442.324230] RIP: 0033:0x45a219 [ 442.327402] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 442.335101] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 442.342357] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 442.349606] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 442.356856] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 442.364103] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 442.374418] Bluetooth: Can't register HCI device 21:35:57 executing program 5 (fault-call:2 fault-nth:14): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:35:57 executing program 1: timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x1c9c380}}, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:57 executing program 4: [ 442.491682] FAULT_INJECTION: forcing a failure. [ 442.491682] name failslab, interval 1, probability 0, space 0, times 0 [ 442.514416] CPU: 0 PID: 11909 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 442.521464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 442.530802] Call Trace: [ 442.533378] dump_stack+0x138/0x197 [ 442.536999] should_fail.cold+0x10f/0x159 [ 442.541143] should_failslab+0xdb/0x130 [ 442.545108] kmem_cache_alloc_node+0x287/0x780 [ 442.549675] alloc_unbound_pwq+0x486/0xbc0 [ 442.553900] apply_wqattrs_prepare+0x355/0x960 [ 442.558475] apply_workqueue_attrs_locked+0xa7/0x120 [ 442.563563] apply_workqueue_attrs+0x31/0x50 [ 442.567950] __alloc_workqueue_key+0x78d/0xec0 [ 442.572516] ? pointer+0xb10/0xb10 [ 442.576042] ? workqueue_sysfs_register+0x3c0/0x3c0 [ 442.581064] ? ida_remove+0x230/0x230 [ 442.584849] ? __lockdep_init_map+0x10c/0x570 [ 442.589329] hci_register_dev+0x209/0x810 [ 442.593471] hci_uart_tty_ioctl+0x6a8/0xa20 [ 442.597783] tty_ioctl+0x8f7/0x1320 [ 442.601389] ? hci_uart_tty_poll+0x10/0x10 [ 442.605608] ? tty_vhangup+0x30/0x30 [ 442.609309] ? __might_sleep+0x93/0xb0 [ 442.613190] ? __fget+0x210/0x370 [ 442.616632] ? tty_vhangup+0x30/0x30 [ 442.620329] do_vfs_ioctl+0x7ae/0x1060 [ 442.624196] ? selinux_file_mprotect+0x5d0/0x5d0 [ 442.628953] ? lock_downgrade+0x740/0x740 [ 442.633143] ? ioctl_preallocate+0x1c0/0x1c0 [ 442.637571] ? __fget+0x237/0x370 [ 442.641010] ? security_file_ioctl+0x89/0xb0 [ 442.645406] SyS_ioctl+0x8f/0xc0 [ 442.648753] ? do_vfs_ioctl+0x1060/0x1060 [ 442.652883] do_syscall_64+0x1e8/0x640 [ 442.656754] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 442.661619] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 442.666823] RIP: 0033:0x45a219 [ 442.669995] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 442.677723] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 442.684971] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 21:35:57 executing program 4: [ 442.692259] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 442.699519] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 442.706779] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 442.716891] Bluetooth: Can't register HCI device 21:35:58 executing program 5 (fault-call:2 fault-nth:15): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:35:58 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(0x0, 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:58 executing program 4: 21:35:58 executing program 2: modify_ldt$write2(0x11, &(0x7f0000000080)={0x0, 0x0, 0x400, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1}, 0x10) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:35:58 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 442.901957] FAULT_INJECTION: forcing a failure. [ 442.901957] name failslab, interval 1, probability 0, space 0, times 0 [ 442.915581] CPU: 0 PID: 11926 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 442.922606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 442.931949] Call Trace: [ 442.934561] dump_stack+0x138/0x197 [ 442.938189] should_fail.cold+0x10f/0x159 [ 442.942336] should_failslab+0xdb/0x130 [ 442.946295] kmem_cache_alloc+0x2d7/0x780 [ 442.950428] ? __d_lookup+0x3a2/0x670 [ 442.954247] ? mark_held_locks+0xb1/0x100 [ 442.958374] ? d_lookup+0xe5/0x240 [ 442.961906] __d_alloc+0x2d/0x9f0 [ 442.965374] d_alloc+0x4d/0x270 [ 442.968643] __lookup_hash+0x58/0x180 [ 442.972424] lookup_one_len+0x27b/0x3a0 [ 442.976395] ? __lookup_hash+0x180/0x180 [ 442.980453] start_creating+0xa6/0x1b0 [ 442.984394] debugfs_create_dir+0x23/0x3b0 [ 442.988614] hci_register_dev+0x28a/0x810 [ 442.992771] hci_uart_tty_ioctl+0x6a8/0xa20 [ 442.997090] tty_ioctl+0x8f7/0x1320 [ 443.000704] ? hci_uart_tty_poll+0x10/0x10 [ 443.004933] ? tty_vhangup+0x30/0x30 [ 443.008655] ? __might_sleep+0x93/0xb0 [ 443.012532] ? __fget+0x210/0x370 [ 443.015968] ? tty_vhangup+0x30/0x30 [ 443.019661] do_vfs_ioctl+0x7ae/0x1060 [ 443.023527] ? selinux_file_mprotect+0x5d0/0x5d0 [ 443.028261] ? lock_downgrade+0x740/0x740 [ 443.032444] ? ioctl_preallocate+0x1c0/0x1c0 [ 443.036834] ? __fget+0x237/0x370 [ 443.040272] ? security_file_ioctl+0x89/0xb0 [ 443.044661] SyS_ioctl+0x8f/0xc0 [ 443.048044] ? do_vfs_ioctl+0x1060/0x1060 [ 443.052212] do_syscall_64+0x1e8/0x640 [ 443.056081] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 443.060954] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 443.066121] RIP: 0033:0x45a219 [ 443.069289] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 443.076988] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 443.084258] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 443.091508] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 443.098758] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 443.106008] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 21:35:58 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000000080)=0x5) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:35:58 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:58 executing program 4: 21:35:58 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:35:58 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) getpeername$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) syz_genetlink_get_family_id$SEG6(&(0x7f0000000140)='SEG6\x00') r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$BLKPBSZGET(r1, 0x127b, &(0x7f0000000240)) syz_genetlink_get_family_id$SEG6(&(0x7f00000002c0)='\x10!\x00\x10\x00') r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0) utimensat(r2, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={{0x0, 0x2710}}, 0x0) 21:35:58 executing program 4: 21:35:58 executing program 4: [ 443.990132] net_ratelimit: 6 callbacks suppressed [ 443.990158] protocol 88fb is buggy, dev hsr_slave_0 [ 444.000133] protocol 88fb is buggy, dev hsr_slave_1 [ 444.005221] protocol 88fb is buggy, dev hsr_slave_0 [ 444.010295] protocol 88fb is buggy, dev hsr_slave_1 [ 445.190156] Bluetooth: hci0 command 0x1003 tx timeout [ 445.195482] Bluetooth: hci0 sending frame failed (-49) [ 447.270180] Bluetooth: hci0 command 0x1001 tx timeout [ 447.275486] Bluetooth: hci0 sending frame failed (-49) [ 449.350139] Bluetooth: hci0 command 0x1009 tx timeout 21:36:08 executing program 5 (fault-call:2 fault-nth:16): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:36:08 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:08 executing program 4: 21:36:08 executing program 1: mkdir(0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:08 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x2, 0x0) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x3) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x0, &(0x7f0000000080)=ANY=[], 0x0) 21:36:08 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x40, 0x0) fadvise64(r1, 0x7ff, 0x93, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:36:08 executing program 4: [ 453.630895] overlayfs: failed to resolve './file1': -2 21:36:08 executing program 1: mkdir(0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:09 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fstat(r1, &(0x7f0000000080)) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:36:09 executing program 4: 21:36:09 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 453.709985] FAULT_INJECTION: forcing a failure. [ 453.709985] name failslab, interval 1, probability 0, space 0, times 0 [ 453.749113] overlayfs: failed to resolve './file1': -2 [ 453.775833] CPU: 1 PID: 11984 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 453.782893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 453.792255] Call Trace: [ 453.794852] dump_stack+0x138/0x197 [ 453.798661] should_fail.cold+0x10f/0x159 [ 453.802866] should_failslab+0xdb/0x130 [ 453.806858] kmem_cache_alloc+0x2d7/0x780 [ 453.811015] ? lookup_one_len+0x283/0x3a0 [ 453.815167] alloc_inode+0xa9/0x180 [ 453.818850] new_inode_pseudo+0x19/0xf0 [ 453.822861] new_inode+0x1f/0x40 [ 453.826241] debugfs_get_inode+0x1a/0x130 [ 453.830399] debugfs_create_dir+0x67/0x3b0 [ 453.835000] hci_register_dev+0x28a/0x810 [ 453.839162] hci_uart_tty_ioctl+0x6a8/0xa20 [ 453.843640] tty_ioctl+0x8f7/0x1320 [ 453.847279] ? hci_uart_tty_poll+0x10/0x10 [ 453.851525] ? tty_vhangup+0x30/0x30 [ 453.855262] ? __might_sleep+0x93/0xb0 [ 453.859148] ? __fget+0x210/0x370 [ 453.859164] ? tty_vhangup+0x30/0x30 [ 453.866347] do_vfs_ioctl+0x7ae/0x1060 [ 453.870332] ? selinux_file_mprotect+0x5d0/0x5d0 [ 453.875092] ? lock_downgrade+0x740/0x740 [ 453.879255] ? ioctl_preallocate+0x1c0/0x1c0 [ 453.883680] ? __fget+0x237/0x370 [ 453.887152] ? security_file_ioctl+0x89/0xb0 [ 453.891572] SyS_ioctl+0x8f/0xc0 [ 453.894983] ? do_vfs_ioctl+0x1060/0x1060 [ 453.899142] do_syscall_64+0x1e8/0x640 [ 453.903035] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 453.908067] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 453.913402] RIP: 0033:0x45a219 [ 453.916602] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 21:36:09 executing program 4: [ 453.924444] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 453.931721] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 453.939006] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 453.946287] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 453.953564] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 454.390137] protocol 88fb is buggy, dev hsr_slave_0 [ 454.395406] protocol 88fb is buggy, dev hsr_slave_1 [ 454.400560] protocol 88fb is buggy, dev hsr_slave_0 [ 454.405733] protocol 88fb is buggy, dev hsr_slave_1 [ 454.630182] protocol 88fb is buggy, dev hsr_slave_0 [ 454.635279] protocol 88fb is buggy, dev hsr_slave_1 [ 454.640889] protocol 88fb is buggy, dev hsr_slave_0 [ 455.990181] Bluetooth: hci0 command 0x1003 tx timeout [ 455.995512] Bluetooth: hci0 sending frame failed (-49) [ 458.070212] Bluetooth: hci0 command 0x1001 tx timeout [ 458.075556] Bluetooth: hci0 sending frame failed (-49) [ 460.150190] Bluetooth: hci0 command 0x1009 tx timeout 21:36:19 executing program 5 (fault-call:2 fault-nth:17): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:36:19 executing program 4: 21:36:19 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, 0x0, r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:19 executing program 1: mkdir(0x0, 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:19 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fsetxattr$security_selinux(r0, &(0x7f0000000100)='security.selinux\x00', &(0x7f0000000140)='system_u:object_r:getty_var_run_t:s0\x00', 0x25, 0x3) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/create\x00', 0x2, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) signalfd(r2, &(0x7f00000000c0)={0x81}, 0x8) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) r5 = shmget$private(0x0, 0x4000, 0x8, &(0x7f0000ffb000/0x4000)=nil) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) write(r6, &(0x7f0000000340), 0x41395527) setsockopt$packet_tx_ring(r6, 0x107, 0xd, &(0x7f0000000340)=@req={0x10000, 0x1, 0x6, 0x4}, 0x10) shmctl$SHM_UNLOCK(r5, 0xc) shmctl$SHM_INFO(r5, 0xe, &(0x7f00000001c0)=""/151) syz_emit_ethernet(0x1, &(0x7f0000000180)=ANY=[@ANYPTR64=&(0x7f0000000280)=ANY=[@ANYBLOB="df2c59d3a5331371c358cb03f491aa4eb5f7c55048e9e39388f783860fccda7f66e7f5d5b2ef6321fece40bc84983cd6919828b13a938a12ac8f82dbba7b78738be09a38464d60ef8aed1691926477ae48c1915c9cbcc18443b6c7b0cd3222d143aad501000000000000000000", @ANYRESOCT=0x0, @ANYRESOCT]], 0x0) 21:36:19 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000080)={0x9, 0x0, 0x1000}, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:36:19 executing program 4: 21:36:19 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(0x0, &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:19 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, 0x0, r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:19 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004870000000200000bc700000000000009500000000000000"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48) [ 464.535820] overlayfs: failed to resolve './file1': -2 [ 464.540965] FAULT_INJECTION: forcing a failure. [ 464.540965] name failslab, interval 1, probability 0, space 0, times 0 [ 464.573140] audit: type=1400 audit(1573248979.832:145): avc: denied { relabelto } for pid=12007 comm="syz-executor.0" name="UDPv6" dev="sockfs" ino=46616 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:getty_var_run_t:s0 tclass=udp_socket permissive=1 [ 464.599344] CPU: 1 PID: 12017 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 464.606372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 464.615721] Call Trace: [ 464.615739] dump_stack+0x138/0x197 [ 464.615764] should_fail.cold+0x10f/0x159 [ 464.615780] should_failslab+0xdb/0x130 [ 464.615791] kmem_cache_alloc+0x2d7/0x780 [ 464.615800] ? check_preemption_disabled+0x3c/0x250 [ 464.615810] ? alloc_inode+0xa9/0x180 [ 464.615823] selinux_inode_alloc_security+0xb6/0x2a0 [ 464.622017] security_inode_alloc+0x94/0xd0 [ 464.622033] inode_init_always+0x552/0xaf0 [ 464.622045] alloc_inode+0x81/0x180 [ 464.622057] new_inode_pseudo+0x19/0xf0 [ 464.622066] new_inode+0x1f/0x40 [ 464.622082] debugfs_get_inode+0x1a/0x130 [ 464.622094] debugfs_create_dir+0x67/0x3b0 [ 464.622109] hci_register_dev+0x28a/0x810 [ 464.622124] hci_uart_tty_ioctl+0x6a8/0xa20 [ 464.630214] tty_ioctl+0x8f7/0x1320 [ 464.630227] ? hci_uart_tty_poll+0x10/0x10 [ 464.630239] ? tty_vhangup+0x30/0x30 [ 464.630257] ? __might_sleep+0x93/0xb0 [ 464.630264] ? __fget+0x210/0x370 [ 464.630279] ? tty_vhangup+0x30/0x30 [ 464.706880] do_vfs_ioctl+0x7ae/0x1060 [ 464.710752] ? selinux_file_mprotect+0x5d0/0x5d0 [ 464.715487] ? lock_downgrade+0x740/0x740 [ 464.719615] ? ioctl_preallocate+0x1c0/0x1c0 [ 464.724006] ? __fget+0x237/0x370 [ 464.727444] ? security_file_ioctl+0x89/0xb0 [ 464.731833] SyS_ioctl+0x8f/0xc0 [ 464.735180] ? do_vfs_ioctl+0x1060/0x1060 [ 464.739311] do_syscall_64+0x1e8/0x640 [ 464.743180] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 464.748010] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 464.753177] RIP: 0033:0x45a219 [ 464.756346] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 464.764033] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 464.771283] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 464.778533] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 21:36:20 executing program 2: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) write$FUSE_POLL(r0, &(0x7f0000000080)={0x18, 0x0, 0x5}, 0x18) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 464.785781] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 464.793032] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 464.810286] protocol 88fb is buggy, dev hsr_slave_0 [ 464.815371] protocol 88fb is buggy, dev hsr_slave_1 [ 464.820567] protocol 88fb is buggy, dev hsr_slave_0 [ 464.825884] protocol 88fb is buggy, dev hsr_slave_1 21:36:20 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(0x0, &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 465.030165] protocol 88fb is buggy, dev hsr_slave_0 [ 465.035310] protocol 88fb is buggy, dev hsr_slave_1 [ 465.040427] protocol 88fb is buggy, dev hsr_slave_0 [ 465.045463] protocol 88fb is buggy, dev hsr_slave_1 [ 465.190151] protocol 88fb is buggy, dev hsr_slave_0 [ 465.195309] protocol 88fb is buggy, dev hsr_slave_1 [ 466.870309] Bluetooth: hci0 command 0x1003 tx timeout [ 466.875607] Bluetooth: hci0 sending frame failed (-49) [ 468.950395] Bluetooth: hci0 command 0x1001 tx timeout [ 468.955742] Bluetooth: hci0 sending frame failed (-49) [ 471.030367] Bluetooth: hci0 command 0x1009 tx timeout 21:36:30 executing program 5 (fault-call:2 fault-nth:18): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:36:30 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f00000006c0)=ANY=[@ANYBLOB="192ee7dc6707000000000000005e707b55cf3dceefc264ea3347cde1e92c519458975a15d28883b1f90c3f0900a5df6c27e80a3ddc66017bd13cb2a6a1165c072b046b11aca83d5ac90300857054fd8b1af8d100bf9973ae5c8c58e79fe09b070000000000000036bf23"], 0x6a) close(0xffffffffffffffff) syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x0) openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f00000000c0)={'.\x00'}, &(0x7f0000000080), 0xfe28, 0xfffffffffffffffb) 21:36:30 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(0x0, &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:30 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, 0x0, r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:30 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) getsockopt$inet6_opts(r1, 0x29, 0x38, &(0x7f0000000080)=""/161, &(0x7f0000000140)=0xa1) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:36:30 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000140)={0x17, 0x15, &(0x7f0000000100)="bcc197fcb3eecd32898b83dd4c463aa1348f804444"}) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e26000890787217e5df5da001905fc640ada2d78e18475dfb9959b98611988b433273caf070cbaeff937d6596b0a505f765fe53a18644b43d657c7fd3be8cee25e83a721e46bbb9ed77d13ee4c1387995"], 0x0) 21:36:30 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 475.393324] Invalid option length (1688) for dns_resolver key [ 475.398155] FAULT_INJECTION: forcing a failure. [ 475.398155] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 475.412580] CPU: 0 PID: 12060 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 475.419608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 475.428953] Call Trace: [ 475.430110] net_ratelimit: 2 callbacks suppressed [ 475.430115] protocol 88fb is buggy, dev hsr_slave_0 [ 475.431535] dump_stack+0x138/0x197 [ 475.431552] should_fail.cold+0x10f/0x159 [ 475.431563] ? __might_sleep+0x93/0xb0 [ 475.436422] protocol 88fb is buggy, dev hsr_slave_1 [ 475.441395] __alloc_pages_nodemask+0x1d6/0x7a0 [ 475.441408] ? __alloc_pages_slowpath+0x2930/0x2930 [ 475.441428] ? lock_downgrade+0x740/0x740 [ 475.441441] alloc_pages_current+0xec/0x1e0 [ 475.445104] protocol 88fb is buggy, dev hsr_slave_0 [ 475.449175] __get_free_pages+0xf/0x40 [ 475.453079] protocol 88fb is buggy, dev hsr_slave_1 [ 475.458034] inode_doinit_with_dentry+0x82b/0xed0 [ 475.494833] ? selinux_cred_free+0x80/0x80 [ 475.499062] ? timespec_trunc+0xb5/0x120 [ 475.503111] selinux_d_instantiate+0x28/0x40 [ 475.507507] security_d_instantiate+0x5a/0xe0 [ 475.512000] d_instantiate+0x60/0xa0 [ 475.515704] debugfs_create_dir+0x10f/0x3b0 [ 475.520031] hci_register_dev+0x28a/0x810 [ 475.524175] hci_uart_tty_ioctl+0x6a8/0xa20 [ 475.528481] tty_ioctl+0x8f7/0x1320 [ 475.532086] ? hci_uart_tty_poll+0x10/0x10 [ 475.536303] ? tty_vhangup+0x30/0x30 [ 475.539999] ? __might_sleep+0x93/0xb0 [ 475.543880] ? __fget+0x210/0x370 [ 475.547327] ? tty_vhangup+0x30/0x30 [ 475.551023] do_vfs_ioctl+0x7ae/0x1060 [ 475.554892] ? selinux_file_mprotect+0x5d0/0x5d0 [ 475.559627] ? lock_downgrade+0x740/0x740 [ 475.563766] ? ioctl_preallocate+0x1c0/0x1c0 [ 475.568170] ? __fget+0x237/0x370 [ 475.571608] ? security_file_ioctl+0x89/0xb0 [ 475.576010] SyS_ioctl+0x8f/0xc0 [ 475.579356] ? do_vfs_ioctl+0x1060/0x1060 [ 475.583495] do_syscall_64+0x1e8/0x640 [ 475.587373] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 475.592196] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 475.597367] RIP: 0033:0x45a219 [ 475.600539] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 475.608250] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 475.615501] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 475.622755] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 475.630014] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 475.637274] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 21:36:30 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:30 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) [ 475.656477] Invalid option length (1688) for dns_resolver key 21:36:30 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:31 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x6) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:36:31 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') [ 475.764195] audit: type=1326 audit(1573248991.022:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 476.523347] audit: type=1326 audit(1573248991.792:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 476.548414] audit: type=1326 audit(1573248991.822:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12070 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 477.670223] Bluetooth: hci0 command 0x1003 tx timeout [ 477.675517] Bluetooth: hci0 sending frame failed (-49) [ 479.750092] Bluetooth: hci0 command 0x1001 tx timeout [ 479.755403] Bluetooth: hci0 sending frame failed (-49) [ 481.830260] Bluetooth: hci0 command 0x1009 tx timeout 21:36:41 executing program 5 (fault-call:2 fault-nth:19): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:36:41 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) ioctl$USBDEVFS_REAPURB(r2, 0x4008550c, 0xffffffffffffffff) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) ioctl$IOC_PR_PREEMPT(r1, 0x401870cb, &(0x7f0000000080)={0x6, 0xfffffffffffffc01, 0x6114, 0x6}) 21:36:41 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:41 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:41 executing program 2: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000080)={0x0, 0x10, 0x1}) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:36:41 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) [ 486.276275] audit: type=1326 audit(1573249001.542:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12097 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 486.278938] FAULT_INJECTION: forcing a failure. [ 486.278938] name failslab, interval 1, probability 0, space 0, times 0 [ 486.312525] CPU: 1 PID: 12104 Comm: syz-executor.5 Not tainted 4.14.152 #0 21:36:41 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, 0x0) [ 486.319548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 486.328892] Call Trace: [ 486.331482] dump_stack+0x138/0x197 [ 486.335123] should_fail.cold+0x10f/0x159 [ 486.339275] should_failslab+0xdb/0x130 [ 486.343251] __kmalloc_track_caller+0x2ec/0x790 [ 486.347921] ? save_trace+0x290/0x290 [ 486.351714] ? kstrdup_const+0x48/0x60 [ 486.355596] kstrdup+0x3a/0x70 [ 486.358772] kstrdup_const+0x48/0x60 [ 486.362484] kvasprintf_const+0xf7/0x170 [ 486.366603] kobject_set_name_vargs+0x5b/0x150 [ 486.371207] dev_set_name+0xa4/0xc0 [ 486.374828] ? device_initialize+0x430/0x430 [ 486.379242] ? up_write+0x1a/0x60 [ 486.382686] hci_register_dev+0x2d1/0x810 [ 486.386818] hci_uart_tty_ioctl+0x6a8/0xa20 [ 486.391119] tty_ioctl+0x8f7/0x1320 [ 486.394724] ? hci_uart_tty_poll+0x10/0x10 [ 486.398938] ? tty_vhangup+0x30/0x30 [ 486.402654] ? __might_sleep+0x93/0xb0 [ 486.406527] ? __fget+0x210/0x370 [ 486.409977] ? tty_vhangup+0x30/0x30 [ 486.413686] do_vfs_ioctl+0x7ae/0x1060 [ 486.417553] ? selinux_file_mprotect+0x5d0/0x5d0 [ 486.422288] ? lock_downgrade+0x740/0x740 [ 486.426426] ? ioctl_preallocate+0x1c0/0x1c0 [ 486.430831] ? __fget+0x237/0x370 [ 486.434275] ? security_file_ioctl+0x89/0xb0 [ 486.438668] SyS_ioctl+0x8f/0xc0 [ 486.442016] ? do_vfs_ioctl+0x1060/0x1060 [ 486.446145] do_syscall_64+0x1e8/0x640 [ 486.450034] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 486.454880] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 486.460051] RIP: 0033:0x45a219 [ 486.463219] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 21:36:41 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:41 executing program 5 (fault-call:2 fault-nth:20): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 486.470906] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 486.478166] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 486.485415] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 486.492664] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 486.499914] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 486.509335] Bluetooth: Can't register HCI device [ 486.567795] FAULT_INJECTION: forcing a failure. [ 486.567795] name failslab, interval 1, probability 0, space 0, times 0 [ 486.594659] CPU: 1 PID: 12114 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 486.601696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 486.611047] Call Trace: [ 486.613637] dump_stack+0x138/0x197 21:36:41 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, 0x0) 21:36:41 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 486.617273] should_fail.cold+0x10f/0x159 [ 486.621440] should_failslab+0xdb/0x130 [ 486.625427] __kmalloc_track_caller+0x2ec/0x790 [ 486.630098] ? __down_trylock_console_sem+0x71/0x200 [ 486.635194] ? kstrdup_const+0x48/0x60 [ 486.639071] kstrdup+0x3a/0x70 [ 486.642260] kstrdup_const+0x48/0x60 [ 486.645980] __kernfs_new_node+0x2f/0x420 [ 486.650120] ? vprintk_func+0x65/0x159 [ 486.653992] kernfs_new_node+0x80/0xf0 [ 486.657860] kernfs_create_dir_ns+0x41/0x140 [ 486.662248] sysfs_create_dir_ns+0xbe/0x1d0 [ 486.666553] kobject_add_internal.part.0.cold+0x114/0x5ae [ 486.672071] kobject_add+0x11f/0x180 [ 486.675805] ? kset_create_and_add+0x180/0x180 [ 486.680370] ? mutex_unlock+0xd/0x10 [ 486.684067] device_add+0x383/0x1490 [ 486.687769] ? device_initialize+0x430/0x430 [ 486.692170] ? device_private_init+0x190/0x190 [ 486.696780] hci_register_dev+0x2d9/0x810 [ 486.700921] hci_uart_tty_ioctl+0x6a8/0xa20 [ 486.705234] tty_ioctl+0x8f7/0x1320 [ 486.708886] ? hci_uart_tty_poll+0x10/0x10 [ 486.713113] ? tty_vhangup+0x30/0x30 [ 486.716812] ? __might_sleep+0x93/0xb0 [ 486.720688] ? __fget+0x210/0x370 [ 486.724170] ? tty_vhangup+0x30/0x30 [ 486.727868] do_vfs_ioctl+0x7ae/0x1060 [ 486.731738] ? selinux_file_mprotect+0x5d0/0x5d0 [ 486.736476] ? lock_downgrade+0x740/0x740 [ 486.740602] ? ioctl_preallocate+0x1c0/0x1c0 [ 486.744990] ? __fget+0x237/0x370 [ 486.748428] ? security_file_ioctl+0x89/0xb0 [ 486.752866] SyS_ioctl+0x8f/0xc0 [ 486.756215] ? do_vfs_ioctl+0x1060/0x1060 [ 486.760352] do_syscall_64+0x1e8/0x640 [ 486.764219] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 486.769046] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 486.774228] RIP: 0033:0x45a219 [ 486.777396] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 486.785082] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 486.792330] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 486.799580] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 486.806925] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 21:36:42 executing program 5 (fault-call:2 fault-nth:21): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 486.814173] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 486.823760] kobject_add_internal failed for hci0 (error: -12 parent: bluetooth) [ 486.831550] Bluetooth: Can't register HCI device [ 486.889565] FAULT_INJECTION: forcing a failure. [ 486.889565] name failslab, interval 1, probability 0, space 0, times 0 [ 486.907192] CPU: 0 PID: 12125 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 486.914225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 486.923565] Call Trace: [ 486.926140] dump_stack+0x138/0x197 [ 486.929826] should_fail.cold+0x10f/0x159 [ 486.933963] should_failslab+0xdb/0x130 [ 486.937927] __kmalloc_track_caller+0x2ec/0x790 [ 486.942578] ? save_trace+0x290/0x290 [ 486.946360] ? __mutex_unlock_slowpath+0x71/0x800 [ 486.951219] ? __lock_is_held+0xb6/0x140 [ 486.955270] ? kstrdup_const+0x48/0x60 [ 486.959137] kstrdup+0x3a/0x70 [ 486.962323] kstrdup_const+0x48/0x60 [ 486.966040] __kernfs_new_node+0x2f/0x420 [ 486.970188] kernfs_new_node+0x80/0xf0 [ 486.974073] kernfs_create_link+0x2c/0x170 [ 486.978293] sysfs_do_create_link_sd.isra.0+0x90/0x120 [ 486.983560] sysfs_create_link+0x65/0xc0 [ 486.987605] device_add+0x735/0x1490 [ 486.991312] ? device_private_init+0x190/0x190 [ 486.995898] hci_register_dev+0x2d9/0x810 [ 487.000045] hci_uart_tty_ioctl+0x6a8/0xa20 [ 487.004394] tty_ioctl+0x8f7/0x1320 [ 487.008049] ? hci_uart_tty_poll+0x10/0x10 [ 487.012273] ? tty_vhangup+0x30/0x30 [ 487.015986] ? __might_sleep+0x93/0xb0 [ 487.019852] ? __fget+0x210/0x370 [ 487.023290] ? tty_vhangup+0x30/0x30 [ 487.026985] do_vfs_ioctl+0x7ae/0x1060 [ 487.030856] ? selinux_file_mprotect+0x5d0/0x5d0 [ 487.035593] ? lock_downgrade+0x740/0x740 21:36:42 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) [ 487.039722] ? ioctl_preallocate+0x1c0/0x1c0 [ 487.044152] ? __fget+0x237/0x370 [ 487.047588] ? security_file_ioctl+0x89/0xb0 [ 487.051990] SyS_ioctl+0x8f/0xc0 [ 487.055360] ? do_vfs_ioctl+0x1060/0x1060 [ 487.059508] do_syscall_64+0x1e8/0x640 [ 487.063393] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 487.068232] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 487.073399] RIP: 0033:0x45a219 [ 487.076566] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 21:36:42 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x201, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x1000, 0x40000) openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/attr/current\x00', 0x2, 0x0) ioctl$DRM_IOCTL_AGP_ENABLE(r1, 0x40086432, &(0x7f00000000c0)=0x8c) syz_emit_ethernet(0x32, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaa2aff0f360081000f00080045f4001c0800000000a88f783b96a7a7f19c1ad12eb3b426000890788d3305c407b9f7adcd70a7be9c86696ae095449be2f7a8ccfed55e362ad77611764ebbb5f557c8caa8fc6fd41e160764db1a0098563fcc0dbbcfc6427d2c45267b8a82d7984761b885b328f777e3ed3c7f371bac092175706d9c1a2c7b9ec5f7af9a04ef652e0402983d85a25e580e1c0cf5fb048f6801047280311ad6d66632e5804f91de8a9a6b411f80b3258e4538aa2cdff99fa813d48c220fd3edb43d3e0e07cf3273caa21182"], 0x0) [ 487.084254] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 487.091504] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 487.098782] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 487.106049] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 487.113309] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 487.127296] Bluetooth: Can't register HCI device 21:36:42 executing program 2: socket$packet(0x11, 0x3, 0x300) pipe(&(0x7f0000000180)={0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x46, 0x8, 0x8, 0x0, 0x3, 0xa72, 0x80000001}, 0x7) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x800, 0x0) setsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000080)=0x7, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:36:42 executing program 3: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, 0x0) 21:36:42 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:42 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa810000007f000001e000000100004e2600089078"], 0x0) 21:36:42 executing program 5 (fault-call:2 fault-nth:22): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 487.279555] audit: type=1326 audit(1573249002.542:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12137 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 487.316957] FAULT_INJECTION: forcing a failure. [ 487.316957] name failslab, interval 1, probability 0, space 0, times 0 [ 487.330736] CPU: 0 PID: 12150 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 487.337766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 487.347105] Call Trace: [ 487.349673] dump_stack+0x138/0x197 [ 487.353300] should_fail.cold+0x10f/0x159 [ 487.357456] should_failslab+0xdb/0x130 [ 487.361412] __kmalloc_track_caller+0x2ec/0x790 [ 487.366063] ? save_trace+0x290/0x290 [ 487.369855] ? __mutex_unlock_slowpath+0x71/0x800 [ 487.374696] ? __lock_is_held+0xb6/0x140 [ 487.378757] ? kstrdup_const+0x48/0x60 [ 487.382657] kstrdup+0x3a/0x70 [ 487.385843] kstrdup_const+0x48/0x60 [ 487.389551] __kernfs_new_node+0x2f/0x420 [ 487.393689] kernfs_new_node+0x80/0xf0 [ 487.397567] kernfs_create_link+0x2c/0x170 [ 487.401781] sysfs_do_create_link_sd.isra.0+0x90/0x120 [ 487.407038] sysfs_create_link+0x65/0xc0 [ 487.411090] device_add+0x735/0x1490 [ 487.414794] ? device_private_init+0x190/0x190 [ 487.419371] hci_register_dev+0x2d9/0x810 [ 487.423525] hci_uart_tty_ioctl+0x6a8/0xa20 [ 487.427833] tty_ioctl+0x8f7/0x1320 [ 487.431459] ? hci_uart_tty_poll+0x10/0x10 [ 487.435685] ? tty_vhangup+0x30/0x30 [ 487.439382] ? __might_sleep+0x93/0xb0 [ 487.443250] ? __fget+0x210/0x370 [ 487.446687] ? tty_vhangup+0x30/0x30 [ 487.450390] do_vfs_ioctl+0x7ae/0x1060 [ 487.454280] ? selinux_file_mprotect+0x5d0/0x5d0 [ 487.459018] ? lock_downgrade+0x740/0x740 [ 487.463151] ? ioctl_preallocate+0x1c0/0x1c0 [ 487.467560] ? __fget+0x237/0x370 [ 487.471006] ? security_file_ioctl+0x89/0xb0 [ 487.475420] SyS_ioctl+0x8f/0xc0 [ 487.478773] ? do_vfs_ioctl+0x1060/0x1060 [ 487.482905] do_syscall_64+0x1e8/0x640 [ 487.486779] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 487.491627] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 487.496803] RIP: 0033:0x45a219 [ 487.499973] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 487.507659] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 487.514912] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 487.522266] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 21:36:42 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000080), &(0x7f0000000100)=0x68) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a910036008104020400000000000000ef00e00000019698ad09adfdda63"], 0x0) 21:36:42 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(0x0, 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 487.529515] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 487.536763] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 487.546600] Bluetooth: Can't register HCI device 21:36:42 executing program 5 (fault-call:2 fault-nth:23): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:36:42 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000004540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@enum, @volatile={0x0, 0x0, 0x0, 0x4}, @struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{0x0, 0x2}]}]}}, &(0x7f0000004600)=""/210, 0x4a, 0x33b, 0x1}, 0x20) [ 487.670119] protocol 88fb is buggy, dev hsr_slave_0 [ 487.675385] protocol 88fb is buggy, dev hsr_slave_1 [ 487.680582] protocol 88fb is buggy, dev hsr_slave_0 [ 487.684022] FAULT_INJECTION: forcing a failure. [ 487.684022] name failslab, interval 1, probability 0, space 0, times 0 [ 487.685682] protocol 88fb is buggy, dev hsr_slave_1 [ 487.697694] CPU: 1 PID: 12176 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 487.708859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 487.718213] Call Trace: [ 487.720805] dump_stack+0x138/0x197 [ 487.724440] should_fail.cold+0x10f/0x159 [ 487.728583] should_failslab+0xdb/0x130 [ 487.732545] kmem_cache_alloc+0x2d7/0x780 [ 487.736683] ? kernfs_find_and_get_ns+0x4b/0x60 [ 487.741344] __kernfs_new_node+0x70/0x420 [ 487.745471] ? lock_downgrade+0x740/0x740 [ 487.749600] kernfs_new_node+0x80/0xf0 [ 487.753470] __kernfs_create_file+0x46/0x323 [ 487.757864] sysfs_add_file_mode_ns+0x1e4/0x450 [ 487.762528] sysfs_add_file+0x4f/0x60 [ 487.766307] sysfs_merge_group+0xe2/0x210 [ 487.770443] dpm_sysfs_add+0x121/0x1b0 [ 487.774317] device_add+0x968/0x1490 [ 487.778023] ? device_private_init+0x190/0x190 [ 487.782590] hci_register_dev+0x2d9/0x810 [ 487.786722] hci_uart_tty_ioctl+0x6a8/0xa20 [ 487.791026] tty_ioctl+0x8f7/0x1320 [ 487.794633] ? hci_uart_tty_poll+0x10/0x10 [ 487.798848] ? tty_vhangup+0x30/0x30 [ 487.802544] ? __might_sleep+0x93/0xb0 [ 487.806419] ? __fget+0x210/0x370 [ 487.809857] ? tty_vhangup+0x30/0x30 [ 487.813551] do_vfs_ioctl+0x7ae/0x1060 [ 487.817460] ? selinux_file_mprotect+0x5d0/0x5d0 [ 487.822225] ? lock_downgrade+0x740/0x740 [ 487.826364] ? ioctl_preallocate+0x1c0/0x1c0 [ 487.830756] ? __fget+0x237/0x370 [ 487.834204] ? security_file_ioctl+0x89/0xb0 [ 487.838651] SyS_ioctl+0x8f/0xc0 [ 487.842016] ? do_vfs_ioctl+0x1060/0x1060 [ 487.846157] do_syscall_64+0x1e8/0x640 [ 487.850027] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 487.854861] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 487.860039] RIP: 0033:0x45a219 [ 487.863228] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 21:36:43 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 487.870917] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 487.878170] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 487.885417] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 487.892668] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 487.899917] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 487.916994] protocol 88fb is buggy, dev hsr_slave_0 [ 487.918310] Bluetooth: Can't register HCI device [ 487.922106] protocol 88fb is buggy, dev hsr_slave_1 [ 487.922166] protocol 88fb is buggy, dev hsr_slave_0 [ 487.931932] protocol 88fb is buggy, dev hsr_slave_1 21:36:43 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:36:43 executing program 0: openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/attr/current\x00', 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x2) ioctl$VIDIOC_G_EDID(r1, 0xc0285628, &(0x7f0000000140)={0x0, 0x80, 0x3, [], &(0x7f0000000100)=0x7a}) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:36:43 executing program 2: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) accept4$alg(r0, 0x0, 0x0, 0x800) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:36:43 executing program 5 (fault-call:2 fault-nth:24): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:36:43 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:43 executing program 3: open(&(0x7f0000000100)='./file0\x00', 0x204c2, 0x0) mount(&(0x7f0000000280)=ANY=[@ANYBLOB='./file0'], &(0x7f0000000180)='./file0\x00', 0x0, 0x1001004, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x104026, &(0x7f00000001c0)={[{@usrjquota='usrjquota=', 0xa}], [{@euid_gt={'euid>', 0xffffffffffffffff}}]}) [ 488.086936] audit: type=1326 audit(1573249003.352:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12188 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 488.114293] FAULT_INJECTION: forcing a failure. [ 488.114293] name failslab, interval 1, probability 0, space 0, times 0 [ 488.135673] CPU: 1 PID: 12197 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 488.142800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 488.152146] Call Trace: [ 488.154726] dump_stack+0x138/0x197 [ 488.158358] should_fail.cold+0x10f/0x159 [ 488.158378] should_failslab+0xdb/0x130 [ 488.166474] kmem_cache_alloc+0x2d7/0x780 [ 488.166489] ? kernfs_find_and_get_ns+0x4b/0x60 [ 488.166504] __kernfs_new_node+0x70/0x420 [ 488.166516] ? lock_downgrade+0x740/0x740 [ 488.183588] kernfs_new_node+0x80/0xf0 21:36:43 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x60503, 0x0) ioctl$KVM_SET_XCRS(r1, 0x4188aea7, &(0x7f00000000c0)={0x4, 0x70a38184, [{0x81, 0x0, 0x3}, {0x10000}, {0x5, 0x0, 0x5}, {0x3, 0x0, 0x7}]}) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:36:43 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, 0x0, &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 488.187477] __kernfs_create_file+0x46/0x323 [ 488.191900] sysfs_add_file_mode_ns+0x1e4/0x450 [ 488.196566] sysfs_add_file+0x4f/0x60 [ 488.200369] sysfs_merge_group+0xe2/0x210 [ 488.204522] dpm_sysfs_add+0x121/0x1b0 [ 488.208417] device_add+0x968/0x1490 [ 488.212131] ? device_private_init+0x190/0x190 [ 488.216707] hci_register_dev+0x2d9/0x810 [ 488.216723] hci_uart_tty_ioctl+0x6a8/0xa20 [ 488.225166] tty_ioctl+0x8f7/0x1320 [ 488.228790] ? hci_uart_tty_poll+0x10/0x10 [ 488.233024] ? tty_vhangup+0x30/0x30 21:36:43 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 488.236749] ? __might_sleep+0x93/0xb0 [ 488.240640] ? __fget+0x210/0x370 [ 488.244099] ? tty_vhangup+0x30/0x30 [ 488.247813] do_vfs_ioctl+0x7ae/0x1060 [ 488.251698] ? selinux_file_mprotect+0x5d0/0x5d0 [ 488.256454] ? lock_downgrade+0x740/0x740 [ 488.260596] ? ioctl_preallocate+0x1c0/0x1c0 [ 488.265000] ? __fget+0x237/0x370 [ 488.268461] ? security_file_ioctl+0x89/0xb0 [ 488.272875] SyS_ioctl+0x8f/0xc0 [ 488.276262] ? do_vfs_ioctl+0x1060/0x1060 [ 488.280410] do_syscall_64+0x1e8/0x640 21:36:43 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:43 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 488.284466] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 488.289316] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 488.294500] RIP: 0033:0x45a219 [ 488.297685] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 488.305392] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 488.312658] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 488.319924] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 488.327186] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 21:36:43 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0xc018aec0, &(0x7f00000000c0)={r2, 0x0, 0x2}) [ 488.334495] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 488.357164] Bluetooth: Can't register HCI device 21:36:44 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) 21:36:44 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:36:44 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x7de1688e4de2a41c, 0x0) write$selinux_validatetrans(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="733e68d90dc007cbc16b52797374656d3a6f626a65635f636f6e746578745f743a73302073797374656d5f753a6f626a6563745f65766963655f743a7330203030303030303030303030303030303332373637202f7573722f7362696e2f6375707364000000000000000000"], 0x6c) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000001800)='/dev/null\x00', 0x41, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000001840)=[@in6={0xa, 0x4e20, 0x3000000, @rand_addr="41d1be31d39ce3548d78ebe63d75dff4"}], 0x1c) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req={0xffffffff, 0x7f, 0x4, 0x4}, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') getpeername$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) 21:36:44 executing program 5 (fault-call:2 fault-nth:25): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:36:44 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:44 executing program 3: ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0xfffffffffffffaf2) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000300)={0x2, &(0x7f00000002c0)=[{0x1d, 0x1, 0xff, 0x2}, {0x7f, 0x0, 0x0, 0x1000}]}) preadv(0xffffffffffffffff, &(0x7f0000000200)=[{0x0}], 0x1, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x91d3, 0x0, @perf_config_ext={0xa23e, 0x9}, 0x200020000, 0x2, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x10) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) creat(&(0x7f0000000100)='./bus\x00', 0x0) 21:36:44 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x804, 0x40844}, [@IFLA_LINKINFO={0x18, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0xc, 0x2, [@IFLA_VTI_LOCAL={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}]}}}]}, 0x38}}, 0x0) sendmsg(r3, &(0x7f00000004c0)={&(0x7f00000002c0)=@in6={0xa, 0x4e23, 0x7, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x2}, 0x80, &(0x7f0000000140)=[{&(0x7f00000000c0)="8cfc4d1f761c20321d173ed307eedce4650d1cb0657943703ea20565995f2dacafc74e4a66931969f5d3402dc87fc6cfa3ea0e71571edfd3948c401380e11f", 0x3f}, {&(0x7f0000000580)="35bf85eeaed14169f7c2fb8758cf65a385c204203edcff025346e1568de489b28a9dc1b87fe940306964dc95fc9b75f12650e8be4b3ac0d3a593fd72cb74a1a8995580451d2c63714ad2b6e6f9368388dc27246ed8f6612eba8f0439643468ae3b63655606e1ee66bc52b325095077d3345ecf365bc8e399400be795070cb29e59940ebacb2ef930fdb18f8a6954c7ce9b322cad5694438b7e8e4d36b328b4ad41eab23e4c1ca902022a103364de4856013e55b12cc4bb853874c1d1e8323efe023f757b163818099919829c627ff9b5eb53354b760b8671b7a3df563993ff6351e60885", 0xfd71}], 0x2, &(0x7f0000000480)=[{0x40, 0x10d, 0x7a58, "1e34a192e251f09d911906c6e250ceed617533a6a982b7b2ad07529c2d316221077951883cb21136b81bbe6c9fb8"}], 0x40}, 0x2020890) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="3800000010000d040000000003ac000000000000b09b0082ae32bda00e78a32d9bf202e22306468499ca62e4abf91873240a1b1a5907a50fcc2c80717c955c51ca2db64805f32e87f684a24907", @ANYRES32=r4, @ANYBLOB="00000000000000001800120008000100767469000c00020008000400", @ANYRES32=r4], 0x38}}, 0x0) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000080)={0x1d, r4}, 0x10) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_emit_ethernet(0x32, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaa2a9100360081000000080045f4001c00000000000090787f000001e000000100004e2600089078"], 0x0) [ 488.933212] overlayfs: missing 'lowerdir' [ 488.944258] FAULT_INJECTION: forcing a failure. [ 488.944258] name failslab, interval 1, probability 0, space 0, times 0 [ 488.956678] CPU: 0 PID: 12232 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 488.963706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 488.973048] Call Trace: [ 488.975625] dump_stack+0x138/0x197 [ 488.979240] should_fail.cold+0x10f/0x159 [ 488.983375] should_failslab+0xdb/0x130 [ 488.987332] kmem_cache_alloc+0x2d7/0x780 [ 488.991465] ? kernfs_find_and_get_ns+0x4b/0x60 [ 488.996120] __kernfs_new_node+0x70/0x420 [ 489.000262] ? lock_downgrade+0x740/0x740 [ 489.004395] kernfs_new_node+0x80/0xf0 [ 489.008265] __kernfs_create_file+0x46/0x323 [ 489.012661] sysfs_add_file_mode_ns+0x1e4/0x450 [ 489.017315] sysfs_add_file+0x4f/0x60 [ 489.021098] sysfs_merge_group+0xe2/0x210 [ 489.025233] dpm_sysfs_add+0x121/0x1b0 [ 489.029104] device_add+0x968/0x1490 [ 489.032804] ? device_private_init+0x190/0x190 [ 489.037370] hci_register_dev+0x2d9/0x810 [ 489.041503] hci_uart_tty_ioctl+0x6a8/0xa20 [ 489.045808] tty_ioctl+0x8f7/0x1320 [ 489.049414] ? hci_uart_tty_poll+0x10/0x10 [ 489.053629] ? tty_vhangup+0x30/0x30 [ 489.057330] ? __might_sleep+0x93/0xb0 [ 489.061209] ? __fget+0x210/0x370 [ 489.064657] ? tty_vhangup+0x30/0x30 [ 489.068351] do_vfs_ioctl+0x7ae/0x1060 [ 489.072220] ? selinux_file_mprotect+0x5d0/0x5d0 [ 489.076967] ? lock_downgrade+0x740/0x740 [ 489.081095] ? ioctl_preallocate+0x1c0/0x1c0 [ 489.085501] ? __fget+0x237/0x370 [ 489.088943] ? security_file_ioctl+0x89/0xb0 [ 489.093343] SyS_ioctl+0x8f/0xc0 [ 489.096692] ? do_vfs_ioctl+0x1060/0x1060 [ 489.100821] do_syscall_64+0x1e8/0x640 [ 489.104686] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 489.111280] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 489.116466] RIP: 0033:0x45a219 [ 489.119640] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 489.127342] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 489.134594] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 489.141852] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 489.149106] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 489.156357] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 21:36:44 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:44 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/enforce\x00', 0x4000, 0x0) ioctl$FIBMAP(r0, 0x1, &(0x7f00000000c0)=0x5e83) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0x2, 0x0) ioctl$VIDIOC_S_OUTPUT(r2, 0xc004562f, &(0x7f0000000140)=0x1) [ 489.167922] audit: type=1326 audit(1573249004.432:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12231 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 21:36:44 executing program 3: syz_open_dev$sndseq(&(0x7f0000000340)='/dev/snd/seq\x00', 0x0, 0x4001) [ 489.237181] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 489.265016] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 489.279395] overlayfs: missing 'lowerdir' [ 489.295967] Bluetooth: Can't register HCI device 21:36:44 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:44 executing program 3: openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='/group.stat\x00', 0x2761, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 21:36:44 executing program 5 (fault-call:2 fault-nth:26): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 489.416316] overlayfs: missing 'lowerdir' [ 489.437513] FAULT_INJECTION: forcing a failure. [ 489.437513] name failslab, interval 1, probability 0, space 0, times 0 [ 489.457574] CPU: 0 PID: 12269 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 489.464607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 489.464613] Call Trace: [ 489.464630] dump_stack+0x138/0x197 [ 489.464648] should_fail.cold+0x10f/0x159 [ 489.464663] should_failslab+0xdb/0x130 [ 489.480204] kmem_cache_alloc+0x2d7/0x780 [ 489.480217] ? wait_for_completion+0x420/0x420 [ 489.480234] __kernfs_new_node+0x70/0x420 [ 489.480246] kernfs_new_node+0x80/0xf0 [ 489.480257] __kernfs_create_file+0x46/0x323 [ 489.509415] sysfs_add_file_mode_ns+0x1e4/0x450 [ 489.514112] sysfs_add_file+0x4f/0x60 [ 489.517894] sysfs_merge_group+0xe2/0x210 [ 489.522026] dpm_sysfs_add+0x121/0x1b0 [ 489.525895] device_add+0x968/0x1490 [ 489.529594] ? device_private_init+0x190/0x190 [ 489.534161] hci_register_dev+0x2d9/0x810 [ 489.538296] hci_uart_tty_ioctl+0x6a8/0xa20 [ 489.542600] tty_ioctl+0x8f7/0x1320 [ 489.546206] ? hci_uart_tty_poll+0x10/0x10 [ 489.550422] ? tty_vhangup+0x30/0x30 [ 489.554122] ? __might_sleep+0x93/0xb0 [ 489.557986] ? __fget+0x210/0x370 [ 489.561468] ? tty_vhangup+0x30/0x30 [ 489.565162] do_vfs_ioctl+0x7ae/0x1060 [ 489.569037] ? selinux_file_mprotect+0x5d0/0x5d0 [ 489.573770] ? lock_downgrade+0x740/0x740 [ 489.577898] ? ioctl_preallocate+0x1c0/0x1c0 [ 489.582288] ? __fget+0x237/0x370 [ 489.585721] ? security_file_ioctl+0x89/0xb0 [ 489.590109] SyS_ioctl+0x8f/0xc0 [ 489.593454] ? do_vfs_ioctl+0x1060/0x1060 [ 489.597625] do_syscall_64+0x1e8/0x640 [ 489.601491] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 489.606316] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 489.611483] RIP: 0033:0x45a219 [ 489.614662] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 489.622347] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 489.629600] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 489.636853] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 489.644102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 489.651393] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 489.660560] Bluetooth: Can't register HCI device 21:36:45 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:36:45 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x1a, 0x7, 0x8000, 0xd87e, 0xa7d8, 0x0, 0x1f}, 0x109) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:36:45 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) getsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000140), &(0x7f0000000180)=0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) r2 = accept(r0, &(0x7f00000001c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, &(0x7f0000000500)=0xfffffffffffffe57) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) getsockopt$inet6_udp_int(r5, 0x11, 0xe3b5f81ac69733a3, &(0x7f0000000540), &(0x7f0000000580)=0x4) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r7 = socket(0x1, 0x803, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r8, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') sendmsg$TIPC_CMD_SET_NODE_ADDR(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r10, 0xa4bdb202fe60f94f, 0x0, 0x0, {{}, 0x0, 0x8001, 0x0, {0x8}}}, 0x24}}, 0x0) sendmsg$TIPC_CMD_SET_LINK_TOL(r8, &(0x7f00000004c0)={&(0x7f00000003c0), 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x68, r10, 0x0, 0x70bd2b, 0x25dfdbff, {{}, 0x0, 0x4107, 0x0, {0x4c, 0x18, {0x8001, @link='syz1\x00'}}}, [""]}, 0x68}, 0x1, 0x0, 0x0, 0x20}, 0x4000000) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) accept(r2, &(0x7f00000002c0)=@can, &(0x7f0000000380)=0x80) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x93, &(0x7f0000000240)={&(0x7f0000000340)=@newlink={0x289, 0x10, 0x705, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_LINKINFO={0x18, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0xc, 0x2, [@vti_common_policy=[@IFLA_VTI_IKEY={0x0, 0x2, 0x7}]]}}}]}, 0x38}}, 0x0) bind$packet(r2, &(0x7f0000000280)={0x11, 0xf8, r11, 0x1, 0x9, 0x6, @remote}, 0x14) syz_emit_ethernet(0x32, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaa0b9100360081000000080045f4001c00000000000090787f000001e000000100004ea3d200bca236160a3af45e7b170509db3a7c694385091c3143fa21284a9b08329e199df0c70db2b232904f356e7388fd9fc8c7103bdeec32194df63faa000000000000000000000000000000000000c71a79564c3c2b80525a900c0b766657787078c6964a8c4d60a726c0be92ac23771523026890b12e646f346ff56ef0e6"], 0x0) 21:36:45 executing program 3: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x4, @rand_addr=0xffffffff}, 0x10) ioctl$int_in(0xffffffffffffffff, 0x628c6e00eee43f8f, &(0x7f0000000000)) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee68, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x403662521ed92188}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) creat(&(0x7f0000000000)='./bus\x00', 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000240)='net/ip_tables_names\x00') preadv(r1, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/4, 0x4}], 0x1, 0x0) gettid() socket$inet_udplite(0x2, 0x2, 0x88) setuid(0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000240)='net/ip_tables_names\x00') preadv(r2, &(0x7f00000017c0), 0x3a8, 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000000940)) delete_module(&(0x7f0000000140)='-\x00', 0x200) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) getresgid(&(0x7f0000001080), &(0x7f00000010c0), &(0x7f0000001100)) r5 = syz_open_procfs(0x0, &(0x7f0000000240)='net/ip_tables_names\x00') preadv(r5, &(0x7f00000017c0), 0x3a8, 0x0) r6 = syz_open_procfs(0x0, 0x0) preadv(r6, &(0x7f00000017c0), 0x3a8, 0x0) preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x3a8, 0x0) 21:36:45 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:45 executing program 5 (fault-call:2 fault-nth:27): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 489.750122] protocol 88fb is buggy, dev hsr_slave_0 [ 489.755225] protocol 88fb is buggy, dev hsr_slave_1 [ 489.775036] FAULT_INJECTION: forcing a failure. [ 489.775036] name failslab, interval 1, probability 0, space 0, times 0 [ 489.787776] CPU: 1 PID: 12284 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 489.794807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 489.804164] Call Trace: [ 489.806755] dump_stack+0x138/0x197 [ 489.810393] should_fail.cold+0x10f/0x159 [ 489.814556] should_failslab+0xdb/0x130 [ 489.818537] kmem_cache_alloc+0x2d7/0x780 [ 489.822683] ? wait_for_completion+0x420/0x420 [ 489.827272] __kernfs_new_node+0x70/0x420 [ 489.831424] kernfs_new_node+0x80/0xf0 [ 489.835320] __kernfs_create_file+0x46/0x323 [ 489.839733] sysfs_add_file_mode_ns+0x1e4/0x450 [ 489.844406] sysfs_add_file+0x4f/0x60 [ 489.848203] sysfs_merge_group+0xe2/0x210 [ 489.852336] dpm_sysfs_add+0x121/0x1b0 [ 489.856204] device_add+0x968/0x1490 [ 489.859912] ? device_private_init+0x190/0x190 [ 489.864479] hci_register_dev+0x2d9/0x810 [ 489.868614] hci_uart_tty_ioctl+0x6a8/0xa20 [ 489.872915] tty_ioctl+0x8f7/0x1320 [ 489.876522] ? hci_uart_tty_poll+0x10/0x10 [ 489.880736] ? tty_vhangup+0x30/0x30 [ 489.884437] ? __might_sleep+0x93/0xb0 [ 489.888302] ? __fget+0x210/0x370 [ 489.891742] ? tty_vhangup+0x30/0x30 [ 489.895444] do_vfs_ioctl+0x7ae/0x1060 [ 489.899313] ? selinux_file_mprotect+0x5d0/0x5d0 [ 489.904047] ? lock_downgrade+0x740/0x740 [ 489.908177] ? ioctl_preallocate+0x1c0/0x1c0 [ 489.912566] ? __fget+0x237/0x370 [ 489.916004] ? security_file_ioctl+0x89/0xb0 [ 489.920393] SyS_ioctl+0x8f/0xc0 [ 489.923740] ? do_vfs_ioctl+0x1060/0x1060 [ 489.927872] do_syscall_64+0x1e8/0x640 [ 489.931740] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 489.936564] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 489.941749] RIP: 0033:0x45a219 [ 489.944923] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 489.952617] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 489.959869] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 489.967208] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 489.974458] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 489.981708] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 21:36:45 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) ioctl$SCSI_IOCTL_GET_IDLUN(r1, 0x5382, &(0x7f0000000080)) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) ioctl$VIDIOC_S_FREQUENCY(r1, 0x402c5639, &(0x7f00000001c0)={0x3, 0x1, 0xa2de}) write(r3, &(0x7f0000000340), 0x41395527) ioctl$VIDIOC_QUERY_EXT_CTRL(r3, 0xc0e85667, &(0x7f00000000c0)={0x0, 0x100, "dc316ab674782ca17bb46c015d5fd9e57a62aaea3824ca646dd61b8cf0bcbc9e", 0xfffffffffffeffff, 0x2, 0x7, 0x9, 0x3, 0x9, 0x0, 0x2, [0x101, 0x101, 0x40, 0xffffffff]}) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 490.005527] audit: type=1326 audit(1573249005.272:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12283 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 490.032939] overlayfs: missing 'lowerdir' 21:36:45 executing program 3: socket$inet(0x2, 0x0, 0x0) clock_nanosleep(0x0, 0x0, 0x0, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) close(0xffffffffffffffff) execve(0x0, 0x0, 0x0) openat$random(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/urandom\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getrandom(&(0x7f0000000180)=""/40, 0x9db3ff6336c4215d, 0x2) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000280)=0x1f) r0 = socket(0x0, 0x1, 0x0) listen(r0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000009ff4)) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000007ffc), 0x2f5) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newlink={0x88, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0x32a}, [@IFLA_LINKINFO={0x68, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0x5c, 0x2, [@IFLA_VTI_LOCAL={0x8, 0x4, @multicast1}, @vti_common_policy=[@IFLA_VTI_OKEY={0x8, 0x3, 0x6}], @IFLA_VTI_LOCAL={0x8, 0x4, @empty}, @IFLA_VTI_LOCAL={0x8, 0x4, @multicast1}, @vti_common_policy=[@IFLA_VTI_FWMARK={0x8, 0x6, 0x9}], @vti_common_policy=[@IFLA_VTI_OKEY={0x8, 0x3, 0x6}, @IFLA_VTI_OKEY={0x8, 0x3, 0x3}, @IFLA_VTI_FWMARK={0x8, 0x6, 0x1}, @IFLA_VTI_IKEY={0x8}, @IFLA_VTI_LINK={0x8, 0x1, r3}], @IFLA_VTI_REMOTE={0x8, 0x5, @remote}]}}}]}, 0x88}}, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e1f, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000700)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x8600, 0x0) 21:36:45 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:45 executing program 5 (fault-call:2 fault-nth:28): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) [ 490.064843] audit: type=1326 audit(1573249005.312:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12283 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 490.093190] Bluetooth: Can't register HCI device [ 490.158725] FAULT_INJECTION: forcing a failure. [ 490.158725] name failslab, interval 1, probability 0, space 0, times 0 [ 490.175972] CPU: 0 PID: 12305 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 490.176056] overlayfs: missing 'lowerdir' [ 490.183001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 490.183006] Call Trace: [ 490.183025] dump_stack+0x138/0x197 [ 490.183043] should_fail.cold+0x10f/0x159 21:36:45 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 490.183061] should_failslab+0xdb/0x130 [ 490.183075] kmem_cache_alloc+0x2d7/0x780 [ 490.183085] ? wait_for_completion+0x420/0x420 [ 490.183102] __kernfs_new_node+0x70/0x420 [ 490.183115] kernfs_new_node+0x80/0xf0 [ 490.183126] __kernfs_create_file+0x46/0x323 [ 490.183138] sysfs_add_file_mode_ns+0x1e4/0x450 [ 490.183151] sysfs_add_file+0x4f/0x60 [ 490.183163] sysfs_merge_group+0xe2/0x210 [ 490.244578] dpm_sysfs_add+0x121/0x1b0 [ 490.248447] device_add+0x968/0x1490 [ 490.252154] ? device_private_init+0x190/0x190 [ 490.256728] hci_register_dev+0x2d9/0x810 [ 490.260866] hci_uart_tty_ioctl+0x6a8/0xa20 [ 490.265169] tty_ioctl+0x8f7/0x1320 [ 490.268781] ? hci_uart_tty_poll+0x10/0x10 [ 490.273025] ? tty_vhangup+0x30/0x30 [ 490.276755] ? __might_sleep+0x93/0xb0 [ 490.280644] ? __fget+0x210/0x370 [ 490.284112] ? tty_vhangup+0x30/0x30 [ 490.287853] do_vfs_ioctl+0x7ae/0x1060 [ 490.291721] ? selinux_file_mprotect+0x5d0/0x5d0 [ 490.296482] ? lock_downgrade+0x740/0x740 [ 490.300611] ? ioctl_preallocate+0x1c0/0x1c0 [ 490.305020] ? __fget+0x237/0x370 [ 490.308467] ? security_file_ioctl+0x89/0xb0 [ 490.312855] SyS_ioctl+0x8f/0xc0 [ 490.316200] ? do_vfs_ioctl+0x1060/0x1060 [ 490.320340] do_syscall_64+0x1e8/0x640 [ 490.324232] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 490.329080] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 490.334268] RIP: 0033:0x45a219 [ 490.337452] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 490.345160] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 490.352429] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 21:36:45 executing program 3: socket$inet(0x2, 0x0, 0x0) clock_nanosleep(0x0, 0x0, 0x0, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) close(0xffffffffffffffff) execve(0x0, 0x0, 0x0) openat$random(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/urandom\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getrandom(&(0x7f0000000180)=""/40, 0x9db3ff6336c4215d, 0x2) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000280)=0x1f) r0 = socket(0x0, 0x1, 0x0) listen(r0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000009ff4)) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000007ffc), 0x2f5) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newlink={0x88, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0x32a}, [@IFLA_LINKINFO={0x68, 0x12, @vti={{0x8, 0x1, 'vti\x00'}, {0x5c, 0x2, [@IFLA_VTI_LOCAL={0x8, 0x4, @multicast1}, @vti_common_policy=[@IFLA_VTI_OKEY={0x8, 0x3, 0x6}], @IFLA_VTI_LOCAL={0x8, 0x4, @empty}, @IFLA_VTI_LOCAL={0x8, 0x4, @multicast1}, @vti_common_policy=[@IFLA_VTI_FWMARK={0x8, 0x6, 0x9}], @vti_common_policy=[@IFLA_VTI_OKEY={0x8, 0x3, 0x6}, @IFLA_VTI_OKEY={0x8, 0x3, 0x3}, @IFLA_VTI_FWMARK={0x8, 0x6, 0x1}, @IFLA_VTI_IKEY={0x8}, @IFLA_VTI_LINK={0x8, 0x1, r3}], @IFLA_VTI_REMOTE={0x8, 0x5, @remote}]}}}]}, 0x88}}, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e1f, @multicast1}, 0x10) connect$inet(0xffffffffffffffff, &(0x7f0000000700)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x8600, 0x0) [ 490.359692] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 490.367041] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 490.374290] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 490.385482] Bluetooth: Can't register HCI device [ 490.436400] overlayfs: missing 'lowerdir' 21:36:45 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:36:45 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:45 executing program 3: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fchdir(0xffffffffffffffff) r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000100)={'syz'}, 0x0, 0x0, 0xfffffffffffffffb) add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, r0) keyctl$revoke(0x3, r0) 21:36:45 executing program 5 (fault-call:2 fault-nth:29): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:36:45 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f00000000c0)={@dev}, 0x20) 21:36:45 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 490.624315] FAULT_INJECTION: forcing a failure. [ 490.624315] name failslab, interval 1, probability 0, space 0, times 0 [ 490.636517] CPU: 1 PID: 12336 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 490.643559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 490.652905] Call Trace: [ 490.655486] dump_stack+0x138/0x197 [ 490.659104] should_fail.cold+0x10f/0x159 [ 490.663241] should_failslab+0xdb/0x130 [ 490.667200] kmem_cache_alloc+0x2d7/0x780 [ 490.671337] ? wait_for_completion+0x420/0x420 [ 490.675908] __kernfs_new_node+0x70/0x420 [ 490.680044] kernfs_new_node+0x80/0xf0 [ 490.683919] __kernfs_create_file+0x46/0x323 [ 490.688311] sysfs_add_file_mode_ns+0x1e4/0x450 [ 490.692965] sysfs_add_file+0x4f/0x60 [ 490.696746] sysfs_merge_group+0xe2/0x210 [ 490.700880] dpm_sysfs_add+0x121/0x1b0 [ 490.704750] device_add+0x968/0x1490 [ 490.708447] ? device_private_init+0x190/0x190 [ 490.713017] hci_register_dev+0x2d9/0x810 [ 490.717149] hci_uart_tty_ioctl+0x6a8/0xa20 [ 490.721459] tty_ioctl+0x8f7/0x1320 [ 490.725084] ? hci_uart_tty_poll+0x10/0x10 [ 490.729309] ? tty_vhangup+0x30/0x30 [ 490.733027] ? __might_sleep+0x93/0xb0 [ 490.736899] ? __fget+0x210/0x370 [ 490.740339] ? tty_vhangup+0x30/0x30 [ 490.744039] do_vfs_ioctl+0x7ae/0x1060 [ 490.747916] ? selinux_file_mprotect+0x5d0/0x5d0 [ 490.752656] ? lock_downgrade+0x740/0x740 [ 490.756789] ? ioctl_preallocate+0x1c0/0x1c0 [ 490.761195] ? __fget+0x237/0x370 [ 490.764640] ? security_file_ioctl+0x89/0xb0 [ 490.769033] SyS_ioctl+0x8f/0xc0 [ 490.772384] ? do_vfs_ioctl+0x1060/0x1060 [ 490.776517] do_syscall_64+0x1e8/0x640 [ 490.780387] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 490.785217] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 490.790404] RIP: 0033:0x45a219 [ 490.793577] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 490.801268] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 490.808531] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 490.815788] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 490.823050] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 490.830311] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 490.845745] audit: type=1326 audit(1573249006.112:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12335 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 490.876722] overlayfs: missing 'lowerdir' 21:36:46 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) restart_syscall() setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$FUSE_LSEEK(r1, &(0x7f0000000080)={0x18, 0x0, 0x6, {0x2}}, 0x18) 21:36:46 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) [ 490.901259] Bluetooth: Can't register HCI device 21:36:46 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:46 executing program 5 (fault-call:2 fault-nth:30): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:36:46 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) [ 491.014206] FAULT_INJECTION: forcing a failure. [ 491.014206] name failslab, interval 1, probability 0, space 0, times 0 [ 491.033744] overlayfs: missing 'lowerdir' [ 491.047809] CPU: 0 PID: 12357 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 491.054858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 491.064338] Call Trace: [ 491.066910] dump_stack+0x138/0x197 [ 491.070539] should_fail.cold+0x10f/0x159 [ 491.074682] should_failslab+0xdb/0x130 [ 491.078640] kmem_cache_alloc_node+0x287/0x780 [ 491.083208] __alloc_skb+0x9c/0x500 [ 491.086871] ? skb_scrub_packet+0x4b0/0x4b0 [ 491.091175] ? netlink_has_listeners+0x20a/0x330 [ 491.095929] kobject_uevent_env+0x781/0xc23 [ 491.100241] kobject_uevent+0x20/0x26 [ 491.104026] device_add+0xa3e/0x1490 [ 491.107722] ? device_private_init+0x190/0x190 [ 491.112284] hci_register_dev+0x2d9/0x810 [ 491.116414] hci_uart_tty_ioctl+0x6a8/0xa20 [ 491.120768] tty_ioctl+0x8f7/0x1320 [ 491.124373] ? hci_uart_tty_poll+0x10/0x10 [ 491.128588] ? tty_vhangup+0x30/0x30 [ 491.132289] ? __might_sleep+0x93/0xb0 [ 491.136163] ? __fget+0x210/0x370 [ 491.139606] ? tty_vhangup+0x30/0x30 [ 491.143349] do_vfs_ioctl+0x7ae/0x1060 [ 491.147224] ? selinux_file_mprotect+0x5d0/0x5d0 [ 491.151964] ? lock_downgrade+0x740/0x740 [ 491.156099] ? ioctl_preallocate+0x1c0/0x1c0 [ 491.160493] ? __fget+0x237/0x370 [ 491.163963] ? security_file_ioctl+0x89/0xb0 [ 491.168370] SyS_ioctl+0x8f/0xc0 [ 491.171717] ? do_vfs_ioctl+0x1060/0x1060 [ 491.175874] do_syscall_64+0x1e8/0x640 [ 491.179744] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 491.184572] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 491.189745] RIP: 0033:0x45a219 [ 491.192913] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 491.200949] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 491.208199] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 21:36:46 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB]) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 491.215448] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 491.222712] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 491.229971] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 491.322355] overlayfs: missing 'lowerdir' 21:36:46 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:36:46 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:36:46 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:46 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:46 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:36:46 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 491.460677] audit: type=1326 audit(1573249006.732:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12373 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 491.490745] overlayfs: unrecognized mount option "lowerdir" or missing value [ 491.562699] overlayfs: unrecognized mount option "lowerdir" or missing value 21:36:47 executing program 0: mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:36:47 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:47 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) setsockopt$packet_int(r1, 0x107, 0x11, &(0x7f0000000080)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x7, 0x674, 0x101, 0x1}, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 491.875268] overlayfs: unrecognized mount option "lowerdir" or missing value [ 493.280077] Bluetooth: hci0 command 0x1003 tx timeout [ 493.285380] Bluetooth: hci0 sending frame failed (-49) [ 495.350178] Bluetooth: hci0 command 0x1001 tx timeout [ 495.355472] Bluetooth: hci0 sending frame failed (-49) [ 497.430100] Bluetooth: hci0 command 0x1009 tx timeout 21:36:56 executing program 5 (fault-call:2 fault-nth:31): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:36:56 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:36:56 executing program 0: mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:36:56 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:36:56 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x8, 0x100000001, 0x2, 0x1, 0x0, 0x3, 0x549}, 0x19) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:36:56 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,wor']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:36:56 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000140)=@req={0x7f, 0x9cb8, 0x3, 0x9}, 0x7bfa649050b3be38) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:36:56 executing program 0: mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:36:56 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,wor']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 501.628389] audit: type=1326 audit(1573249016.892:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12401 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 501.661518] overlayfs: unrecognized mount option "wor" or missing value 21:36:57 executing program 0: creat(0x0, 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) [ 501.753998] FAULT_INJECTION: forcing a failure. [ 501.753998] name failslab, interval 1, probability 0, space 0, times 0 [ 501.772712] overlayfs: unrecognized mount option "wor" or missing value [ 501.789144] CPU: 1 PID: 12413 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 501.796179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 501.805534] Call Trace: [ 501.808124] dump_stack+0x138/0x197 [ 501.811765] should_fail.cold+0x10f/0x159 [ 501.815924] should_failslab+0xdb/0x130 [ 501.819907] __kmalloc+0x2f0/0x7a0 [ 501.823447] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 501.828905] ? kobject_uevent_env+0x378/0xc23 [ 501.833402] ? rcu_read_lock_sched_held+0x110/0x130 [ 501.838425] ? kobject_get_path+0xbb/0x1a0 [ 501.842661] kobject_get_path+0xbb/0x1a0 [ 501.846722] ? devm_device_remove_groups+0x50/0x50 21:36:57 executing program 0: creat(0x0, 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) [ 501.851652] kobject_uevent_env+0x39c/0xc23 [ 501.855977] ? wait_for_completion+0x420/0x420 [ 501.860558] kobject_uevent+0x20/0x26 [ 501.860572] device_add+0xa3e/0x1490 [ 501.860587] ? device_private_init+0x190/0x190 [ 501.860603] hci_register_dev+0x2d9/0x810 [ 501.860620] hci_uart_tty_ioctl+0x6a8/0xa20 [ 501.860634] tty_ioctl+0x8f7/0x1320 [ 501.860642] ? hci_uart_tty_poll+0x10/0x10 [ 501.860652] ? tty_vhangup+0x30/0x30 [ 501.872716] ? __might_sleep+0x93/0xb0 [ 501.872727] ? __fget+0x210/0x370 [ 501.872742] ? tty_vhangup+0x30/0x30 [ 501.872751] do_vfs_ioctl+0x7ae/0x1060 [ 501.872762] ? selinux_file_mprotect+0x5d0/0x5d0 [ 501.872772] ? lock_downgrade+0x740/0x740 [ 501.872783] ? ioctl_preallocate+0x1c0/0x1c0 [ 501.872794] ? __fget+0x237/0x370 [ 501.872809] ? security_file_ioctl+0x89/0xb0 [ 501.872821] SyS_ioctl+0x8f/0xc0 [ 501.932035] ? do_vfs_ioctl+0x1060/0x1060 [ 501.936177] do_syscall_64+0x1e8/0x640 [ 501.940050] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 501.944883] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 501.950053] RIP: 0033:0x45a219 21:36:57 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,wor']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 501.953221] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 501.960913] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 501.968162] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 501.975425] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 501.982679] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 501.989928] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 502.102275] overlayfs: unrecognized mount option "wor" or missing value [ 504.070134] Bluetooth: hci0 command 0x1003 tx timeout [ 504.075426] Bluetooth: hci0 sending frame failed (-49) [ 506.150129] Bluetooth: hci0 command 0x1001 tx timeout [ 506.155427] Bluetooth: hci0 sending frame failed (-49) [ 508.230152] Bluetooth: hci0 command 0x1009 tx timeout 21:37:07 executing program 5 (fault-call:2 fault-nth:32): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:37:07 executing program 0: creat(0x0, 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:37:07 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="9d80d8"}, {&(0x7f00000001c0)="6d4fc6015e1370bb89c0f063302e32f95d948f7aafb4c89a6ef8f69012280ec6020d1e1668ed8d086a9275edfad1afef71627e98657b3d5ba9b9d73f89dc9c5e4f19c9516fd3534a6fba8079dba0895442af787ce2a4601fd3488286dff59dc896c2a2b991325263ac1401c2953f067b5af1300299a938f8bae28a0631e8cba4d4fb2f9643e182d650d7df8ffff64d61a127ef73ef2b584587230b16477cfd8991f03f1105463b10b51f0e300920fe9f69407ff0c20035d4a82748c51ac5d4fad36f89854e74eec6e7c370969402cc833e77838f6a7d841b0441443ddd00"/236, 0xfffffffffffffee0}, {&(0x7f00000002c0)="771c22147bece8fd00984f17690c4e310c485b4ed67179ae864dcf6e08176f58b131e88679cc3ae9573eaf493438159a74086c507bd69cd6d74692ddda27dbaff862c923ba74f13e6570a6e9759d38519c1ea4bd5a014a97b073bd1558f2de58ea450e407da028377a29156e5ecb2af2f8d9d5273fb96bf39488484b135022c6604a210f1556ba21a7307382d59ff700602da2e92a999498928f0151cb351e5cd0778cdd8d0af3a4a8cb00ded07fa547"}], 0x1, 0x0) getpeername$llc(r1, &(0x7f0000000140)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f00000000c0)=0x10) ioctl$VT_OPENQRY(0xffffffffffffffff, 0x5600, &(0x7f0000000100)) 21:37:07 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=.']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:37:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:37:07 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:37:07 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(0x0, &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:37:07 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000080)=0x139a, 0x4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 512.526277] overlayfs: workdir and upperdir must be separate subtrees [ 512.550851] FAULT_INJECTION: forcing a failure. [ 512.550851] name failslab, interval 1, probability 0, space 0, times 0 21:37:07 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=.']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 512.582648] audit: type=1326 audit(1573249027.852:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12441 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 512.598760] CPU: 1 PID: 12450 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 512.613802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 512.623156] Call Trace: [ 512.625749] dump_stack+0x138/0x197 [ 512.629387] should_fail.cold+0x10f/0x159 [ 512.633544] should_failslab+0xdb/0x130 [ 512.637521] kmem_cache_alloc_node_trace+0x280/0x770 [ 512.642621] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 512.642638] __kmalloc_node_track_caller+0x3d/0x80 [ 512.642654] __kmalloc_reserve.isra.0+0x40/0xe0 [ 512.642665] __alloc_skb+0xcf/0x500 [ 512.642674] ? skb_scrub_packet+0x4b0/0x4b0 [ 512.642685] ? netlink_has_listeners+0x20a/0x330 [ 512.653059] kobject_uevent_env+0x781/0xc23 [ 512.653078] kobject_uevent+0x20/0x26 [ 512.653089] device_add+0xa3e/0x1490 21:37:07 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(0x0, &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) [ 512.653105] ? device_private_init+0x190/0x190 [ 512.653121] hci_register_dev+0x2d9/0x810 [ 512.653136] hci_uart_tty_ioctl+0x6a8/0xa20 [ 512.695286] tty_ioctl+0x8f7/0x1320 [ 512.698923] ? hci_uart_tty_poll+0x10/0x10 [ 512.703165] ? tty_vhangup+0x30/0x30 [ 512.706888] ? __might_sleep+0x93/0xb0 [ 512.710777] ? __fget+0x210/0x370 [ 512.714237] ? tty_vhangup+0x30/0x30 [ 512.715668] overlayfs: workdir and upperdir must be separate subtrees [ 512.717949] do_vfs_ioctl+0x7ae/0x1060 [ 512.717965] ? selinux_file_mprotect+0x5d0/0x5d0 21:37:08 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=.']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 512.717975] ? lock_downgrade+0x740/0x740 [ 512.717986] ? ioctl_preallocate+0x1c0/0x1c0 [ 512.741697] ? __fget+0x237/0x370 [ 512.745157] ? security_file_ioctl+0x89/0xb0 [ 512.749559] SyS_ioctl+0x8f/0xc0 [ 512.752908] ? do_vfs_ioctl+0x1060/0x1060 [ 512.757050] do_syscall_64+0x1e8/0x640 [ 512.760939] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 512.765787] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 512.770973] RIP: 0033:0x45a219 [ 512.774161] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 512.776608] overlayfs: workdir and upperdir must be separate subtrees [ 512.781866] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 512.781872] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 512.781878] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 512.781884] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 512.781889] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 21:37:08 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(0x0, &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) [ 512.831642] Bluetooth: hci0 sending frame failed (-49) [ 514.870096] Bluetooth: hci0 command 0x1003 tx timeout [ 514.875390] Bluetooth: hci0 sending frame failed (-49) [ 516.950124] Bluetooth: hci0 command 0x1001 tx timeout [ 516.955426] Bluetooth: hci0 sending frame failed (-49) [ 519.030194] Bluetooth: hci0 command 0x1009 tx timeout 21:37:18 executing program 5 (fault-call:2 fault-nth:33): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:37:18 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./fi']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:37:18 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req={0x0, 0x37400e6c, 0xfffffffe, 0x1}, 0x10) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x40c1a5, 0x0) ioctl$VIDIOC_S_SELECTION(r2, 0xc040565f, &(0x7f00000000c0)={0xb, 0x102, 0x1, {0x4, 0x1, 0x4}}) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') socket$inet_udp(0x2, 0x2, 0x0) 21:37:18 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:37:18 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', 0x0, &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:37:18 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) [ 523.389759] audit: type=1326 audit(1573249038.652:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12481 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 21:37:18 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', 0x0, &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) [ 523.430097] net_ratelimit: 18 callbacks suppressed [ 523.430101] protocol 88fb is buggy, dev hsr_slave_0 [ 523.440158] protocol 88fb is buggy, dev hsr_slave_1 [ 523.445255] protocol 88fb is buggy, dev hsr_slave_0 [ 523.450332] protocol 88fb is buggy, dev hsr_slave_1 [ 523.458145] overlayfs: failed to resolve './fi': -2 21:37:18 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./fi']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 523.478463] FAULT_INJECTION: forcing a failure. [ 523.478463] name failslab, interval 1, probability 0, space 0, times 0 [ 523.506000] CPU: 0 PID: 12490 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 523.513033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 523.522380] Call Trace: [ 523.522398] dump_stack+0x138/0x197 [ 523.522425] should_fail.cold+0x10f/0x159 [ 523.522441] should_failslab+0xdb/0x130 [ 523.522453] kmem_cache_alloc_node_trace+0x280/0x770 [ 523.522465] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 523.522479] __kmalloc_node_track_caller+0x3d/0x80 [ 523.528668] __kmalloc_reserve.isra.0+0x40/0xe0 [ 523.528681] __alloc_skb+0xcf/0x500 [ 523.528693] ? skb_scrub_packet+0x4b0/0x4b0 [ 523.528703] ? netlink_has_listeners+0x20a/0x330 [ 523.528715] kobject_uevent_env+0x781/0xc23 [ 523.573827] kobject_uevent+0x20/0x26 [ 523.577608] device_add+0xa3e/0x1490 [ 523.581304] ? device_private_init+0x190/0x190 [ 523.585871] hci_register_dev+0x2d9/0x810 [ 523.590006] hci_uart_tty_ioctl+0x6a8/0xa20 [ 523.594316] tty_ioctl+0x8f7/0x1320 [ 523.597924] ? hci_uart_tty_poll+0x10/0x10 [ 523.602147] ? tty_vhangup+0x30/0x30 [ 523.605858] ? __might_sleep+0x93/0xb0 [ 523.609733] ? __fget+0x210/0x370 [ 523.613176] ? tty_vhangup+0x30/0x30 [ 523.616872] do_vfs_ioctl+0x7ae/0x1060 [ 523.620742] ? selinux_file_mprotect+0x5d0/0x5d0 [ 523.625482] ? lock_downgrade+0x740/0x740 [ 523.629610] ? ioctl_preallocate+0x1c0/0x1c0 [ 523.634006] ? __fget+0x237/0x370 [ 523.637490] ? security_file_ioctl+0x89/0xb0 [ 523.641892] SyS_ioctl+0x8f/0xc0 [ 523.645249] ? do_vfs_ioctl+0x1060/0x1060 [ 523.649400] do_syscall_64+0x1e8/0x640 [ 523.653266] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 523.658133] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 523.663301] RIP: 0033:0x45a219 [ 523.666474] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 523.674186] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 523.681445] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 523.688694] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 523.695942] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 523.703189] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 21:37:19 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', 0x0, &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:37:19 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:37:19 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./fi']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 523.737316] overlayfs: failed to resolve './fi': -2 21:37:19 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) [ 523.855715] overlayfs: failed to resolve './fi': -2 [ 525.750210] Bluetooth: hci0 command 0x1003 tx timeout [ 525.755495] Bluetooth: hci0 sending frame failed (-49) [ 527.830178] Bluetooth: hci0 command 0x1001 tx timeout [ 527.835529] Bluetooth: hci0 sending frame failed (-49) [ 529.910112] Bluetooth: hci0 command 0x1009 tx timeout 21:37:29 executing program 5 (fault-call:2 fault-nth:34): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:37:29 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:37:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:37:29 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:37:29 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:37:29 executing program 2: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20\x00', 0x10800, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000140)={0x0, 0x1f}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000001c0)={r1, 0x1f}, &(0x7f0000000200)=0x8) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) write$P9_RLCREATE(r3, &(0x7f0000000240)={0x18, 0xf, 0x1, {{0x54, 0x2, 0x3}, 0x200}}, 0x18) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0)='TIPCv2\x00') sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x216c8}, 0xc, &(0x7f0000000300)={&(0x7f00000003c0)={0x130, r4, 0x100, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_SOCK={0x3c, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x40}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffff4a2}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x200}, @TIPC_NLA_SOCK_ADDR={0x8}]}, @TIPC_NLA_MEDIA={0x4c, 0x5, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x200}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3d}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}]}, @TIPC_NLA_MEDIA={0x40, 0x5, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_LINK={0x54, 0x4, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7921925a}]}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x80000}, 0x1) setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') ioctl$sock_SIOCDELDLCI(0xffffffffffffffff, 0x8981, &(0x7f00000000c0)={'ip6gre0\x00', 0x6}) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$PPPIOCDISCONN(r5, 0x7439) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000080)=0x4200, 0x4) 21:37:29 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) [ 534.277507] audit: type=1326 audit(1573249049.542:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12520 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 534.302091] overlayfs: failed to resolve './file': -2 [ 534.316497] FAULT_INJECTION: forcing a failure. [ 534.316497] name failslab, interval 1, probability 0, space 0, times 0 [ 534.337768] CPU: 1 PID: 12530 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 534.344825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.354163] Call Trace: [ 534.356739] dump_stack+0x138/0x197 [ 534.360355] should_fail.cold+0x10f/0x159 [ 534.364492] should_failslab+0xdb/0x130 [ 534.368451] kmem_cache_alloc_node+0x287/0x780 [ 534.373024] __alloc_skb+0x9c/0x500 [ 534.376635] ? skb_scrub_packet+0x4b0/0x4b0 [ 534.380940] ? netlink_has_listeners+0x20a/0x330 [ 534.385682] kobject_uevent_env+0x781/0xc23 [ 534.390000] kobject_uevent+0x20/0x26 [ 534.393791] device_add+0xa3e/0x1490 [ 534.397488] ? device_private_init+0x190/0x190 [ 534.402054] hci_register_dev+0x2d9/0x810 [ 534.406187] hci_uart_tty_ioctl+0x6a8/0xa20 [ 534.410493] tty_ioctl+0x8f7/0x1320 [ 534.414103] ? hci_uart_tty_poll+0x10/0x10 [ 534.418319] ? tty_vhangup+0x30/0x30 [ 534.422025] ? __might_sleep+0x93/0xb0 [ 534.425904] ? __fget+0x210/0x370 [ 534.429351] ? tty_vhangup+0x30/0x30 [ 534.433055] do_vfs_ioctl+0x7ae/0x1060 [ 534.436929] ? selinux_file_mprotect+0x5d0/0x5d0 [ 534.441687] ? lock_downgrade+0x740/0x740 [ 534.445818] ? ioctl_preallocate+0x1c0/0x1c0 [ 534.450208] ? __fget+0x237/0x370 [ 534.453645] ? security_file_ioctl+0x89/0xb0 [ 534.458033] SyS_ioctl+0x8f/0xc0 [ 534.461376] ? do_vfs_ioctl+0x1060/0x1060 [ 534.465508] do_syscall_64+0x1e8/0x640 [ 534.469383] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 534.474210] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 534.479379] RIP: 0033:0x45a219 21:37:29 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 534.482549] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 534.490237] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 534.497488] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 534.504749] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 534.512000] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 534.519252] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 21:37:29 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, 0x0) 21:37:29 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:37:29 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, 0x0) [ 534.614096] overlayfs: failed to resolve './file': -2 21:37:29 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 534.712686] overlayfs: failed to resolve './file': -2 [ 536.550151] Bluetooth: hci0 command 0x1003 tx timeout [ 536.555445] Bluetooth: hci0 sending frame failed (-49) [ 538.630150] Bluetooth: hci0 command 0x1001 tx timeout [ 538.635493] Bluetooth: hci0 sending frame failed (-49) [ 540.710134] Bluetooth: hci0 command 0x1009 tx timeout 21:37:40 executing program 5 (fault-call:2 fault-nth:35): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:37:40 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(0x0, 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:37:40 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, 0x0) 21:37:40 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:37:40 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:37:40 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') setsockopt$rose(0xffffffffffffffff, 0x104, 0x2, &(0x7f0000000080)=0x80, 0x4) r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/mls\x00', 0x0, 0x0) getsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000140), 0x3df) r2 = syz_open_dev$media(&(0x7f00000000c0)='/de\b\x00', 0x203, 0x406300) setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88) 21:37:40 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:37:40 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(0x0, 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 545.159339] audit: type=1326 audit(1573249060.422:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12559 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 545.194986] FAULT_INJECTION: forcing a failure. [ 545.194986] name failslab, interval 1, probability 0, space 0, times 0 21:37:40 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) 21:37:40 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode'}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize', 0x3d, 0xa00}}]}}) [ 545.232395] CPU: 1 PID: 12570 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 545.239449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 545.248794] Call Trace: [ 545.251371] dump_stack+0x138/0x197 [ 545.255006] should_fail.cold+0x10f/0x159 [ 545.259162] should_failslab+0xdb/0x130 [ 545.263152] kmem_cache_alloc_node_trace+0x280/0x770 [ 545.268253] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 545.273706] __kmalloc_node_track_caller+0x3d/0x80 21:37:40 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 545.278642] __kmalloc_reserve.isra.0+0x40/0xe0 [ 545.283314] __alloc_skb+0xcf/0x500 [ 545.286935] ? skb_scrub_packet+0x4b0/0x4b0 [ 545.291253] ? netlink_has_listeners+0x20a/0x330 [ 545.296014] kobject_uevent_env+0x781/0xc23 [ 545.300330] kobject_uevent+0x20/0x26 [ 545.304121] device_add+0xa3e/0x1490 [ 545.307829] ? device_private_init+0x190/0x190 [ 545.312409] hci_register_dev+0x2d9/0x810 [ 545.316559] hci_uart_tty_ioctl+0x6a8/0xa20 [ 545.320881] tty_ioctl+0x8f7/0x1320 [ 545.324513] ? hci_uart_tty_poll+0x10/0x10 [ 545.328742] ? tty_vhangup+0x30/0x30 [ 545.332458] ? __might_sleep+0x93/0xb0 [ 545.336345] ? __fget+0x210/0x370 [ 545.339812] ? tty_vhangup+0x30/0x30 [ 545.343522] do_vfs_ioctl+0x7ae/0x1060 [ 545.347397] ? selinux_file_mprotect+0x5d0/0x5d0 [ 545.352185] ? lock_downgrade+0x740/0x740 [ 545.356321] ? ioctl_preallocate+0x1c0/0x1c0 [ 545.360713] ? __fget+0x237/0x370 [ 545.364154] ? security_file_ioctl+0x89/0xb0 [ 545.370392] SyS_ioctl+0x8f/0xc0 [ 545.373748] ? do_vfs_ioctl+0x1060/0x1060 [ 545.377883] do_syscall_64+0x1e8/0x640 [ 545.381762] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 545.386599] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 545.391782] RIP: 0033:0x45a219 [ 545.394953] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 545.402641] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 545.409893] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 545.417150] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 545.424402] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 545.431693] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 21:37:40 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) r2 = dup2(0xffffffffffffffff, r1) r3 = socket$inet_sctp(0x2, 0x5, 0x84) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x14, &(0x7f0000000040)={r5}, 0x8) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000080)={r5, 0x4, 0x5, [0x101, 0x7ff, 0x4, 0x9, 0x1]}, 0x12) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') [ 545.910125] protocol 88fb is buggy, dev hsr_slave_0 [ 545.915304] protocol 88fb is buggy, dev hsr_slave_1 [ 545.920448] protocol 88fb is buggy, dev hsr_slave_0 [ 545.925590] protocol 88fb is buggy, dev hsr_slave_1 [ 546.160117] protocol 88fb is buggy, dev hsr_slave_0 [ 546.165232] protocol 88fb is buggy, dev hsr_slave_1 [ 546.170487] protocol 88fb is buggy, dev hsr_slave_0 [ 546.175532] protocol 88fb is buggy, dev hsr_slave_1 [ 546.310105] protocol 88fb is buggy, dev hsr_slave_0 [ 546.315214] protocol 88fb is buggy, dev hsr_slave_1 [ 547.510100] Bluetooth: hci0 command 0x1003 tx timeout [ 547.515418] Bluetooth: hci0 sending frame failed (-49) [ 549.590152] Bluetooth: hci0 command 0x1001 tx timeout [ 549.595453] Bluetooth: hci0 sending frame failed (-49) [ 551.670085] Bluetooth: hci0 command 0x1009 tx timeout 21:37:51 executing program 5 (fault-call:2 fault-nth:36): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:37:51 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) 21:37:51 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(0x0, 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:37:51 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x3, &(0x7f00000000c0)=0x1, 0xfffffffffffffece) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0xeb431f44016d3c3e, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, &(0x7f0000000100)={0xffffffffffffff7e, [0x0]}) fcntl$notify(r1, 0x402, 0x5) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x3c, 0x10000, 0x1}, 0x1c) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$UI_SET_PHYS(0xffffffffffffffff, 0x4008556c, &(0x7f0000000180)='syz1\x00') syz_open_dev$sndpcmp(&(0x7f00000002c0)='/dev/snd/pcmC#D#p\x00', 0x100, 0xd66c41a223dc45ca) ioctl$sock_ifreq(r2, 0x8991, &(0x7f00000000c0)={'bond0\x00\x16\b\xea\xff\xff\x80\x00\x00\x02\xff', @ifru_names='bond_slave_1\x00'}) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sendmsg$SEG6_CMD_SET_TUNSRC(r3, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={0xffffffffffffffff}, 0x1, 0x0, 0x0, 0xede15fee2c3a0298}, 0x840) ioctl$sock_ifreq(r2, 0x8990, &(0x7f0000000240)={'bond0\x00\xe1\x03\n\x00!!\x00\x01\x00', @ifru_names='bond_slave_1\x00\x00\x00\b'}) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) ioctl$sock_SIOCSPGRP(r2, 0x8902, &(0x7f0000000140)=r4) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:37:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:37:51 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) [ 556.035449] bond0: Releasing backup interface bond_slave_1 [ 556.036328] audit: type=1326 audit(1573249071.302:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12601 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 21:37:51 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) [ 556.082516] FAULT_INJECTION: forcing a failure. [ 556.082516] name failslab, interval 1, probability 0, space 0, times 0 [ 556.098628] CPU: 0 PID: 12611 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 556.105654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 556.115000] Call Trace: [ 556.117584] dump_stack+0x138/0x197 [ 556.121198] should_fail.cold+0x10f/0x159 [ 556.125334] should_failslab+0xdb/0x130 [ 556.129300] kmem_cache_alloc_node_trace+0x280/0x770 [ 556.134403] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 556.139866] __kmalloc_node_track_caller+0x3d/0x80 [ 556.144796] __kmalloc_reserve.isra.0+0x40/0xe0 [ 556.149460] __alloc_skb+0xcf/0x500 [ 556.149855] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 556.153082] ? skb_scrub_packet+0x4b0/0x4b0 [ 556.153094] ? netlink_has_listeners+0x20a/0x330 [ 556.153109] kobject_uevent_env+0x781/0xc23 [ 556.153126] kobject_uevent+0x20/0x26 [ 556.177751] device_add+0xa3e/0x1490 [ 556.181449] ? device_private_init+0x190/0x190 [ 556.186014] hci_register_dev+0x2d9/0x810 [ 556.190162] hci_uart_tty_ioctl+0x6a8/0xa20 [ 556.194484] tty_ioctl+0x8f7/0x1320 [ 556.198099] ? hci_uart_tty_poll+0x10/0x10 [ 556.202320] ? tty_vhangup+0x30/0x30 [ 556.206058] ? __might_sleep+0x93/0xb0 [ 556.209938] ? __fget+0x210/0x370 [ 556.213384] ? tty_vhangup+0x30/0x30 [ 556.217116] do_vfs_ioctl+0x7ae/0x1060 [ 556.220995] ? selinux_file_mprotect+0x5d0/0x5d0 [ 556.225733] ? lock_downgrade+0x740/0x740 [ 556.229859] ? ioctl_preallocate+0x1c0/0x1c0 [ 556.234256] ? __fget+0x237/0x370 [ 556.237694] ? security_file_ioctl+0x89/0xb0 [ 556.242081] SyS_ioctl+0x8f/0xc0 [ 556.245437] ? do_vfs_ioctl+0x1060/0x1060 [ 556.249577] do_syscall_64+0x1e8/0x640 [ 556.253455] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 556.258291] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 556.263467] RIP: 0033:0x45a219 [ 556.266637] RSP: 002b:00007f0ac6149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 556.274323] RAX: ffffffffffffffda RBX: 00007f0ac6149c90 RCX: 000000000045a219 [ 556.281577] RDX: 0000000000000001 RSI: 00000000400455c8 RDI: 0000000000000003 [ 556.288833] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 556.296101] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0ac614a6d4 [ 556.303348] R13: 00000000004c3209 R14: 00000000004d73a8 R15: 0000000000000004 [ 556.311012] net_ratelimit: 2 callbacks suppressed [ 556.311017] protocol 88fb is buggy, dev hsr_slave_0 [ 556.320941] protocol 88fb is buggy, dev hsr_slave_1 [ 556.326140] protocol 88fb is buggy, dev hsr_slave_0 [ 556.331326] protocol 88fb is buggy, dev hsr_slave_1 21:37:51 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:37:51 executing program 0: creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize'}}]}}) 21:37:51 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:37:51 executing program 0: mknod(&(0x7f0000000100)='./file0\x00', 0x1040, 0x0) r0 = gettid() r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) r3 = dup2(r2, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) unlink(&(0x7f0000000140)='./file0\x00') tkill(r0, 0x1000000000016) 21:37:51 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 556.550102] protocol 88fb is buggy, dev hsr_slave_0 [ 556.555195] protocol 88fb is buggy, dev hsr_slave_1 [ 556.560325] protocol 88fb is buggy, dev hsr_slave_0 [ 556.565388] protocol 88fb is buggy, dev hsr_slave_1 [ 556.710133] protocol 88fb is buggy, dev hsr_slave_0 [ 556.715208] protocol 88fb is buggy, dev hsr_slave_1 [ 558.390230] Bluetooth: hci0 command 0x1003 tx timeout [ 558.395524] Bluetooth: hci0 sending frame failed (-49) [ 560.470142] Bluetooth: hci0 command 0x1001 tx timeout [ 560.475439] Bluetooth: hci0 sending frame failed (-49) [ 562.550239] Bluetooth: hci0 command 0x1009 tx timeout 21:38:02 executing program 5 (fault-call:2 fault-nth:37): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:38:02 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:02 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:38:02 executing program 0: perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000140)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @remote}}}, 0x104) getegid() syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00') 21:38:02 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_stats\x00', 0x0, 0x0) setsockopt$packet_int(r1, 0x107, 0x0, &(0x7f0000000080)=0x8001, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x80000001, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:38:02 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 566.926594] audit: type=1326 audit(1573249082.192:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12643 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 566.950951] net_ratelimit: 2 callbacks suppressed [ 566.950956] protocol 88fb is buggy, dev hsr_slave_0 [ 566.950994] protocol 88fb is buggy, dev hsr_slave_1 [ 566.951061] protocol 88fb is buggy, dev hsr_slave_0 [ 566.951093] protocol 88fb is buggy, dev hsr_slave_1 21:38:02 executing program 0: r0 = socket$inet6(0xa, 0x40000000000001, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @ipv4}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr, @empty}, @tcp={{0x0, 0x4e20, 0x42424242, 0x41424344, 0x0, 0x0, 0x5, 0x1a}}}}}}, 0x0) 21:38:02 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, 0x0, r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:38:02 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) pipe(&(0x7f0000000380)={0xffffffffffffffff}) set_robust_list(&(0x7f0000000180)={0x0, 0x8000, &(0x7f0000000140)={&(0x7f0000000100)}}, 0x18) creat(&(0x7f0000000080)='./file0\x00', 0x14) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x40a002) ioctl$KDADDIO(r3, 0x400455c8, 0xa) 21:38:02 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:02 executing program 2: r0 = socket$packet(0x11, 0x1, 0x300) r1 = syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x7f, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000140)="f68a3de0cf441ec9628ede7b511cf4d3", 0x10) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = syz_open_dev$midi(&(0x7f0000000200)='/dev/midi#\x00', 0x7, 0x101000) openat$cgroup_procs(r3, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) getsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, &(0x7f0000000180), &(0x7f00000001c0)=0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000280)={0x0, r5}) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r6, &(0x7f0000000000), 0x0, 0xa) setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000080)={0x8, 0x0, 0xf06b971acac14501}, 0x4) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r7, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1) ioctl$FIBMAP(r8, 0x1, &(0x7f00000000c0)=0x5) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) getgid() syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:38:02 executing program 0: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000400)='ramfs\x00\x9b\x95\x84\x10D\xfb\x9b\x81R#\x10O\xd3\xb4\xe8\xa3\x1f\x00\r\xf6\xd9\xbbt\x95f\x9e\x02\x06\xf946\\{(\xc8\xa7s\xd2>\x81\x88l\x0e\xc5%\x99\x00\x02\x9d\x85\xfc\xa9\\\x99:\xe4\x9c\xf9z>w\xe7\xa9\xa8=\xe9o\x9f\xfbKE\xd7\x9a\x1b\xf8\x86@\x8e\xe6\x9em\x89\xab\x19\xea1\x8e\xa1\xb5\xd7\xc6\xc62\x05\xc7\xe5\xd2m\xeczV\x1d\x84\xcd\xc0\xdf', 0x0, 0x0) chdir(&(0x7f00000003c0)='./file0\x00') symlink(&(0x7f0000000140)='..', &(0x7f00000000c0)='./file0\x00') umount2(&(0x7f0000000040)='../file0\x00', 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) r2 = dup3(r0, r1, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mknod(&(0x7f0000000080)='./file0/file0/../file0\x00', 0x0, 0x0) 21:38:02 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, 0x0, r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:38:02 executing program 0: perf_event_open(&(0x7f00000004c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x40000000002, 0x3, 0x2) setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000000)=0x5, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000012c0)='syz_tun\x00', 0x10) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0x10000e0}, 0x6e) recvmmsg(r0, &(0x7f0000000240), 0x4000000000002c5, 0x2, 0x0) 21:38:02 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 567.256011] raw_sendmsg: syz-executor.0 forgot to set AF_INET. Fix it! 21:38:02 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:38:02 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, 0x0, r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:38:02 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:02 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000002d80), 0x5e, 0x0, &(0x7f0000000180)={0x77359400}) sendmsg$nl_generic(r0, &(0x7f0000000580)={0x0, 0xffffffffffffff5b, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1100000042000506000000366ab1001000ed623c087dcbffa241ee19776b1d9ada7c0fe30d7f228fd2add33be3693e684c651514fd9a98a2863c7c3935f1a555000000000000000000000000000000000022a5db6becbf9abd5c2e059ff376546bea0ca054fb97b05be546de561172208235fcfdb26f43bc708e474fba98d96188e7243469f14ec61078bdf0fe2ae9d6b50b93e02cba4a9a319cddbe699cf8cd8fc982cd5a26cd6ae35453769cbb9113e1158ccc2bffa68a79b7fb95273ede90fae974d6917a88583f592797e0879b2a8377be70aaaf965929bb34796362e12aa3bc5217410e67ce6ca85b42"], 0x14}, 0x1, 0x0, 0x0, 0x100}, 0x0) 21:38:03 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') [ 567.756147] audit: type=1326 audit(1573249083.022:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12706 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 21:38:03 executing program 5: ioctl$CAPI_GET_FLAGS(0xffffffffffffffff, 0x80044323, &(0x7f0000000000)) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/de\x00', 0x0, 0x0) r1 = dup(r0) read$rfkill(r1, &(0x7f00000001c0), 0x8) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$TIOCEXCL(r0, 0x540c) ioctl$KDADDIO(r0, 0x400455c8, 0x1) r2 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r2, 0xc08c5334, &(0x7f0000000100)={0x3, 0x2, 0x7ff, 'queue0\x00', 0x7}) 21:38:03 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:03 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0) write$char_usb(r1, &(0x7f00000000c0)="bec9380598cc0b8b684815200998c671daacf60cc4e180392a9761617f755ba08d9b869239e3091cc1b5508699687815853b9da1c95dee20b7f12552a0a2e619a0ff978101b3773c0102d0c2a5be9a96c59be5d4096012f809e1d4c7993804d0776b5339173e9f447b27684d046e819554305ecddded7efa99c839ec67fa0e22bb01d471f5bb1bdf2405b5db1be7942261836c9098348a1a0d01b61f70af7374968e5789", 0xa4) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:38:03 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:38:03 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', 0xffffffffffffffff, &(0x7f00000007c0)='./file0/f.le.\x00') 21:38:03 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) msync(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xb) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:38:03 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:03 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000080)}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:38:03 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x2, 0x80000000, 0x1, 0x200}, 0x10) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x100, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f00000000c0)={{0x0, @empty, 0x4e23, 0x1, 'dh\x00', 0x20, 0x8, 0x36}, {@loopback, 0x4e24, 0x3, 0x4, 0x2, 0x6}}, 0x44) 21:38:03 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, 0x0) 21:38:03 executing program 0: r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 21:38:03 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:03 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/policy\x00', 0x0, 0x0) ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000180)={0x5, 0x4, 0x7, 0x1, 0x0, 0xb6}) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e21, @remote}, {0x2, 0x4e23, @broadcast}, 0x38a, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)='veth1_to_bond\x00', 0x5, 0x9, 0x8fc}) 21:38:03 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, 0x0) [ 568.592847] audit: type=1326 audit(1573249083.862:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12746 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 21:38:04 executing program 0: r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) lseek(r0, 0x7ffffc, 0x0) ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x8) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0xfd14) fallocate(r0, 0x100000003, 0x804000, 0x28120001) 21:38:04 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:38:04 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 570.150099] Bluetooth: hci0 command 0x1003 tx timeout [ 570.155449] Bluetooth: hci0 sending frame failed (-49) [ 572.230184] Bluetooth: hci0 command 0x1001 tx timeout [ 572.235587] Bluetooth: hci0 sending frame failed (-49) [ 574.310103] Bluetooth: hci0 command 0x1009 tx timeout 21:38:13 executing program 2: socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x9, &(0x7f0000000100)=0x1000001, 0x0) r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x10000, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f00000000c0), 0x1) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000180)=@req3={0x1ff, 0x9, 0x1, 0x6c9d000, 0x6, 0xa4, 0x101}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:38:13 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000000)=0x2) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:38:13 executing program 1: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, 0x0) 21:38:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:13 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:13 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000080)}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) [ 578.426190] audit: type=1326 audit(1573249093.692:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12782 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 21:38:13 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:13 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fsetxattr$security_selinux(r0, &(0x7f0000000100)='security.selinux\x00', &(0x7f0000000140)='system_u:object_r:getty_var_run_t:s0\x00', 0x25, 0x3) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/create\x00', 0x2, 0x0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) signalfd(r2, &(0x7f00000000c0)={0x81}, 0x8) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) r5 = shmget$private(0x0, 0x4000, 0x8, &(0x7f0000ffb000/0x4000)=nil) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) write(r6, &(0x7f0000000340), 0x41395527) setsockopt$packet_tx_ring(r6, 0x107, 0xd, &(0x7f0000000340)=@req={0x10000, 0x1, 0x6, 0x4}, 0x10) shmctl$SHM_UNLOCK(r5, 0xc) shmctl$SHM_INFO(r5, 0xe, &(0x7f00000001c0)=""/151) syz_emit_ethernet(0x1, &(0x7f0000000180)=ANY=[@ANYPTR64=&(0x7f0000000280)=ANY=[@ANYBLOB="df2c59d3a5331371c358cb03f491aa4eb5f7c55048e9e39388f783860fccda7f66e7f5d5b2ef6321fece40bc84983cd6919828b13a938a12ac8f82dbba7b78738be09a38464d60ef8aed1691926477ae48c1915c9cbcc18443b6c7b0cd3222d143aad501000000000000000000", @ANYRESOCT=0x0, @ANYRESOCT]], 0x0) 21:38:13 executing program 0: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, 0x0, r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:38:13 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:13 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:14 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:14 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x80001, 0x0) modify_ldt$read(0x0, &(0x7f0000000100)=""/59, 0x3b) ioctl$FS_IOC_GETVERSION(r1, 0x80087601, &(0x7f00000000c0)) [ 579.190176] protocol 88fb is buggy, dev hsr_slave_0 [ 579.195265] protocol 88fb is buggy, dev hsr_slave_1 [ 579.200379] protocol 88fb is buggy, dev hsr_slave_0 [ 579.205580] protocol 88fb is buggy, dev hsr_slave_1 [ 579.241736] Unknown ioctl -2146929151 [ 579.259498] Unknown ioctl -2146929151 [ 580.470145] Bluetooth: hci0 command 0x1003 tx timeout [ 580.475421] Bluetooth: hci0 sending frame failed (-49) [ 582.550126] Bluetooth: hci0 command 0x1001 tx timeout [ 582.555428] Bluetooth: hci0 sending frame failed (-49) [ 584.630129] Bluetooth: hci0 command 0x1009 tx timeout 21:38:23 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x4896, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x13) ioctl$KDADDIO(r0, 0x400455c8, 0x1) 21:38:23 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:23 executing program 0: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(0x0, 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:38:23 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000080)}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) 21:38:23 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x3800, 0x16, 0x6}) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') 21:38:23 executing program 1 (fault-call:6 fault-nth:0): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 588.674004] audit: type=1326 audit(1573249103.942:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12827 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 21:38:24 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x1, 0x4) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0)='\x01\x00\x00\x00\x10') lsetxattr$security_smack_entry(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='security.SMACK64MMAP\x00', &(0x7f0000000140)='\x00', 0x1, 0x2) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000180)={0x0, 0xffffffff}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000200)={r2, 0x101}, &(0x7f0000000240)=0x8) [ 588.738278] FAULT_INJECTION: forcing a failure. [ 588.738278] name failslab, interval 1, probability 0, space 0, times 0 [ 588.769589] CPU: 1 PID: 12835 Comm: syz-executor.1 Not tainted 4.14.152 #0 [ 588.776622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 588.785959] Call Trace: [ 588.788541] dump_stack+0x138/0x197 [ 588.792162] should_fail.cold+0x10f/0x159 [ 588.796306] should_failslab+0xdb/0x130 [ 588.800266] kmem_cache_alloc+0x2d7/0x780 [ 588.804397] ? __f_unlock_pos+0x19/0x20 [ 588.808355] getname_flags+0xcb/0x580 [ 588.812137] ? lock_downgrade+0x740/0x740 [ 588.816266] SyS_renameat+0xdb/0x6f0 [ 588.819970] ? wait_for_completion+0x420/0x420 [ 588.824531] ? SyS_renameat2+0xa30/0xa30 [ 588.828571] ? __sb_end_write+0xc1/0x100 [ 588.832616] ? fput+0xd4/0x150 [ 588.835790] ? SyS_write+0x15e/0x230 [ 588.839486] ? do_syscall_64+0x53/0x640 [ 588.843442] ? SyS_renameat2+0xa30/0xa30 [ 588.847494] do_syscall_64+0x1e8/0x640 [ 588.851364] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 588.856199] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 588.861369] RIP: 0033:0x45a219 [ 588.864551] RSP: 002b:00007fa6ff94fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000108 [ 588.872247] RAX: ffffffffffffffda RBX: 00007fa6ff94fc90 RCX: 000000000045a219 [ 588.879508] RDX: 0000000000000003 RSI: 0000000020000180 RDI: 0000000000000003 21:38:24 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf) ioctl$KDADDIO(r0, 0x400455c8, 0x1) pipe(&(0x7f0000000380)={0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f0000000100)={{0x7, 0x6, 0x838, 0x8d7d, 'syz1\x00', 0x6}, 0x0, [0x7, 0x4, 0x4, 0x6, 0x0, 0x1, 0x228504c8, 0x5, 0x2, 0xffffffffffff5ff5, 0x7f, 0x0, 0x5, 0x100000000, 0x3, 0x1, 0x4, 0x0, 0x1ff, 0x1, 0x2d, 0x1000, 0x5, 0x1, 0x7fff, 0x9, 0x6, 0x6, 0x6, 0x0, 0x6, 0x5, 0x3, 0x100, 0x40, 0x8, 0x8, 0x99be, 0xb0f, 0x10001, 0x9bb2, 0xffffffff, 0x9, 0x7f, 0x8, 0xf19, 0x20000000000000, 0x6, 0x7, 0x3f, 0x9ce, 0x9, 0x100, 0x3, 0x15, 0x8000, 0xffff, 0x7fffffff, 0x8, 0x8, 0x0, 0x400, 0x2, 0x9, 0x10000, 0x0, 0x80000000, 0x8001, 0xb66, 0x400, 0x2, 0x5, 0x3, 0x0, 0x4, 0x101, 0x1, 0x8, 0x0, 0x401, 0x7fffffff, 0x4, 0xffffffff, 0x7fff, 0x333a32b7, 0x7, 0xffffffff, 0x0, 0x8000, 0xe1c, 0x80000000, 0xffffffffffffffff, 0xffffffff, 0x7ff, 0x2, 0x7, 0x5, 0x7, 0xe17, 0x0, 0x3, 0x3, 0x78a, 0x6, 0x96c, 0xb358, 0x2, 0x80000000, 0x9, 0x9, 0xffffffffdb299666, 0x81, 0x9, 0x3, 0x3f, 0x0, 0x6, 0x3, 0x401, 0xc142, 0x5, 0x5, 0x7, 0x9, 0x2, 0x81, 0xb12, 0x4], {0x0, 0x989680}}) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000080)={0x7fff, 0x9e, 0x2, 0x80000001, 0x9, 0x1}) [ 588.886764] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 588.894021] R10: 00000000200007c0 R11: 0000000000000246 R12: 00007fa6ff9506d4 [ 588.901276] R13: 00000000004c7d4c R14: 00000000004ddf48 R15: 0000000000000004 21:38:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 21:38:24 executing program 0 (fault-call:1 fault-nth:0): creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize'}}]}}) 21:38:24 executing program 1 (fault-call:6 fault-nth:1): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 589.053101] FAULT_INJECTION: forcing a failure. [ 589.053101] name failslab, interval 1, probability 0, space 0, times 0 [ 589.065122] CPU: 0 PID: 12856 Comm: syz-executor.0 Not tainted 4.14.152 #0 [ 589.072150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 589.072156] Call Trace: [ 589.072172] dump_stack+0x138/0x197 [ 589.072190] should_fail.cold+0x10f/0x159 [ 589.072206] should_failslab+0xdb/0x130 [ 589.072219] __kmalloc_track_caller+0x2ec/0x790 [ 589.072234] ? __schedule+0x7c0/0x1cd0 [ 589.072244] ? strndup_user+0x62/0xf0 [ 589.072255] memdup_user+0x26/0xa0 [ 589.072265] strndup_user+0x62/0xf0 [ 589.072277] SyS_mount+0x3c/0x120 [ 589.072285] ? copy_mnt_ns+0x8c0/0x8c0 [ 589.072298] do_syscall_64+0x1e8/0x640 [ 589.072306] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 589.072320] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 589.072327] RIP: 0033:0x45a219 [ 589.072332] RSP: 002b:00007f782745ec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 589.072351] RAX: ffffffffffffffda RBX: 00007f782745ec90 RCX: 000000000045a219 [ 589.084273] RDX: 00000000200004c0 RSI: 0000000020000480 RDI: 0000000020000140 [ 589.084279] RBP: 000000000075bf20 R08: 0000000020000880 R09: 0000000000000000 [ 589.084285] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f782745f6d4 [ 589.084290] R13: 00000000004c6d74 R14: 00000000004dc5e0 R15: 0000000000000004 [ 589.103976] FAULT_INJECTION: forcing a failure. [ 589.103976] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 589.196497] CPU: 0 PID: 12857 Comm: syz-executor.1 Not tainted 4.14.152 #0 [ 589.203491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 589.212830] Call Trace: [ 589.215408] dump_stack+0x138/0x197 [ 589.219021] should_fail.cold+0x10f/0x159 [ 589.223160] __alloc_pages_nodemask+0x1d6/0x7a0 [ 589.227811] ? fs_reclaim_acquire+0x20/0x20 [ 589.232119] ? __alloc_pages_slowpath+0x2930/0x2930 [ 589.237126] cache_grow_begin+0x80/0x400 [ 589.241170] kmem_cache_alloc+0x6a6/0x780 [ 589.245303] getname_flags+0xcb/0x580 [ 589.249086] ? lock_downgrade+0x740/0x740 [ 589.253214] SyS_renameat+0xdb/0x6f0 [ 589.256914] ? wait_for_completion+0x420/0x420 [ 589.261479] ? SyS_renameat2+0xa30/0xa30 [ 589.265519] ? __sb_end_write+0xc1/0x100 [ 589.269562] ? fput+0xd4/0x150 [ 589.272737] ? SyS_write+0x15e/0x230 [ 589.276435] ? do_syscall_64+0x53/0x640 [ 589.280401] ? SyS_renameat2+0xa30/0xa30 [ 589.284454] do_syscall_64+0x1e8/0x640 [ 589.288331] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 589.293167] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 589.298338] RIP: 0033:0x45a219 21:38:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 21:38:24 executing program 0 (fault-call:1 fault-nth:1): creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize'}}]}}) [ 589.301508] RSP: 002b:00007fa6ff94fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000108 [ 589.309197] RAX: ffffffffffffffda RBX: 00007fa6ff94fc90 RCX: 000000000045a219 [ 589.316450] RDX: 0000000000000003 RSI: 0000000020000180 RDI: 0000000000000003 [ 589.323699] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 589.330957] R10: 00000000200007c0 R11: 0000000000000246 R12: 00007fa6ff9506d4 [ 589.338207] R13: 00000000004c7d4c R14: 00000000004ddf48 R15: 0000000000000004 [ 589.347426] Bluetooth: Error in BCSP hdr checksum 21:38:24 executing program 1 (fault-call:6 fault-nth:2): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') [ 589.436399] FAULT_INJECTION: forcing a failure. [ 589.436399] name failslab, interval 1, probability 0, space 0, times 0 [ 589.457553] CPU: 1 PID: 12864 Comm: syz-executor.0 Not tainted 4.14.152 #0 [ 589.464602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 589.473951] Call Trace: [ 589.476548] dump_stack+0x138/0x197 [ 589.480180] should_fail.cold+0x10f/0x159 [ 589.480199] should_failslab+0xdb/0x130 [ 589.480214] __kmalloc_track_caller+0x2ec/0x790 [ 589.480228] ? kasan_check_write+0x14/0x20 [ 589.488322] ? strndup_user+0x62/0xf0 [ 589.488336] memdup_user+0x26/0xa0 [ 589.488347] strndup_user+0x62/0xf0 [ 589.488361] SyS_mount+0x6b/0x120 [ 589.488371] ? copy_mnt_ns+0x8c0/0x8c0 [ 589.515411] do_syscall_64+0x1e8/0x640 [ 589.519278] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 589.524104] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 589.529287] RIP: 0033:0x45a219 21:38:24 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000080)=[{0x6}]}) [ 589.532458] RSP: 002b:00007f782745ec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 589.540146] RAX: ffffffffffffffda RBX: 00007f782745ec90 RCX: 000000000045a219 [ 589.547396] RDX: 00000000200004c0 RSI: 0000000020000480 RDI: 0000000020000140 [ 589.554653] RBP: 000000000075bf20 R08: 0000000020000880 R09: 0000000000000000 [ 589.561902] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f782745f6d4 [ 589.569160] R13: 00000000004c6d74 R14: 00000000004dc5e0 R15: 0000000000000004 21:38:24 executing program 0 (fault-call:1 fault-nth:2): creat(&(0x7f00000002c0)='./bus\x00', 0x0) mount$fuseblk(&(0x7f0000000140)='/dev/loop0\x00', &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)='fuseblk\x00', 0x0, &(0x7f0000000880)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@blksize={'blksize'}}]}}) 21:38:24 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 589.600111] protocol 88fb is buggy, dev hsr_slave_0 [ 589.603890] Bluetooth: Error in BCSP hdr checksum [ 589.605265] protocol 88fb is buggy, dev hsr_slave_1 [ 589.615208] protocol 88fb is buggy, dev hsr_slave_0 [ 589.620354] protocol 88fb is buggy, dev hsr_slave_1 [ 589.634511] FAULT_INJECTION: forcing a failure. [ 589.634511] name failslab, interval 1, probability 0, space 0, times 0 [ 589.661225] audit: type=1326 audit(1573249104.932:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=12868 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45d05a code=0x0 [ 589.673351] CPU: 1 PID: 12867 Comm: syz-executor.1 Not tainted 4.14.152 #0 [ 589.692372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 589.701724] Call Trace: [ 589.704318] dump_stack+0x138/0x197 [ 589.707959] should_fail.cold+0x10f/0x159 [ 589.709608] FAULT_INJECTION: forcing a failure. [ 589.709608] name failslab, interval 1, probability 0, space 0, times 0 [ 589.712110] should_failslab+0xdb/0x130 [ 589.712125] kmem_cache_alloc+0x2d7/0x780 [ 589.712143] getname_flags+0xcb/0x580 [ 589.712158] SyS_renameat+0x126/0x6f0 [ 589.712175] ? SyS_renameat2+0xa30/0xa30 [ 589.712182] ? __sb_end_write+0xc1/0x100 [ 589.712198] ? SyS_write+0x15e/0x230 [ 589.712212] ? do_syscall_64+0x53/0x640 [ 589.712222] ? SyS_renameat2+0xa30/0xa30 [ 589.712237] do_syscall_64+0x1e8/0x640 [ 589.762696] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 589.767535] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 589.772704] RIP: 0033:0x45a219 [ 589.775881] RSP: 002b:00007fa6ff94fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000108 [ 589.783572] RAX: ffffffffffffffda RBX: 00007fa6ff94fc90 RCX: 000000000045a219 [ 589.790824] RDX: 0000000000000003 RSI: 0000000020000180 RDI: 0000000000000003 [ 589.798071] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 589.805331] R10: 00000000200007c0 R11: 0000000000000246 R12: 00007fa6ff9506d4 [ 589.812582] R13: 00000000004c7d4c R14: 00000000004ddf48 R15: 0000000000000004 [ 589.824916] CPU: 0 PID: 12875 Comm: syz-executor.0 Not tainted 4.14.152 #0 [ 589.831944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 589.841293] Call Trace: [ 589.843876] dump_stack+0x138/0x197 [ 589.847494] should_fail.cold+0x10f/0x159 [ 589.851634] should_failslab+0xdb/0x130 [ 589.855589] kmem_cache_alloc_trace+0x2e9/0x790 [ 589.860256] ? kasan_check_write+0x14/0x20 [ 589.864469] ? _copy_from_user+0x99/0x110 [ 589.868598] copy_mount_options+0x5c/0x2f0 [ 589.872814] SyS_mount+0x87/0x120 [ 589.876247] ? copy_mnt_ns+0x8c0/0x8c0 [ 589.880117] do_syscall_64+0x1e8/0x640 [ 589.883982] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 589.888808] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 589.893982] RIP: 0033:0x45a219 [ 589.897151] RSP: 002b:00007f782745ec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 589.904840] RAX: ffffffffffffffda RBX: 00007f782745ec90 RCX: 000000000045a219 21:38:25 executing program 1 (fault-call:6 fault-nth:3): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='.//ile0\x00') mkdir(&(0x7f0000000340)='./file0\x00', 0x0) mount$overlay(0x400000, &(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='overlay\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='upperdir=./file0,lowerdir=.:file0,workdir=./file1']) r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) renameat(r0, &(0x7f0000000180)='.//ile0\x00', r0, &(0x7f00000007c0)='./file0/f.le.\x00') 21:38:25 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xff7d) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000140)="66b8b9000f00d0c7442400b7fe0000c744240250260000c7442406000000000f011c240f78ba0000c0fe660f3834860a000000c4c275ac7c2c003e3e0f79970c00000066baf80cb8caae098cefb8000000000f23d00f21f835300000040f23f8ecc6f84c0f32f30fc736", 0x47}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x50, 0x0, 0x0) fsetxattr$trusted_overlay_origin(0xffffffffffffffff, &(0x7f0000000080)='trusted.overlay.origin\x00', 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) [ 589.912108] RDX: 00000000200004c0 RSI: 0000000020000480 RDI: 0000000020000140 [ 589.919362] RBP: 000000000075bf20 R08: 0000000020000880 R09: 0000000000000000 [ 589.926616] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f782745f6d4 [ 589.933916] R13: 00000000004c6d74 R14: 00000000004dc5e0 R15: 0000000000000004 [ 590.038129] FAULT_INJECTION: forcing a failure. [ 590.038129] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 590.049963] CPU: 0 PID: 12884 Comm: syz-executor.1 Not tainted 4.14.152 #0 [ 590.057004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 590.066357] Call Trace: [ 590.068928] dump_stack+0x138/0x197 [ 590.072556] should_fail.cold+0x10f/0x159 [ 590.076699] __alloc_pages_nodemask+0x1d6/0x7a0 [ 590.081362] ? fs_reclaim_acquire+0x20/0x20 [ 590.085672] ? __alloc_pages_slowpath+0x2930/0x2930 [ 590.090723] cache_grow_begin+0x80/0x400 [ 590.094892] kmem_cache_alloc+0x6a6/0x780 [ 590.099026] getname_flags+0xcb/0x580 [ 590.102810] SyS_renameat+0x126/0x6f0 [ 590.106594] ? SyS_renameat2+0xa30/0xa30 [ 590.110641] ? __sb_end_write+0xc1/0x100 [ 590.114687] ? SyS_write+0x15e/0x230 [ 590.118383] ? do_syscall_64+0x53/0x640 [ 590.122337] ? SyS_renameat2+0xa30/0xa30 [ 590.126376] do_syscall_64+0x1e8/0x640 [ 590.130245] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 590.135090] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 590.140261] RIP: 0033:0x45a219 [ 590.143438] RSP: 002b:00007fa6ff94fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000108 [ 590.151128] RAX: ffffffffffffffda RBX: 00007fa6ff94fc90 RCX: 000000000045a219 [ 590.158390] RDX: 0000000000000003 RSI: 0000000020000180 RDI: 0000000000000003 [ 590.165646] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 590.172897] R10: 00000000200007c0 R11: 0000000000000246 R12: 00007fa6ff9506d4 [ 590.180157] R13: 00000000004c7d4c R14: 00000000004ddf48 R15: 0000000000000004 [ 591.040119] Bluetooth: hci0 command 0x1003 tx timeout [ 591.045427] Bluetooth: hci0 sending frame failed (-49) [ 593.110140] Bluetooth: hci0 command 0x1001 tx timeout [ 593.115439] Bluetooth: hci0 sending frame failed (-49) [ 595.190181] Bluetooth: hci0 command 0x1009 tx timeout [ 599.511745] ================================================================== [ 599.519377] BUG: KASAN: use-after-free in kfree_skb+0x2e9/0x340 [ 599.525418] Read of size 4 at addr ffff8880a048bb24 by task syz-executor.5/12844 [ 599.532932] [ 599.534542] CPU: 0 PID: 12844 Comm: syz-executor.5 Not tainted 4.14.152 #0 [ 599.541535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 599.550906] Call Trace: [ 599.553476] dump_stack+0x138/0x197 [ 599.557104] ? kfree_skb+0x2e9/0x340 [ 599.560807] print_address_description.cold+0x7c/0x1dc [ 599.566069] ? kfree_skb+0x2e9/0x340 [ 599.569767] kasan_report.cold+0xa9/0x2af [ 599.573896] __asan_report_load4_noabort+0x14/0x20 [ 599.578801] kfree_skb+0x2e9/0x340 [ 599.582328] bcsp_close+0xc7/0x130 [ 599.585854] hci_uart_tty_close+0x1cb/0x230 [ 599.590172] ? hci_uart_close+0x50/0x50 [ 599.594131] tty_ldisc_close.isra.0+0x99/0xd0 [ 599.598601] tty_ldisc_kill+0x4b/0xc0 [ 599.602388] tty_ldisc_release+0xb6/0x230 [ 599.606522] tty_release_struct+0x1b/0x50 [ 599.610659] tty_release+0xaa3/0xd60 [ 599.614355] ? put_tty_driver+0x20/0x20 [ 599.618306] __fput+0x275/0x7a0 [ 599.621585] ____fput+0x16/0x20 [ 599.624871] task_work_run+0x114/0x190 [ 599.628739] exit_to_usermode_loop+0x1da/0x220 [ 599.633298] do_syscall_64+0x4bc/0x640 [ 599.637160] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 599.641990] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 599.647163] RIP: 0033:0x413db1 [ 599.650330] RSP: 002b:00007ffc1acbe260 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 599.658016] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413db1 [ 599.665265] RDX: 0000001b2c120000 RSI: 0000000000000989 RDI: 0000000000000003 [ 599.672513] RBP: 0000000000000001 R08: 000000006f7aa989 R09: 000000006f7aa98d [ 599.679758] R10: 00007ffc1acbe340 R11: 0000000000000293 R12: 000000000075c9a0 [ 599.687002] R13: 000000000075c9a0 R14: 0000000000761c70 R15: 000000000075bfd4 [ 599.694268] [ 599.695874] Allocated by task 7206: [ 599.699480] save_stack_trace+0x16/0x20 [ 599.703433] save_stack+0x45/0xd0 [ 599.706877] kasan_kmalloc+0xce/0xf0 [ 599.710566] kasan_slab_alloc+0xf/0x20 [ 599.714429] kmem_cache_alloc_node+0x144/0x780 [ 599.718998] __alloc_skb+0x9c/0x500 [ 599.722604] bcsp_recv+0x38a/0x1450 [ 599.726213] hci_uart_tty_receive+0x1f4/0x4d0 [ 599.730685] tty_ldisc_receive_buf+0x14d/0x1a0 [ 599.735246] tty_port_default_receive_buf+0x73/0xa0 [ 599.740247] flush_to_ldisc+0x1ec/0x400 [ 599.744207] process_one_work+0x863/0x1600 [ 599.748417] worker_thread+0x5d9/0x1050 [ 599.752373] kthread+0x319/0x430 [ 599.755723] ret_from_fork+0x24/0x30 [ 599.759410] [ 599.761015] Freed by task 7206: [ 599.764293] save_stack_trace+0x16/0x20 [ 599.768255] save_stack+0x45/0xd0 [ 599.771683] kasan_slab_free+0x75/0xc0 [ 599.775549] kmem_cache_free+0x83/0x2b0 [ 599.779500] kfree_skbmem+0xac/0x120 [ 599.783214] kfree_skb+0xbd/0x340 [ 599.786656] bcsp_recv+0x28c/0x1450 [ 599.790257] hci_uart_tty_receive+0x1f4/0x4d0 [ 599.794726] tty_ldisc_receive_buf+0x14d/0x1a0 [ 599.799291] tty_port_default_receive_buf+0x73/0xa0 [ 599.804293] flush_to_ldisc+0x1ec/0x400 [ 599.808254] process_one_work+0x863/0x1600 [ 599.812465] worker_thread+0x5d9/0x1050 [ 599.816423] kthread+0x319/0x430 [ 599.819765] ret_from_fork+0x24/0x30 [ 599.823456] [ 599.825068] The buggy address belongs to the object at ffff8880a048ba40 [ 599.825068] which belongs to the cache skbuff_head_cache of size 232 [ 599.838224] The buggy address is located 228 bytes inside of [ 599.838224] 232-byte region [ffff8880a048ba40, ffff8880a048bb28) [ 599.850073] The buggy address belongs to the page: [ 599.854978] page:ffffea00028122c0 count:1 mapcount:0 mapping:ffff8880a048b040 index:0x0 [ 599.863104] flags: 0x1fffc0000000100(slab) [ 599.867321] raw: 01fffc0000000100 ffff8880a048b040 0000000000000000 000000010000000c [ 599.875175] raw: ffffea00022a86a0 ffffea000231fc20 ffff88821b7203c0 0000000000000000 [ 599.883033] page dumped because: kasan: bad access detected [ 599.888724] [ 599.890337] Memory state around the buggy address: [ 599.895315] ffff8880a048ba00: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 599.902652] ffff8880a048ba80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 599.909992] >ffff8880a048bb00: fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc [ 599.917341] ^ [ 599.921735] ffff8880a048bb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 599.929076] ffff8880a048bc00: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc [ 599.936407] ================================================================== [ 599.943755] Disabling lock debugging due to kernel taint [ 599.949499] Kernel panic - not syncing: panic_on_warn set ... [ 599.949499] [ 599.956854] CPU: 0 PID: 12844 Comm: syz-executor.5 Tainted: G B 4.14.152 #0 [ 599.965058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 599.974390] Call Trace: [ 599.976957] dump_stack+0x138/0x197 [ 599.980565] ? kfree_skb+0x2e9/0x340 [ 599.984264] panic+0x1f9/0x42d [ 599.987433] ? add_taint.cold+0x16/0x16 [ 599.991559] ? ___preempt_schedule+0x16/0x18 [ 599.995947] kasan_end_report+0x47/0x4f [ 599.999894] kasan_report.cold+0x130/0x2af [ 600.004106] __asan_report_load4_noabort+0x14/0x20 [ 600.009026] kfree_skb+0x2e9/0x340 [ 600.012557] bcsp_close+0xc7/0x130 [ 600.016075] hci_uart_tty_close+0x1cb/0x230 [ 600.020381] ? hci_uart_close+0x50/0x50 [ 600.024339] tty_ldisc_close.isra.0+0x99/0xd0 [ 600.028807] tty_ldisc_kill+0x4b/0xc0 [ 600.032583] tty_ldisc_release+0xb6/0x230 [ 600.036723] tty_release_struct+0x1b/0x50 [ 600.040852] tty_release+0xaa3/0xd60 [ 600.044549] ? put_tty_driver+0x20/0x20 [ 600.048500] __fput+0x275/0x7a0 [ 600.051769] ____fput+0x16/0x20 [ 600.055029] task_work_run+0x114/0x190 [ 600.058981] exit_to_usermode_loop+0x1da/0x220 [ 600.063545] do_syscall_64+0x4bc/0x640 [ 600.067413] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 600.072236] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 600.077408] RIP: 0033:0x413db1 [ 600.080581] RSP: 002b:00007ffc1acbe260 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 600.088274] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000413db1 [ 600.095522] RDX: 0000001b2c120000 RSI: 0000000000000989 RDI: 0000000000000003 [ 600.102798] RBP: 0000000000000001 R08: 000000006f7aa989 R09: 000000006f7aa98d [ 600.110065] R10: 00007ffc1acbe340 R11: 0000000000000293 R12: 000000000075c9a0 [ 600.117320] R13: 000000000075c9a0 R14: 0000000000761c70 R15: 000000000075bfd4 [ 600.125926] Kernel Offset: disabled [ 600.129543] Rebooting in 86400 seconds..